2019-04-21

Latest news (20:00:03)

More Than 23 Million People Use the Password ‘123456’

Bearhouse shares a new study from the UK’s “National Cyber Security Centre,” which advises the public on computer security, about the world’s most-frequently cracked passwords. It’s probably no surprise to the Slashdot readership: people use bad passwords. A recent study of publicly-available “hacked” accounts — by the UK National Cyber Security Centre — reveals “123456” was top, followed by the much more secure “123456789” and hard-to-guess “qwerty”. If you’re a soccer (football) fan, then try “Liverpool” or “Chelsea” — they’ll work in more than half a million cases. Finally, for musicians, Metallica gets beaten down by 50cent, 140k to 190k respectively. The most common fictional names used as passwords were “superman” (333,139 users), “naruto” (242,749), “tigger” (237,290), “pokemon” (226,947), and “batman” (203,116). The organization recommends instead choosing three random words as a password — and also checking “password blacklists” that show passwords that have already been found in past data breaches. (Developers and sysadmins are also advised to implement these checks as part of their rules for which user passwords will be allowed.) The organization also released a file from the “Have I Been Pwned” site containing the top 100,000 passwords. So what are the top ten most-frequently used passwords? 123456123456789qwertypassword11111112345678abc1231234567password112345

Read more of this story at Slashdot.

2019-04-21T17:45:00+00:00 [Slashdot]

Quoting Alex Stamos

Lots of people calling for more aggressive moderation seem to imagine that if they yell enough the companies have a thoughtful, unbiased and nuance-understanding HAL 9000 they can deploy. It’s really more like the Censorship DMV.

Alex Stamos

2019-04-21T16:36:25+00:00 [Simon Willison’s Weblog]

Southwest Airlines Says They’ll Purchase ‘Hundreds’ More Boeing 737 Max Aircraft

Inc. magazine describes as “stunning” announcement from Southwest Airlines, “by far the biggest 737 Max customer in the United States, with 34 of the planes among its fleet, and plans for many more. ” Speaking at a chamber of commerce event in Dallas, Southwest chairman and CEO Gary Kelly said Southwest has no plans to abandon the 737 Max. In fact, he said it will purchase “hundreds” more 737 Max aircraft. “It’s a very good airplane, but Boeing has acknowledged that they’ve got some things they need to address with the software in that airplane,” Kelly said, according to the Dallas Business Journal. “It seems like it’s a relatively straight-forward modification. We’re obviously anxious to get the airplane back in service.” That’s it: all-in on the 737 Max. Or at least close to it… By flying just one aircraft, Southwest knows that almost any of its pilots can fly any of its planes. Its scheduling and maintenance tasks become a lot easier than for airlines with multiple types of aircraft. But it also means that ultimately, Southwest’s brand and its overall success are tied up with Boeing and the 737 in a way that few other airlines are. Marketwatch adds that in fact, major airlines “are hungry for fuel-efficient single-aisle aircraft such as the Max, and there’s a long backlog for the jet’s closest competitor, Airbus SE, analysts at Oxford Economics said in a note Thursday. “That will shield Boeing from a mass cancellation of orders,” the analysts said.

Read more of this story at Slashdot.

2019-04-21T16:34:00+00:00 [Slashdot]

Epic Games sperrt 1200 Spieler beim Fortnite World Cup

Sie sollen gemogelt haben: Der Spiele-Entwickler Epic Games hat über 1200 Teilnehmer des ersten Online-Turnier seines Spiels Fortnite gesperrt.

2019-04-21T17:35:00+02:00 [heise online News]

Fortnite World Cup: More than 1,200 Accounts Banned For Cheating

“Epic Games gave bans to more than 1,200 Fortnite accounts and revoked cash prizes that more than 200 players had won following Epic’s investigations of cheating in the first week of Fortnite’s World Cup Online Open,” reports Polygon: That cheater (whom Epic did not name) used the cheat software during the tournament’s semifinals. The account involved had played “for less than five minutes” before being discovered and banned, Epic said. The great majority of the other accounts sanctioned received two-week bans for their misconduct. Of them, 196 players forfeited their winnings after they were caught circumventing region locks to play in several regions. Epic said that will change the prize payouts for others in the tournament, but their improved finishes won’t be reflected on Fortnite’s in-game leaderboard. Nine prize winners lost their money for sharing accounts, and one winner’s earnings were vacated for teaming. Epic Games said it has added a “real-time teaming detection algorithm” to its competitive play. Teaming, in which players in a solo mode work cooperatively and create a competitive disadvantage for others, can get players banned even in competitive non-tournament play.

Read more of this story at Slashdot.

2019-04-21T15:34:00+00:00 [Slashdot]

Nach Bombenanschlägen am Ostersonntag: Sri Lanka blockiert soziale Medien

Nach einer Anschlagsserie blockiert die Regierung den Zugriff auf Messenger-Dienste und soziale Medien. Damit sollen Falschmeldungen eingedämmt werden.

2019-04-21T17:03:00+02:00 [heise online News]

How Facebook Mis-Captioned the Launch of a NASA Supply Rocket

An anonymous reader quotes Ars Technica: An Antares rocket built by Northrop Grumman launched on Wednesday afternoon, boosting a Cygnus spacecraft with 3.4 tons of cargo toward the International Space Station. The launch from Wallops Island, Virginia, went flawlessly, and the spacecraft arrived at the station on Friday. However, when NASA’s International Space Station program posted the launch video to its Facebook page on Thursday, there was a problem. Apparently the agency’s caption service hadn’t gotten to this video clip yet, so viewers with captions enabled were treated not just to the glory of a rocket launch, but the glory of Facebook’s automatically generated crazywords… Some of the captions are just hilariously bad. For example, when the announcer triumphantly declares, “And we have liftoff of the Antares NG-11 mission to the ISS,” the automatically generated caption service helpfully says, “And we have liftoff of the guitarist G 11 mission to the ice sets.” There’s more examples in the photos at the top of their article — for example, a caption stating that the uncrewed launch “had a phenomenal displaced people at 60 seconds,” and translating the phrase “TVC is nominal” to “phenomenal.” While the lift-off announcer does use what may be unfamiliar names for the rockets, along with other technical jargon, the article points out that YouTube’s auto-captioning of the same launch “seemed to have no problem with those bits of space argot.”

Read more of this story at Slashdot.

2019-04-21T14:34:00+00:00 [Slashdot]

KI erzeugt nonstop Death-Metal

Die künstliche Intelligenz Dadabots generiert Death-Metal und streamt ihre Musik live auf YouTube.

2019-04-21T16:27:00+02:00 [heise online News]

Mazda brings a new diesel CX-5 SUV to the US—but why?

You'd have to look carefully at the CX-5's badges to tell whether it was one of the new diesel-powered versions.

Enlarge / You’d have to look carefully at the CX-5’s badges to tell whether it was one of the new diesel-powered versions. (credit: Mazda)

When Mazda invited us to a roundtable discussion about powertrain technology at this year’s New York auto show, it was easy to say yes. After all, the company is responsible for a significant recent breakthrough in internal combustion engine technology. So you can imagine my surprise when it turned out the topic on Mazda’s mind was the introduction of its Skyactiv-D diesel engine to the North American market, under the hood of the (excellent) CX-5 SUV. Intrigued, I had to find out why the Japanese automaker was taking this step.

Diesel’s fall from grace

You can be forgiven for thinking that “diesel” was now a dirty word. For a while, this liquid hydrocarbon fuel looked like it might be an important tool in helping fight climate change. After all, diesel engines are much more efficient than ones that run gasoline, so you can drive further between filling stations and emit less CO2 while doing it. But CO2 isn’t the only problematic component of diesel exhaust. A more immediate danger posed by diesel exhaust is the soup of nitrogen oxides (NOx) and particulates that result as combustion products. While CO2 will wreck our climate in the coming decades, NOx damages peoples’ lungs today. And it’s NOx that’s responsible for diesel’s fall from grace.

Or, more accurately, it’s been the widespread lying by industry to regulators about the exact amounts of NOx emissions from their cars. The most well-known culprit has been Volkswagen Group. In 2015 it got caught lying to federal regulators in the US and the penalties have been stiff. Executives have been prosecuted. Hundreds of thousands of cars have had to be bought back from owners, billions of dollars in fines were levied, and an entirely new business plan had to be created to rapidly electrify one of the three biggest car companies in the world by the middle of the next decade.

Read 9 remaining paragraphs | Comments

[Link] [Ars Technica]

Kaufberatung Gaming-Monitore: Displays zum Zocken

Wir zeigen, was man beim Kauf eines Monitors für Spieler beachten sollte, stellen Panel-Typen vor und besprechen, welche Add-ons man wirklich braucht.

2019-04-21T16:03:00+02:00 [heise online News]

A Secret Server For the Dead MMO ‘City of Heroes’ Has Players In an Uproar

eatmorekix quotes Vice: In 2012, Paragon Studios announced it was shutting down City of Heroes, a massively multiplayer online game where a community of players created their own superheroes, went on adventures together, and formed lasting friendships. The news was crushing to the game’s devoted community because they could no longer play and hang out in the virtual space they loved, and today, years after the game’s shutdown, the community is in an uproar again. As Massivelyop first reported, a group of City of Heroes players called the Secret Cabal of Reverse Engineers (SCORE) had created their own, private server where they could continue to play the game for the last six years, but kept it relatively secret. “I like the rest of you have been lied to,” Reddit user avoca wrote in a thread titled “BE ANGRY” on the City of Heroes subreddit. “I have been told City of Heroes has been shutdown. Today, I learn I have been mistaken. For all of these years, City of Heroes has lived on. In secret. For every passing day and every withdrawal symptom, a person is playing on this secret server, and they are gaining xp, leveling up, performing task forces and forming supergroups.” In 2004 the game’s lead designer answered questions from Slashdot’s reader. 15 years, a member of the emulator team tells Massivelyop that they’d tried to keep their City of Heroes server a secret for over six years because they were worried about getting a cease and desist notice from the game’s publishers.

Read more of this story at Slashdot.

2019-04-21T13:34:00+00:00 [Slashdot]

Huawei laut CIA von chinesischer Regierung finanziert

Der US-Geheimdienst CIA hat Huawei vorgeworfen, mit der chinesischen Regierung zusammenzuarbeiten, und rät Militärs von Huawei-Infrastruktur ab.

2019-04-21T15:29:00+02:00 [heise online News]

Hanna TV adaptation sacrifices magic of original film for typical teen angst

Esme Creed-Miles plays the titular teen assassin in Amazon Prime's new series, <em>Hanna</em>.

Enlarge / Esme Creed-Miles plays the titular teen assassin in Amazon Prime’s new series, Hanna. (credit: YouTube/Amazon Prime)

An isolated teenaged girl genetically engineered to be an assassin must elude rogue CIA agents intent on terminating her in Hanna, Amazon’s adaption of the 2011 film of the same name. It’s a gritty, competent thriller, with strong performances from a talented cast, and has already been renewed for a second season. The problem is that no matter how much one tries to separate the series from the film, comparisons are inevitable. And in almost all respects, the TV adaptation comes up short.

(Some spoilers for the series and the 2011 film below.)

Not everyone was a fan of Director Joe Wright’s original film, with its strange mix of espionage and dark coming-of-age fairytale. But it’s one of my recent favorites for precisely those elements, driven by an exquisitely unsettling performance by Saoirse Ronan in the titular role. Ronan had this otherworldly presence of untouched innocence, combined with a ruthless hunter’s instinct, as we saw in the very first scene when she kills and dresses a deer with just a bow and arrow and a hunting knife.

Read 7 remaining paragraphs | Comments

[Link] [Ars Technica]

Hannah TV adaptation sacrifices magic of original film for typical teen angst

Esme Creed-Miles plays the titular teen assassin in Amazon Prime's new series, <em>Hannah</em>.

Enlarge / Esme Creed-Miles plays the titular teen assassin in Amazon Prime’s new series, Hannah. (credit: YouTube/Amazon Prime)

An isolated teenaged girl genetically engineered to be an assassin must elude rogue CIA agents intent on terminating her in Hannah, Amazon’s adaption of the 2011 film of the same name. It’s a gritty, competent thriller, with strong performances from a talented cast, and has already been renewed for a second season. The problem is that no matter how much one tries to separate the series from the film, comparisons are inevitable. And in almost all respects, the TV adaptation comes up short.

(Some spoilers for the series and the 2011 film below.)

Not everyone was a fan of Director Joe Wright’s original film, with its strange mix of revenge thriller and dark coming-of-age fairytale. But it’s one of my recent favorites for precisely those elements, driven by an exquisitely unsettling performance by Saoirse Ronan in the titular role. Ronan had this otherworldly presence of untouched innocence, combined with a ruthless hunter’s instinct, as we saw in the very first scene when she kills and dresses a deer with just a bow and arrow and a hunting knife.

Read 7 remaining paragraphs | Comments

[Link] [Ars Technica]

Happy 30th B-Day, Game Boy: Here are six reasons why you’re #1



Thirty years ago this week, Nintendo released the Game Boy, its first handheld video game console. Excited Japanese customers snatched up the innovative monochrome handheld by the thousands, which retailed for 12,500 yen (about $94 at 1989 rates) at launch—a small price to pay for what seemed to be an NES in your pocket. Nintendo initially offered four games for the new Game Boy: Super Mario Land, Baseball, Alleyway, and Yakuman (a mahjong game), but the number of available titles quickly grew into the hundreds.

Later that year, the Game Boy hit the US at $89.99 with a secret weapon—Tetris as its pack-in game. Selling over a million units during the first Christmas season, the Game Boy proved equally successful in the US, and that success was by no means short-lived: to date, Nintendo has sold 118.69 million units of the original Game Boy line (not including Game Boy Advance) worldwide, making it the longest running dynasty in the video game business. So in honor of the Game Boy’s twentieth (Editor’s note: now thirtieth!) anniversary, we give you six reasons why the Game Boy dominated the handheld video game market during most of its astounding multi-decade run.

1. Tetris

It’s common pop-marketing knowledge these days that every new hardware platform needs a “killer app” to truly succeed. In the Game Boy’s case, Tetris filled that role perfectly.

Read 14 remaining paragraphs | Comments

[Link] [Ars Technica]

30 Jahre Game Boy – der minimalistische Klassiker

Nintendos erster Game Boy wurde einer der meistverkauften Handhelds, was auch an den Spielen lag. Bis heute fasziniert er Gamer, Chiptuner und Künstler.

2019-04-21T14:09:00+02:00 [heise online News]

Smartphone-Hersteller Yota Devices ist pleite

Nach rechtlichen Streitigkeiten mit einem Zulieferer ist der Smartphone-Hersteller Yota Devices insolvent. Markenzeichen waren rückseitige E-Ink-Displays.

2019-04-21T14:03:00+02:00 [heise online News]

“Natural” bottled water has natural arsenic contamination, testing finds

Water can pick up arsenic from geological, agricultural, or industrial sources.

Enlarge / Water can pick up arsenic from geological, agricultural, or industrial sources. (credit: Getty | Nurphoto)

Several brands of bottled water contain concerning levels of arsenic contamination, according to an investigation by Consumer Reports.

The worst offenders in the report were Starkey, a brand owned by Whole Foods and marketed as water in its “natural state,” and Peñafiel, owned by Keurig Dr Pepper and imported from Mexico.

Samples of Peñafiel tested by CR had arsenic levels that averaged 18.1 parts per billion, well above the federal allowable limit of 10ppb set by the Food and Drug Administration. Testing of Whole Foods’ Starkey Water revealed levels at or just a smidge below federal limits, with results ranging from 9.48 ppb to 10.1 ppb.

Read 8 remaining paragraphs | Comments

[Link] [Ars Technica]

Tchap: Frankreichs (nicht so) exklusiver Regierungschat

Die französische Regierung hat für die interne Kommunikation den Messenger Tchap als WhatsApp-Alternative entwickeln lassen. Zum Start gibts einen Fauxpas.

2019-04-21T13:06:00+02:00 [heise online News]

Did Google Sabotage Firefox and IE?

Firefox’s former VP accused Google of sabotaging Firefox — for example, when Gmail and Google Docs “started to experience selective performance issues and bugs on Firefox” and demo sites “would falsely block Firefox as ‘incompatible’… There were dozens of oopses. Hundreds maybe… [W]hen you see a sustained pattern of ‘oops’ and delays from this organization — you’re being outfoxed.” Now Nightingale’s accusations have stirred up some follow-up from technology reporters. An anonymous reader shares a blog post by ZDNet security reporter Catalin Cimpanu: Nightingale is not the first Firefox team member to come forward and make such accusations. In July 2018, Mozilla Program Manager Chris Peterson accused Google of intentionally slowing down YouTube performance on Firefox. He revealed that both Firefox and Edge were superior when loading YouTube content when compared to Chrome, and in order to counteract this performance issue, Google switched to using a JavaScript library for YouTube that they knew wasn’t supported by Firefox. At this point, it’s very hard not to believe or take Nightingale’s comments seriously. Slowly but surely, Google is becoming the new Microsoft, and Chrome is slowly turning into the new IE, an opinion that more and more users are starting to share. On Twitter, a senior editor at the Verge added “Google did a lot of ‘oops’ accidents to Windows Phone, too. Same pattern of behavior with its services and Edge. Oopsy this, oopsy that.” The site MSPowerUser also shares a similar story from former Microsoft Edge intern, Joshua Bakita. “I very recently worked on the Edge team, and one of the reasons we decided to end EdgeHTML was because Google kept making changes to its sites that broke other browsers, and we couldn’t keep up.” Meanwhile, Computerworld argues that data “backs up Nightingale’s admission, to a point.” [I]f Google monkey business contributed to Firefox’s fall, it must have really damaged Microsoft’s IE. During the time it took Chrome to replace Firefox as the No. 2 browser, Firefox lost just 9% of its user share, while IE shed 22%. And Chrome’s most explosive growth - which began in early 2016 - didn’t come at Firefox’s expense; instead, it first hollowed out IE, then suppressed any potential enthusiasm for the follow-on Edge. Chrome didn’t reach its current place — last month capturing nearly 68% of all browser activity — by raiding Firefox. It did it by destroying IE. Oops.

Read more of this story at Slashdot.

2019-04-21T10:34:00+00:00 [Link] [Slashdot]

Bundeswehr: Soldaten haben oft kein WLAN zum privaten Surfen

Bis 2020 sollen alle Soldaten in ihren Unterkünften privat einen WLAN-Zugang nutzen können. Davon ist die Bundeswehr derzeit jedoch noch weit entfernt.

2019-04-21T12:17:00+02:00 [heise online News]

A mystery agent is doxing Iran’s hackers and dumping their code

Stylized photo of desktop computer.

Enlarge (credit: Lino Mirgeler/picture alliance via Getty Images)

Nearly three years after the mysterious group called the Shadow Brokers began disemboweling the NSA’s hackers and leaking their hacking tools onto the open Web, Iran’s hackers are getting their own taste of that unnerving experience. For the last month, a mystery person or group has been targeting a top Iranian hacker team, dumping its secret data, tools, and even identities onto a public Telegram channel—and the leak shows no signs of stopping.

Since March 25, a Telegram channel called Read My Lips or Lab Dookhtegan—which translates from Farsi as “sewn lips”—has been systematically spilling the secrets of a hacker group known as APT34 or OilRig, which researchers have long believed to be working in service of the Iranian government. So far, the leaker or leakers have published a collection of the hackers’ tools, evidence of their intrusion points for 66 victim organizations across the world, the IP addresses of servers used by Iranian intelligence, and even the identities and photographs of alleged hackers working with the OilRig group.

“We are exposing here the cyber tools (APT34 / OILRIG) that the ruthless Iranian Ministry of Intelligence has been using against Iran’s neighboring countries, including names of the cruel managers, and information about the activities and the goals of these cyber-attacks,” read the original message posted to Telegram by the hackers in late March. “We hope that other Iranian citizens will act for exposing this regime’s real ugly face!”

Read 10 remaining paragraphs | Comments

[Link] [Ars Technica]

Malware-Angriff legt US-Wettersender zeitweise lahm

Der US-amerikanische Wetterkanal The Weather Channel musste am Donnerstag seine Sendung unterbrechen. Er hatte sich einen Erpressungstrojaner eingefangen.

2019-04-21T11:23:00+02:00 [heise online News]

Jugendschutz: Familienministerin Giffey will klare Altersempfehlungen für Apps

Ein neues Jugendmedienschutzgesetz soll Altersangaben für Apps transparenter machen und die Anbieter stärker in die Pflicht nehmen.

2019-04-21T10:43:00+02:00 [heise online News]

Spiral Aurora over Icelandic Divide

Admire the beauty but fear the beast. The beauty is the aurora overhead, here taking the form of great green spiral, seen between picturesque clouds with the bright Moon to the side and stars in the background. The beast is the wave of charged particles that creates the aurora but might, one day, impair civilization. In 1859, following notable auroras seen all across the globe, a pulse of charged particles from a coronal mass ejection (CME) associated with a solar flare impacted Earth’s magnetosphere so forcefully that they created the Carrington Event. A relatively direct path between the Sun and the Earth might have been cleared by a preceding CME. What is sure is that the Carrington Event compressed the Earth’s magnetic field so violently that currents were created in telegraph wires so great that many wires sparked and gave telegraph operators shocks. Were a Carrington-class event to impact the Earth today, speculation holds that damage might occur to global power grids and electronics on a scale never yet experienced. The featured aurora was imaged in 2016 over Thingvallavatn Lake in Iceland, a lake that partly fills a fault that divides Earth’s large Eurasian and North American tectonic plates.

[Astronomy Picture of the Day]

011420

[Userfriendly]

Bitcoin Couldn’t Hide Russia’s Operatives From Mueller’s Investigation

“Russian operatives used cryptocurrency at almost every stage in their online efforts to interfere in the 2016 U.S. presidential election, according to Special Counsel Robert Mueller’s final report on his investigation.” So says CNN, adding that “Systems used in the hacking of the Democratic Party were paid for using Bitcoin, as were online hosting services that supported websites which published hacked materials and were used in the targeting of disinformation at American voters.” The Russian operatives (a.k.a. the Fancy Bear team) withdrew funds from both the CEX.io and BTC-e.com cryptocurrency exchanges to fund domain purchases, server rentals, and VPN services, reports Draconi, Slashdot reader #38,078. He’s correlated the Mueller report with the Bitcoin blockchain addresses referenced (indirectly) in two indictments brought by America’s Department of Justice — one for interference in the 2016 U.S. Presidential Election, and one for the public leak of Olympic drug-testing results — and shared the results of his investigation with CNN. CNN reports: Russian agents, including those from the GRU, Russia’s military intelligence agency, had sought to, as the Mueller indictment of GRU agents last July outlined, “capitalize on the perceived anonymity of cryptocurrencies.” But while Bitcoin allowed Russians to “avoid direct relationships with traditional financial institutions, allowing them to evade greater scrutiny of their identities and sources of funds,” according to the same indictment, it wasn’t enough to evade Mueller’s investigation. Tim Cotten, a blockchain developer and security researcher who has done extensive work in tracking Russian Bitcoin accounts unearthed by Mueller’s team, noted in an interview with CNN Business that trading Bitcoins on exchanges usually requires users to set up Bitcoin wallets that are tied to an email address. Federal investigators were able to access at least some of the email accounts used in the operation, which, Cotten says, would have made tracing Bitcoin transactions a lot easier. Investigators’ access to the “the other side of the blockchain equation,” as he described it, was important because, “Rather than having to search the blockchain for clues, they already had all of the receipts demonstrating which accounts were under the GRU’s control.” The Russians used stolen and false identities in setting up some of these accounts, according to Mueller’s team, but had used some of the same accounts to purchase servers and website domains involved in the hacking of the Democratic Party and the publishing of the hacked materials, Mueller’s indictment outlines. That, Cotten said, would have made it easier for investigators to tie the case together. “The purchase trails are fully exposed in the Bitcoin blockchain as funds are used, consolidated, and deposited into secondary online wallets such as SpectroCoin.com and Xapo.com,” Cotten writes on his site. “Anyone can follow along and trace the payment chains to see exactly how the Russians were spending their money, when, and on what.”

Read more of this story at Slashdot.

2019-04-21T07:34:00+00:00 [Link] [Slashdot]

Never Ask About The Sigh

[Dilbert]

2019-04-21

[Garfield]

6aafcf30278701378982005056a9545d

[Calvin & Hobbes]

Explosion bei Test der SpaceX-Raumfähre Crew Dragon

Bei Tests des Rettungssystems der Raumfähre Crew Dragon hat sich am Samstag ein Unfall ereignet. Das verzögert bemannte SpaceX-Flüge.

2019-04-21T08:47:00+02:00 [heise online News]

Dem normalen Netzbürger muss man etwas Technik zumuten, aber nicht zu viel. Sollten Spezialisten manche Entscheidungen für ihn treffen – oder gar der Staat?

2019-04-21T08:30:00+02:00 [heise online News]

‘Pi VizuWall’ Is a Beowulf Cluster Built With Raspberry Pi’s

Why would someone build their own Beowulf cluster — a high-performance parallel computing prototype — using 12 Raspberry Pi boards? It’s using the standard Beowulf cluster architecture found in about 88% of the world’s largest parallel computing systems, with an MPI (Message Passing Interface) system that distributes the load over all the nodes. Matt Trask, a long-time computer engineer now completing his undergraduate degree at Florida Atlantic University, explains how it grew out of his work on “virtual mainframes”: In the world of parallel supercomputers (branded ‘high-performance computing’, or HPC), system manufacturers are motivated to sell their HPC products to industry, but industry has pushed back due to what they call the “Ninja Gap”. MPI programming is hard. It is usually not learned until the programmer is in grad school at the earliest, and given that it takes a couple of years to achieve mastery of any particular discipline, most of the proficient MPI programmers are PhDs. And this, is the Ninja Gap — industry understands that the academic system cannot and will not be able to generate enough ‘ninjas’ to meet the needs of industry if industry were to adopt HPC technology. As part of my research into parallel computing systems, I have studied the process of learning to program with MPI and have found that almost all current practitioners are self-taught, coming from disciplines other than computer science. Actual undergraduate CS programs rarely offer MPI programming. Thus my motivation for building a low-cost cluster system with Raspberry Pis, in order to drive down the entry-level costs. This parallel computing system, with a cost of under $1000, could be deployed at any college or community college rather than just at elite research institutions, as is done [for parallel computing systems] today. The system is entirely open source, using only standard Raspberry Pi 3B+ boards and Raspbian Linux. The version of MPI that is used is called MPICH, another open-source technology that is readily available. But there’s an added visual flourish, explains long-time Slashdot reader iamacat. “To visualize computing, each node is equipped with a servo motor to position itself according to its current load — lying flat when fully idle, standing up 90 degrees when fully utilized.” Its data comes from the /proc filesystem, and the necessary hinges for this prototype were all generated with a 3D printer. “The first lesson is to use CNC’d aluminum for the motor housings instead of 3D-printed plastic,” writes Trask. “We’ve seen some minor distortion of the printed plastic from the heat generated in the servos.”

Read more of this story at Slashdot.

2019-04-21T04:34:00+00:00 [Link] [Slashdot]

Losung

Osterfest

Weh dem, der mit seinem Schöpfer hadert, eine Scherbe unter irdenen Scherben! Spricht denn der Ton zu seinem Töpfer: Was machst du?

Jesaja 45,9

Ist jemand in Christus, so ist er eine neue Kreatur; das Alte ist vergangen, siehe, Neues ist geworden.

2. Korinther 5,17

‘How the Boeing 737 Max Disaster Looks to a Software Developer’

Slashdot reader omfglearntoplay shared this article from IEEE’s Spectrum. In “How the Boeing 737 Max Disaster Looks to a Software Developer,” pilot (and software executive) Gregory Travis argues Boeing tried to avoid costly hardware changes to their 737s with a flawed software fix — specifically, the Maneuvering Characteristics Augmentation System (or MCAS): It is astounding that no one who wrote the MCAS software for the 737 Max seems even to have raised the possibility of using multiple inputs, including the opposite angle-of-attack sensor, in the computer’s determination of an impending stall. As a lifetime member of the software development fraternity, I don’t know what toxic combination of inexperience, hubris, or lack of cultural understanding led to this mistake. But I do know that it’s indicative of a much deeper problem. The people who wrote the code for the original MCAS system were obviously terribly far out of their league and did not know it. So Boeing produced a dynamically unstable airframe, the 737 Max. That is big strike No. 1. Boeing then tried to mask the 737’s dynamic instability with a software system. Big strike No. 2. Finally, the software relied on systems known for their propensity to fail (angle-of-attack indicators) and did not appear to include even rudimentary provisions to cross-check the outputs of the angle-of-attack sensor against other sensors, or even the other angle-of-attack sensor. Big strike No. 3… None of the above should have passed muster. None of the above should have passed the “OK” pencil of the most junior engineering staff… That’s not a big strike. That’s a political, social, economic, and technical sin… The 737 Max saga teaches us not only about the limits of technology and the risks of complexity, it teaches us about our real priorities. Today, safety doesn’t come first — money comes first, and safety’s only utility in that regard is in helping to keep the money coming. The problem is getting worse because our devices are increasingly dominated by something that’s all too easy to manipulate: software…. I believe the relative ease — not to mention the lack of tangible cost — of software updates has created a cultural laziness within the software engineering community. Moreover, because more and more of the hardware that we create is monitored and controlled by software, that cultural laziness is now creeping into hardware engineering — like building airliners. Less thought is now given to getting a design correct and simple up front because it’s so easy to fix what you didn’t get right later. The article also points out that “not letting the pilot regain control by pulling back on the column was an explicit design decision. Because if the pilots could pull up the nose when MCAS said it should go down, why have MCAS at all? “MCAS is implemented in the flight management computer, even at times when the autopilot is turned off, when the pilots think they are flying the plane.”

Read more of this story at Slashdot.

2019-04-21T01:34:00+00:00 [Link] [Slashdot]

‘Some Cheers, A Few Sneers For Google’s URL Solution For AMP’

The Verge explains what all the commotion is about: AMP stands for “Accelerated Mobile Pages,” and you’ve probably noticed that those pages load super quickly and usually look much simpler than regular webpages. You may have also noticed that the URL at the top of your browser started with “www.google.com/somethingorother” instead of with the webpage you thought you were visiting. Google is trying to fix that by announcing support for something called “Signed Exchanges.” What it should mean is that when you click on one of those links, your URL will be the original, correct URL for the story. Cloudflare is joining Google in supporting the standard for customers who use its services. In order for this thing to work, every step in the chain of technologies involved in loading the AMP format has to support Signed Exchanges, including your browser, the search engine, and the website that published the link. Right now, that means the URL will be fixed only when a Chrome browser loads a Google search link to a published article that has implemented support. Mozilla’a official position on signed exchanges is they’re “harmful,” arguing in a 51-page position paper that there’s both security and privacy considerations. Pierre Far, a former Google employee, posted on Twitter that the change “breaks many assumptions about how the web works,” and that in addition, “Google is acting too quickly. Other browsers and internet stakeholders have well-founded concerns, and the correct mechanism to address them is the standardization process. Google skipped all that. Naughty.” Jeffrey Yaskin, from Chrome’s web platform team, even acknowledged that criticism with a tweet of his own. “I think it’s fair to say we’re pushing it. The question is our motives, which I claim is to improve the web rather than to ‘all your base’ it, but I would say that either way.” Search Engine Land cited both tweets, and shared some concerns of their own. “The compromise we have to consider before getting on board with Signed HTTP Exchanges is whether we’re willing to allow a third party to serve up our content without users being able to tell the difference. “If we, as digital marketers, want to influence the conventions of our future work environment, we’ll have to decide if the gains are enough to disrupt long-standing assumptions of how websites are delivered. If so, we’ll also have to cede the ability to judge user intent over to Google and swallow the fact that it skipped over the standardization process to implement a process that one of its own created.”

Read more of this story at Slashdot.

2019-04-20T23:34:00+00:00 [Link] [Slashdot]

Smoke ‘Seen For Miles’ as SpaceX Crew Dragon Suffers Anomaly at Cape Canaveral

An anonymous reader quotes Florida Today: A SpaceX Crew Dragon capsule suffered an anomaly during a routine test fire at Cape Canaveral Air Force Station Saturday afternoon, the 45th Space Wing confirmed today. “On April 20, 2019, an anomaly occurred at Cape Canaveral Air Force Station during the Dragon 2 static test fire,” Wing Spokesman Jim Williams told FLORIDA TODAY. “The anomaly was contained and there were no injuries.” SpaceX’s Crew Dragon, also referred to as Dragon 2, is designed to take humans to the International Space Station and successfully flew for the first time in March. The company was planning to launch a crewed version of the spacecraft no earlier than July, but was also planning an in-flight abort test, or a demonstration of its life-saving abort capabilities, sometime before then. That reporter has now also tweeted an official statement from SpaceX. “Earlier today, SpaceX conducted a series of engine tests on a Crew Dragon test vehicle on our test stand at Landing Zone 1 in Cape Canaveral. The initial tests completed successfully but the final test resulted in an anomaly on the test stand. “Ensuring that our systems meet rigorous safety standards and detecting anomalies like this prior to flight are the main reasons why we test. Our teams are investigating and working closely with our NASA partners.”

Read more of this story at Slashdot.

2019-04-20T22:41:00+00:00 [Slashdot]

SpaceX’s Crew Dragon spacecraft had an anomaly during tests Saturday

Following a successful demonstration mission of its Crew Dragon spacecraft in March, SpaceX has been preparing that vehicle for a critical launch abort test this summer. During this upcoming test flight, the Dragon will launch from Florida on a Falcon 9 booster before firing its powerful SuperDraco engines to show that the spacecraft can pull itself safely away from the rocket in case of a problem with the booster.

On Saturday, as part of preparations for this abort test, the company experienced some sort of anomaly. According to a company spokesperson: “Earlier today, SpaceX conducted a series of engine tests on a Crew Dragon test vehicle on our test stand at Landing Zone 1 in Cape Canaveral, Florida. The initial tests completed successfully but the final test resulted in an anomaly on the test stand. Ensuring that our systems meet rigorous safety standards and detecting anomalies like this prior to flight are the main reasons why we test. Our teams are investigating and working closely with our NASA partners.”

It is not immediately clear how significantly this incident will affect SpaceX as it works toward Dragon’s first crewed mission, which will carry astronauts Doug Hurley and Bob Behnken to the International Space Station. Previously, sources have said that flight could occur by about October under ideal conditions. If the problems were serious, Saturday’s accident may substantially delay this schedule—although in the past SpaceX has shown a propensity to rapidly diagnose failures and return to flight quickly, with just 4.5 months of downtime after a rocket failure in September 2016.

Read 4 remaining paragraphs | Comments

[Link] [Ars Technica]

Was war. Was wird. ad nebulam per aspera

Worüber man nicht sprechen kann, darüber muss man schweigen. Bevor er aber sprachlos den Frühling genießt, hat Hal Faber aber schon noch was zu sagen.

2019-04-21T00:09:00+02:00 [heise online News]

2019-04-20

Erlang Creator Joe Armstrong Has Died

Rogers Cadenhead (Slashdot reader #4,482) writes: Joe Armstrong, the computer scientist best known as one of the creators of the Erlang programming language, died Saturday. Erlang Solutions founder Francesco Cesarini shared the news on Twitter and said, “His work has laid the foundation which will be used by generations to come. RIP @joeerl, thank you for inspiring us all.” Erlang was created by Armstrong, Robert Virding and Mike Williams at the Ericsson telecom company in 1986 and became open source 12 years later. It is known for functional programming, immutable data, code hot-swapping and systems that require insanely high levels of availability. In another Tweet, Cesarini asks people to share their own memories of Armstrong — ” funny, enlightening or plain silly.” And Ulf Wiger, who describes himself as an Erlang old-timer, remembered giving a talk about how to avoid projects dominated by mediocrity. “I used Joe as an example of a ‘brilliant developer, but hard to fit into a regular project.’” Joe had replied, “I am very EASY to fit into regular projects! It’s just that so few projects are regular…”

Read more of this story at Slashdot.

2019-04-20T21:34:00+00:00 [Slashdot]

The CIA Accuses Huawei Of Being Secretly Funded By China’s State Intelligence

“U.S. intelligence has accused Huawei Technologies of being funded by Chinese state security, The Times said on Saturday.” Long-time Slashdot reader hackingbear shares a story from Reuters: The CIA accused Huawei of receiving funding from China’s National Security Commission, the People’s Liberation Army and a third branch of the Chinese state intelligence network, the British newspaper reported, citing a source. Earlier this year, U.S. intelligence shared its claims with other members of the Five Eyes intelligence-sharing group, which includes Britain, Australia, Canada and New Zealand, according to the report… The accusation comes at a time of trade tensions between Washington and Beijing and amid concerns in the United States that Huawei’s equipment could be used for espionage. The company has said the concerns are unfounded… top educational institutions in the West have recently severed ties with Huawei to avoid losing federal funding.

Read more of this story at Slashdot.

2019-04-20T20:34:00+00:00 [Slashdot]

An Interstellar Meteor May Have Hit Earth

Two Harvard researchers believe a small meteor that struck earth in 2014 was from another solar system, saying it’s “like getting a message in a bottle from a distant location.” CNN reports: Dr. Abraham Loeb, the chair of the Department of Astronomy at Harvard University, and his co-author Amir Siraj, studied the velocity of objects entering the Earth’s atmosphere, which can be used to predict whether the object was traveling in relation to our sun’s orbit… Of the three fastest objects on record, the fastest was clearly bound to our sun. The third-fastest couldn’t be clearly categorized. But the second-fastest, Loeb says, bore all the hallmarks of being literally out of this solar system. “At this speed, it takes tens of thousands of years for a object to move from one star to another,” he says. Since they don’t know exactly where it originated, they can’t say exactly how old it is, but it could be downright ancient. “To cross the galaxy it would take hundreds of millions of years.” Of all of the possibilities wrapped up in this relatively small object, perhaps the most exciting is the idea that, theoretically, interstellar objects could carry life from other solar systems. “Most importantly, there is a possibility that life could be transferred between stars,” Loeb says. “In principle, life could survive in the core of a rock. Either bacteria, or tardigrades (a microscopic, water-dwelling animal); they can survive harsh conditions in space and arrive right to us…” [A]lthough the object detailed in this paper is the first recorded interstellar meteor to hit Earth, the study estimates such objects enter earth’s atmosphere every ten years or so, which means there could be a million different interstellar objects floating around our solar system, just waiting to be examined.

Read more of this story at Slashdot.

2019-04-20T19:34:00+00:00 [Link] [Slashdot]

Canada Civil Liberties Group Argues Toronto Shouldn’t Be ‘Google’s Lab Rat’

“A civil liberties group in Canada is suing three tiers of government over potential privacy issues posed by Sidewalk Labs’s plan to develop a 12-acre smart city in Toronto, which will be approved or denied later this summer,” reports Fast Company. The fight centers around a taxpayer-funded organization jointly created by the federal, provincial, and municipal governments: The Canadian Civil Liberties Association claims that Waterfront Toronto, let alone Sidewalk Labs, doesn’t have the jurisdiction to make rules about people’s privacy. The government “sold out our constitutional rights to freedom from surveillance and sold it to the global surveillance mammoth of behavioral data collection: Google,” said Michael Bryant, the executive director and general counsel of the CCLA, in a press conference…. “Our job at the Canadian Civil Liberties Association is to say to all three levels of government that Canadians should not be Google’s lab rat. This lab needs to be shut down and reset….” Ann Cavoukian, the former Information and Privacy Commissioner for the Canadian province of Ontario who joined the project early, quit in October 2018. The reason? Sidewalk Labs had decided not to require that all data collected by third parties in the development be instantly de-identified at the source, which would mean that sensitive data like people’s faces or license plates could still potentially be used for corporate profit. “I knew the smart city of privacy wasn’t going to happen,” she says. “That’s why I resigned: I said, I can’t go along with it….” “If I was still involved, I’d want more decentralized models of data where the individual could truly retain control of the data,” she says, citing a new, privacy-centric model from the web’s father, Tim Berners-Lee, to decentralize the web and take back control from the corporations that run it. In a statement Sidewalk Labs said they favor a data trust run by an independent third party partnering with the government to benefit the community and “spur innovation and investment” while protecting privacy. “Sidewalk Labs fully supports a robust and healthy discussion regarding privacy, data ownership, and governance. But this debate must be rooted in fact, not fiction and fear-mongering.” But the CCLA’s web site argues that unlawful surveillance “is wrong whether done by data profiteers or the state.” The article also quotes their general counsel’s complaint that the government has “outsourced our privacy rights and the supervision of our privacy rights and our surveillance to the very company that’s doing the surveillance.”

Read more of this story at Slashdot.

2019-04-20T18:34:00+00:00 [Link] [Slashdot]

DSA-4434 drupal7

security update

2019-04-20 [Debian Security]

Corporate Surveillance: When Employers Collect Data on Their Workers

An anonymous reader quotes CNBC: The emergence of sensor and other technologies that let businesses track, listen to and even watch employees while on company time is raising concern about corporate levels of surveillance… Earlier this year, Amazon received a patent for an ultrasonic bracelet that can detect a warehouse worker’s location and monitor their interaction with inventory bins by using ultrasonic sound pulses. The system can track when and where workers put in or remove items from the bins. An Amazon spokesperson said the company has “no plans to introduce this technology” but that, if implemented in the future, could free up associates’ hands, which now hold scanners to check and fulfill orders. Walmart last year patented a system that lets the retail giant listen in on workers and customers. The system can track employee “performance metrics” and ensure that employees are performing their jobs efficiently and correctly by listening for sounds such as rustling of bags or beeps of scanners at the checkout line and can determine the number of items placed in bags and number of bags. Sensors can also capture sounds from guests talking while in line and determine whether employees are greeting guests. Walmart spokesman Kory Lundberg said the company doesn’t have any immediate plans to implement the system. Logistics company UPS has been using sensors in their delivery trucks to track usage to make sure drivers are wearing seat belts and maintenance is up to date. Companies are also starting to analyze digital data, such as emails and calendar info, in the hopes of squeezing more productivity out of their workers. Microsoft’s Workplace Analytics lets employers monitor data such as time spent on email, meeting time or time spent working after hours. Several enterprises, including Freddie Mac and CBRE, have tested the system. A senior staff attorney for the EFF argues that new consumer privacy laws may not apply to employees. The article also cites a recent survey by Accenture in which 62% of executives “said their companies are using new technologies to collect data on people — from the quality of work to safety and well-being” — even though “fewer than a third said they feel confident they are using the data responsibly.” Yet the leader of Accenture’s talent and organization practice argues that workforce data “could boost revenue by 6.4%. This has encouraged workers to be open to responsible use of data, but they want to know that they will get benefits and return on their time.”

Read more of this story at Slashdot.

2019-04-20T17:34:00+00:00 [Link] [Slashdot]

America Reports Its First Cases of A Fungus Resistant To All Major Drugs

An anonymous reader quotes the New York Times: About 90 percent of C. auris strains are resistant to at least one drug, and 30 percent are resistant to two or more of the three major classes of antifungal drugs. However, on Tuesday, the C.D.C. confirmed that it has learned in the last month of the first known cases in the United States of so-called “pan-resistant” C. auris — a strain resistant to all major antifungals, said Dr. Tom Chiller, head of the agency’s fungal division, in an interview. Such cases have been seen in several countries, including India and South Africa, but the two new cases, from New York State, have not been reported previously. Dr. Chiller said that it appeared that, in each case, the germ evolved during treatment and became pan-resistant, confirming a fear that the infection will continue to develop more effective defenses. “It’s happening and it’s going to happen,” Dr. Chiller said. “That’s why we need to remain vigilant and rapidly identify and control these infections.” It often has been hard to gather details about the path of C. auris because hospitals and nursing homes have been unwilling to publicly disclose outbreaks or discuss cases, creating a culture of secrecy around the infection. States have kept confidential the locations of hospitals where outbreaks have occurred, citing patient confidentiality and a risk of unnecessarily scaring the public. In an interview with CBS News, the reporter stressed that while this was a serious issue, especially in hospitals, it’s not yet a threat to the general public: “The people who are susceptible are people with weakened immune systems, the infirm, older folks in hospitals,” Matt Richtel said. “So let me put the finest possible point on this: the general public walking down the street [is] not going to be felled by this. You’re not gonna get it walking to Walmart. You’re not going to get it in your house.”

Read more of this story at Slashdot.

2019-04-20T16:34:00+00:00 [Link] [Slashdot]

You’re not getting enough sleep—and it’s killing you

(GERMANY OUT) Schlaflosigkeit, Frau mit Wecker (Photo by Wodicka/ullstein bild via Getty Images)

Enlarge / (GERMANY OUT) Schlaflosigkeit, Frau mit Wecker (Photo by Wodicka/ullstein bild via Getty Images) (credit: Ullstein Bild | Getty Images)

The whole world is exhausted. And it’s killing us.

But particularly me. As I write this, I’m at TED 2019 in Vancouver, which is a weeklong marathon of talks and workshops and coffee meetings and experiences and demos and late-night trivia contests and networking, networking, networking. Meanwhile, I’m sick as a dog with a virus I caught from my 3-year-old, I’m on deadline for what feels like a bazillion stories, and I’m pregnant, which means I need coffee but can’t have too much, and need sleep but can only lay on my left side, and can’t breathe without sitting propped up with a pillow anyway, since I can’t safely take any cold medication.

According to neuroscientist Matthew Walker, I’m doing serious damage to my health—and life—by not sleeping enough.

Read 15 remaining paragraphs | Comments

[Link] [Ars Technica]

Mutwillige Zerstörung an US-College: 58.000 Dollar Schaden durch USB-Killer

Ein College-Absolvent aus Albany, New York, hat zugegeben, an seiner alten Hochschule 66 Rechner mit einem USB-Killer zerstört zu haben.

2019-04-20T17:37:00+02:00 [heise online News]

New Device Treats Childhood ADHD With Electric Pulses To Their Foreheads While They Sleep

An anonymous reader quotes CNN: The first medical device to treat childhood attention deficit hyperactivity disorder, or ADHD, was OK’d Friday by the U.S. Food and Drug Administration. Designated for children ages 7 to 12 who are not currently on medication for the disorder, the device delivers a low-level electrical pulse to the parts of the brain responsible for ADHD symptoms…. The pocket-sized device is connected by wire to a small adhesive patch placed on the child’s forehead above the eyebrows. Designed to be used at home while sleeping, it delivers a “tingling” electrical stimulation to branches of the cranial nerve that delivers sensations from the face to the brain. A clinical trial of 62 children showed that the Monarch external Trigeminal Nerve Stimulation System increases activity in the regions of the brain that regulate attention, emotion and behavior, all key components of ADHD. Compared to a placebo, children using the device had statistically significant improvement in their ADHD symptoms, the FDA said, although it could take up to four weeks to see improvement. Authors of the clinical trial called for additional research to examine if the response to treatment will last over time, and its potential impact on brain development with prolonged use…. The device was previously approved for the treatment of epilepsy and depression in Europe and Canada. Studies at UCLA found the stimulation decreased seizure activity by inhibiting overactive neurons in one section of the brain, while stimulating blood flow in the areas that control mood, attention and executive function. CNN reports that the manufacturer’s web site says the device costs around $1,000 — and is not covered by insurance. The FDA added that common side effects could include headache, teeth clenching, and trouble sleeping (as well as fatigue and sleepiness).

Read more of this story at Slashdot.

2019-04-20T15:34:00+00:00 [Link] [Slashdot]

Weekend stable kernel updates

The 5.0.9, 4.19.36, 4.14.113, and 4.9.170 stable kernel updates have all been released. These moderately large updates contain yet another set of important fixes.

2019-04-20T14:50:37+00:00 [LWN.net]

Windows 7 und die April-Updates: Auch McAfee-Software verursacht Probleme

Das Update KB4493472 für Windows 7 und Windows Server 2008 R2 führt zu Problemen, wenn bestimmte McAfee-Sicherheitsprodukte installiert sind.

2019-04-20T16:44:00+02:00 [heise online News]

‘Incognito Mode’ Isn’t Really Private. Try Browser Compartmentalization

tedlistens writes: One of the most common techniques people think can help hide their activity is the use of an “incognito” mode in a browser,” writes Michael Grothaus at Fast Company. But “despite what most people assume, incognito modes are primarily built to block traces of your online activity being left on your computer — not the web. Just because you are using incognito mode, that doesn’t mean your ISP and sites like Google, Facebook, and Amazon can’t track your activity.” However, there’s still a way to brew your own, safer “incognito mode.” It’s called browser compartmentalization. Grothaus writes: “The technique sees users using two or even three browsers on the same computer. However, instead of switching between browsers at random, users of browser compartmentalization dedicate one browser to one type of internet activity, and another browser to another type of internet activity. Specifically, the article recommends one browser for sites you need to log into, and another for random web surfing and any web searches. “By splitting up your web activity between two browsers, you’ll obtain the utmost privacy and anonymity possible without sacrificing convenience or the ease of use of the websites you need to log in to.” It recommends choosing a privacy-focused browser like Brave, Firefox, Apple’s Safari, or Microsoft’s Edge. “As for Chrome: It’s made by Google, whose sole aim is to know everything you do online, so it’s probably best to stay away from Chrome if you value your privacy.” The article is part of a series titled “The Privacy Divide,” which explores “misconceptions, disparities, and paradoxes that have developed around our privacy and its broader impacts on society.”

Read more of this story at Slashdot.

2019-04-20T14:34:00+00:00 [Link] [Slashdot]

Review: Santa Clarita Diet S3 blends slapstick, satire with genuine heart

Sheila (Drew Barrymore) and Joel (Tim Olyphant) Hammond are married real estate agents with an undead secret.

Enlarge / Sheila (Drew Barrymore) and Joel (Tim Olyphant) Hammond are married real estate agents with an undead secret. (credit: Netflix)

The Santa Clarita Diet, Netflix’s smart, slyly satiric sitcom about a zombie outbreak in suburban Southern California, has largely flown under the pop culture radar since it debuted in February 2017. And that’s a shame, because it’s easily one of the best half-hour comedies on TV right now. Season 3 brought the same winning blend of satire, snappy dialogue, slapstick, and of course, plenty of zombie-munching gore.

(Some spoilers below.)

The series centers on Joel and Sheila Hammond (Tim Olyphant and Drew Barrymore), married real estate agents in Santa Clarita who find their lives irrevocably altered after Sheila has an extreme upchucking incident while showing a house to prospective clients. She thinks it’s a bad case of food poisoning but soon begins to crave human flesh. The upside: she feels better than she has in years, and her increased libido kick-starts the Hammonds’ previously humdrum sex life into overdrive. Season 1 was a bit uneven, especially in the earlier episodes, but the show found its stride by the end of that first 10-episode run, and both seasons 2 and 3 are sheer bingeable delights.

Read 6 remaining paragraphs | Comments

[Link] [Ars Technica]

Review: The indestructible humanity of A Boy and His Dog at the End of the World

Warning: Mild spoilers ahead.

(credit: Orbit Books)

Dystopian stories take many forms, but it’s a rare dystopian novel that prominently features man’s best friend. Author of the Oversight and Stoneheart trilogies, C.A. Fletcher doesn’t hide the importance of dogs in his latest novel. Aptly titled A Boy and His Dog at the End of the World, it follows a young boy named Griz as he goes on a journey to retrieve his stolen pet.

“Dogs were with us from the very beginning,” Griz writes. “And those that remain are still with us now, here at the end of the world.”

Read 10 remaining paragraphs | Comments

[Ars Technica]

Vergleichstest: 2-Bay-NAS für Multimedia-Fans

NAS-Systeme aus der 300-Euro-Klasse versprechen eine Fülle an Multimedia-Funktionen. Trotz nahezu identischer Hardware-Basis gibt es dennoch Unterschiede.

2019-04-20T16:00:00+02:00 [heise online News]

Google Chrome: Browser bekommt bald Lesemodus

Ein Lesemodus im Chrome-Browser soll Webseiten-Inhalte künftig zum ungestörten Lesen aufbereiten. In der Vorabversion Chrome Canary lässt er sich ausprobieren.

2019-04-20T15:36:00+02:00 [heise online News]

These are the best new vehicles of the 2019 New York International Auto Show

These are the best new vehicles of the 2019 New York International Auto Show

Enlarge (credit: Jonathan Gitlin / Aurich Lawson)

NEW YORK—On Friday morning, the annual New York International Auto Show opened its doors to the public. In stark contrast to last year—when I foolishly predicted that NYIAS was now the premier US auto show—this year’s event feels very lackluster.

The Shanghai Auto Show is partly to blame. It opened earlier this week and pretty much every automaker with something new to show chose China over the US. In fact, some brands like BMW and Volvo weren’t present at all. The Internet didn’t help either, as what little new metal there was coming to the Big Apple got shown off online in the weeks leading up.

But given that we missed both LA and Detroit in recent months, I braved Amtrak’s rapidly deteriorating service from DC to wander the Javits center and see what was neat among the vehicles that did show up in NYC. While have some other stories from NYIAS to come, we’re kicking off this year’s event with our Best Of awards.

Read 25 remaining paragraphs | Comments

[Link] [Ars Technica]

26 States Now Ban Or Restrict Community Broadband, Report Finds

An anonymous reader quotes a report from Motherboard: A new report has found that 26 states now either restrict or outright prohibit towns and cities from building their own broadband networks. Quite often the laws are directly written by the telecom sector, and in some instances ban towns and cities from building their own broadband networks — even if the local ISP refuses to provide service. The full report by BroadbandNow, a consumer-focused company that tracks US broadband availability, indicates the total number of state restrictions on community broadband has jumped from 20 such restrictions since the group’s last report in 2018. BroadbandNow’s report looks at each state’s restrictions individually, and found that while some states simply banned community broadband outright (a notable assault on voters’ democratic rights), others impose clever but onerous restrictions on precisely how a local network can be funded, who they can partner with, or how quickly (and where) they’re allowed to grow. In Tennessee, for example, state laws allow publicly-owned electric utilities to provide broadband, “but limits that service provision to within their electric service areas.” Such restrictions have made it hard for EPB — the highest rated ISP in America last year according to Consumer Reports — to expand service into new areas.

Read more of this story at Slashdot.

2019-04-20T13:00:00+00:00 [Slashdot]

Versandapotheken: DocMorris wittert Millionengeschäft mit E-Rezepten

Erst mischt DocMorris den Apothekenmarkt mit seinem Online-Versand für Medikamente auf. Jetzt treibt der Chef das elektronische Rezept voran.

2019-04-20T14:07:00+02:00 [heise online News]

∞ A brief history of the insane precautions Marvel has taken to avoid movie spoilers from getting out

I honestly don’t get this need to broadcast the spoilers. Why consciously ruin the movie for other fans?

[Comments] [The Loop]

A brief history of the insane precautions Marvel has taken to avoid movie spoilers from getting out

I honestly don’t get this need to broadcast the spoilers. Why consciously ruin the movie for other fans?

∞ Read this on The Loop

[Comments] [The Loop]

The hydrogen fuel strategy behind Nikola’s truck dream

Truck refueling at a hydrogen station.

Enlarge

Ars makes every effort to cover its own travel costs. To attend Nikola’s conference, we covered the flight out to Scottsdale, Arizona, but Nikola covered one night in a nearby hotel.

SCOTTSDALE, Arizona—The Nikola Motor Company wants to reinvent trucking by replacing diesel heavy-duty trucks with hydrogen fuel cell trucks. But hydrogen skeptics are numerous, and not without good reason. Although hydrogen fuel cell vehicles are quiet, emissions-free (with the exception of water) during operation, and relatively fast-charging compared to battery electric vehicles, they have a host of other problems.

First, hydrogen is hard to store, and it must be cooled and compressed. It’s also hard to transport. Additionally, H2 is not a green fuel in the US, for the most part. Generally, natural gas (CH4) is reformed to create H2 in ways that still cause carbon emissions. There is a way to create hydrogen fuel without the carbon emissions: by applying electricity to water (a process called water electrolysis). But water electrolysis has been prohibitively expensive, and if hydrogen can’t compete with diesel, what’s Nikola’s value proposition to freight companies that will make them want to switch?

Read 25 remaining paragraphs | Comments

[Link] [Ars Technica]

Galileo soll Autoverkehr der Zukunft sicherer machen

Hackerangriffe auf selbstfahrende Autos sind ein Alptraumszenario für Sicherheitsexperten. Hilfe könnte aus dem Weltraum kommen.

2019-04-20T13:30:00+02:00 [heise online News]

Malware-Verteiler werden immer jünger, infizieren sich oft selbst

Forscher finden auf Kontrollservern von Malware-Betreibern immer öfter Anzeichen dafür, dass diese sich unabsichtlich selbst infizieren.

2019-04-20T12:59:00+02:00 [heise online News]

Banking-Malware: WannaCry-Retter Hutchins bekennt sich schuldig

Die US-Justiz warf dem Sicherheitsexperten vor, an der Entwicklung der Schadsoftware “Kronos” beteiligt gewesen zu sein. Ihm drohen nun bis zu zehn Jahre Haft.

2019-04-20T12:20:00+02:00 [heise online News]

Bacteria Use Viruses To Differentiate Themselves From Their Competitors, Study Finds

schwit1 shares a report from UPI: Normally, bacteria and viruses are enemies, but new research suggests a viral infection can offer bacteria some benefits — chiefly, the ability to distinguish friend from foe. Scientists discovered the phenomenon after observing a stark demarcation line between two strains of the bacteria Escherichia coli K-12, but no such divide between identical clones. The related rivals steered clear of one another, while the identical strains swam toward one another. To find out why, scientists surveyed 4,296 single-gene knockouts in the genome of Escherichia coli K-12. Researchers determined only one mutation caused the demarcation line to disappear. The mutation involved a gene that is used in viral replication. According to their analysis, the virus-related proteins produced by the gene allow for bacterial self-recognition. Scientists were also able erase the demarcation line by silencing the bacteriophage genomes that have weaved their way into the bacteria’s genome. These leftover viral genes don’t produce active phage particles, nor do they rupture host cells. When scientists exposed bacteria to a related virus, the old viral genes were activated and began producing phage particles for the new virus. Experiments showed the virus doesn’t attack its host cells. Instead, the virus attacks other bacteria cells that don’t carry the virus. The host helps the virus reproduce, and the virus takes out the bacteria’s competitors. The new study has been published in the journal Cell Reports.

Read more of this story at Slashdot.

2019-04-20T10:00:00+00:00 [Link] [Slashdot]

Pokémon Go: Die Events überschlagen sich

Event-Lawine bei Pokémon Go: Am Wochenende gibt es schillernde Pottrotts, ab Mittwoch wieder häufiger Meltan, Ende April folgt ein Earth-Day-Event.

2019-04-20T11:55:00+02:00 [heise online News]

Billiger, leichter, stärker – Raketen-Antriebe aus dem 3D-Drucker

Gedruckte Triebwerke für Raketen sollen billiger, leichter und leistungsstärker sein. Dazu kommen neue Freiheiten beim Design.

2019-04-20T11:26:00+02:00 [heise online News]

Brandenburg: Polizei speichert Aufnahmen von Körperkameras auf eigenen Rechnern

Polizisten können mit Körperkameras brenzlige Situationen dokumentieren. Auch Einsatzkräfte in Brandenburg sollen nun mit solchen Bodycams ausgestattet werden.

2019-04-20T10:48:00+02:00 [heise online News]

Falcon Heavy Launch Close Up

Twenty seven Merlin rocket engines are firing in this close-up of the launch of a Falcon Heavy rocket. Derived from three Falcon 9 first stage rockets with nine Merlin rocket engines each, the Falcon Heavy left NASA’s Kennedy Space Center launch pad 39A on April 11. This second launch of a Falcon Heavy rocket carried the Arabsat 6A communications satellite to space. In February of 2018, the first Falcon Heavy launch carried Starman and a Tesla Roadster. Designed to be reusable, both booster stages and the central core returned safely to planet Earth, the boosters to Cape Canaveral Air Force Station landing zones. The core stage landed off shore on autonomous spaceport drone ship Of Course I Still Love You.

[Astronomy Picture of the Day]

011419

[Userfriendly]

Wally Slurps

[Dilbert]

8811c4b0278701378982005056a9545d

[Calvin & Hobbes]

2019-04-20

[Garfield]

Heute in c’t uplink sprechen wir über die Windows-Alternative Linux Mint. Und wir haben Dating-Apps und DIN-A3-Mufus mit Scanfunktion getestet.

2019-04-20T09:00:00+02:00 [heise online News]

Robot News Presenter Causes a Stir On Russian TV

Russia state news channel Rossiya 24 has introduced a robot presenter for some of its bulletins. The BBC reports that the robot, named Alex, “has already caused a stir, with some viewers complaining about his appearance and accusing him of peddling political propaganda.” From the report: The robot was developed by Promobot in the city of Perm. His silicon head is modeled on the face of the company’s co-founder Alexei Yuzhakov. At the moment, the robot anchor can only move his facial features and neck. However, the final robot will have fully mobile limbs as well. Production of the robot began in 2017 and should be fully complete later this year, according to Promobot. It said Alex had cost more than one million roubles ($15,600) to develop and that it had received orders for 12 more humanoids. Rossiya 24 said its newest presenter was of Russian origin with “software and almost all of its components produced inside the country.” Alex has delivered a number of bulletins for the channel, presenting news items about agriculture, a nuclear technology forum and micro-finance. Most observers think on-air Alex is a temporary stunt to inject some fun and promote innovative Russian technology in TV news.

Read more of this story at Slashdot.

2019-04-20T07:00:00+00:00 [Slashdot]

Strahlend: Die Bilder der Woche (KW 16)

Kurz vor Sonnenaufgang an der Oder, ein Frühlingsabend, ein Streifzug zur blauen Stunde am Mittellandkanal: die Bilder der Woche in der Zusammenfassung.

2019-04-20T08:30:00+02:00 [heise online News]

Losung

Höre, Israel, der HERR ist unser Gott, der HERR ist einer.

5. Mose 6,4

Das ist das ewige Leben, dass sie dich, der du allein wahrer Gott bist, und den du gesandt hast, Jesus Christus, erkennen.

Johannes 17,3

Hacker Dumps Thousands of Sensitive Mexican Embassy Documents Online

An anonymous reader quotes a report from TechCrunch: A hacker stole thousands of documents from Mexico’s embassy in Guatemala and posted them online. The hacker, who goes by the online handle @0x55Taylor, tweeted a link to the data earlier this week. The data is no longer available for download after the cloud host pulled the data offline, but the hacker shared the document dump with TechCrunch to verify its contents. The hacker told TechCrunch in a message: “A vulnerable server in Guatemala related to the Mexican embassy was compromised and I downloaded all the documents and databases.” He said he contacted Mexican officials but he was ignored. More than 4,800 documents were stolen, most of which related to the inner workings of the Mexican embassy in the Guatemalan capital, including its consular activities, such as recognizing births and deaths, dealing with Mexican citizens who have been incarcerated or jailed and the issuing of travel documents. We found more than a thousand highly sensitive identity documents of primarily Mexican citizens and diplomats — including scans of passports, visas, birth certificates and more — but also some Guatemalan citizens. Several documents contained scans of the front and back of payment cards. The stolen data also included dozens of letters granting diplomatic rights, privileges and immunities to embassy staff.

Read more of this story at Slashdot.

2019-04-20T03:30:00+00:00 [Slashdot]

West Virginia Will Allow ‘Blockchain Voting’ In the 2020 Election

Military voters stationed overseas will be able to cast their votes for the 2020 presidential election via a mobile app that uses a private blockchain. MIT Technology Review reports: Donald Kersey, West Virginia’s elections director, tells the cryto news website LongHash that he believes the app, created by a startup called Voatz, can enhance participation by overseas voters. Turnout among this group is very low, in part because the process of receiving a ballot and securely returning it on time is often not straightforward. This is the rationale behind the decision by a number of states to allow overseas military voters to return their ballots via e-mail. West Virginia apparently is of the mind that Voatz’s private blockchain will make this kind of online voting more secure. The state first piloted the program during the 2018 midterms. Though Kersey admits there’s no telling for certain whether the app can be compromised, West Virginia is undeterred, especially given the “really good response rate” officials saw during the midterms last year. “We are not saying mobile voting is the best solution to the problem, we are not saying that blockchain technology is the best solution to storage of security data,” Kersey tells LongHash. “What we are saying though is that it’s better than what we have.”

Read more of this story at Slashdot.

2019-04-20T02:00:00+00:00 [Slashdot]

Should Vendors Start Adding Physical On/Off Switches To Devices That Can Spy On Us?

Larry Sanger, American internet project developer and co-founder of Wikipedia, argues in a blog post that vendors must start adding physical on/off switches to webcams, smartphone cameras/mics, and other devices that spy on us. He writes: Have you ever noticed that your webcam doesn’t have an “off” switch? I looked on Amazon, and I couldn’t find any webcams for sale that had a simple on/off switch. When I thought I found one, but it turned out just to have a light that turns on when the camera is in use, and off when not — not a physical switch you can press or slide. The “clever” solution is supposed to be webcam covers (something Mark Zuckerberg had a hand in popularizing); you can even get a webcam (or a laptop) with such a cover built in. How convenient! I’ve used tape, which works fine. But a cover doesn’t cover up the microphone, which could be turned on without your knowledge. […] It’s almost as if the vendors of common, must-have devices want to make it possible to spy on us. An enterprising journalist should ask why they don’t make such switches. They certainly have deliberately made it hard for us to stop being spied upon — even though we’re their customers. Think about that. We’re their bread and butter, and we’re increasingly and rightly concerned about our security. Yet they keep selling us these insecure devices. That’s just weird, isn’t it? What the hell is going on? […] If your webcam, or your phone, or any other device with an Internet-connected camera or microphone (think about how many you own) has ever been hacked, these [hardware vendors like Logitech and Apple and large software vendors like Skype and Snapchat] are partly to blame if it was always-on by design. They have a duty to worry about how their products make their users less secure. They haven’t been doing this duty. Sanger goes on to urge consumers to care more about our privacy and security, and demand that vendors give us an off switch. “I think we consumers should demand that webcams, smart phones, smart speakers, and laptop cameras and microphones — and any other devices with cameras and microphones that are connected to the Internet — be built with hardware ‘off’ switches that make it impossible for the camera and microphone to be operated,” writes Sanger. Do you agree?

Read more of this story at Slashdot.

2019-04-20T01:20:00+00:00 [Link] [Slashdot]

Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware

Marcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices.

Marcus Hutchins, just after he was revealed as the security expert who stopped the WannaCry worm. Image: twitter.com/malwaretechblog

Hutchins, who authors the popular blog MalwareTech, was virtually unknown to most in the security community until May 2017 when the U.K. media revealed him as the “accidental hero” who inadvertently halted the global spread of WannaCry, a ransomware contagion that had taken the world by storm just days before.

In August 2017, Hutchins was arrested by FBI agents in Las Vegas on suspicion of authoring and/or selling “Kronos,” a strain of malware designed to steal online banking credentials. A British citizen, Hutchins has been barred from leaving the United States since his arrest.

Many of Hutchins’ supporters and readers had trouble believing the charges against him, and in response KrebsOnSecurity published a lengthy investigation into activities tied to his various online personas over the years.

As I wrote in summary of that story, the clues suggested “Hutchins began developing and selling malware in his mid-teens — only to later develop a change of heart and earnestly endeavor to leave that part of his life squarely in the rearview mirror.” Nevertheless, there were a number of indications that Hutchins’ alleged malware activity continued into his adulthood.

In a statement posted to his Twitter feed and to malwaretech.com, Hutchins said today he had pleaded guilty to two charges related to writing malware in the years prior to his career in security.

“I regret these actions and accept full responsibility for my mistakes,” Hutchins wrote. “Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”

Hutchins pleaded guilty to two of the 10 counts for which he was originally accused, including conspiracy charges and violating U.S.C. Title 18, Section 2512, which involves the manufacture, distribution, possession and advertising of devices for intercepting online communications.

Creating malware is a form of protected speech in the United States, but selling it and disseminating it is another matter. University of Southern California law professor Orin Kerr‘s 2017 dissection of the government’s charges is worth a read for a deep dive on this sticky legal issue.

According to a copy of Hutchins’ plea agreement, both charges each carry a maximum of up to five years in prison, up to a $250,000 fine, and up to one year of supervised release. However, those charges are likely to be substantially tempered by federal sentencing guidelines, and may take into account time already served in detention. It remains unclear when he will be sentenced.

The plea agreement is here (PDF). “Attachment A” beginning on page 15 outlines the government’s case against Hutchins and an alleged co-conspirator. The government says between July 2012 and Sept. 2015, Hutchins helped create and sell Kronos and a related piece of malware called UPAS Kit.

Despite what many readers here have alleged, I hold no ill will against Hutchins. He and I spoke briefly in a friendly exchange after a chance encounter at last year’s DEF CON security conference in Las Vegas, and I said at the time I was rooting for him to beat the charges. I sincerely hope he is able to keep his nose clean and put this incident behind him soon.

Yours Truly shaking hands with Marcus Hutchins in Las Vegas, August 2018.

2019-04-20T00:40:10Z [Link] [Krebs on Security]

Unexpected Protection Added To Microsoft Edge Subverts IE Security

Dan Goodin writes via Ars Technica: A researcher has uncovered strange and unexpected behavior in Windows 10 that allows remote attackers to steal data stored on hard drives when a user opens a malicious file downloaded with the Edge browser. The threat partially surfaced last week when a different researcher, John Page, reported what he called a flaw in Internet Explorer. Page claimed that when using the file manager to open a maliciously crafted MHT file, the browser uploaded one or more files to a remote server. According to Page, the vulnerability affected the most recent version of IE, version 11, running on Windows 7, Windows 10, and Windows Server 2012 R2 with all security updates installed. (It’s no longer clear whether any OS other than Windows 10 is affected, at least for some users. More about that in a moment.) [I]n Page’s post was a video demonstration of the proof-of-concept exploit Page created. It shows a booby-trapped MHT file triggering an upload of the host computer’s system.ini file to a remote server. Page’s video shows the file being downloaded with Edge. “This can allow remote attackers to potentially exfiltrate Local files and conduct remote reconnaissance on locally installed Program version information,” Page wrote. “Example, a request for ‘c:\Python27\NEWS.txt’ can return version information for that program.”

Read more of this story at Slashdot.

2019-04-20T00:40:00+00:00 [Slashdot]

NYC Subway Denies Using ‘Real-Time Face Recognition Screens’ in Times Square

The New York Metropolitan Transportation Authority has denied suggestions that it’s putting facial recognition cameras in the subway, saying that a trick designed to scare fare-dodgers was misinterpreted. From a report: “There is no capability to recognize or identify individuals and absolutely no plan” to do so with NYC subway cameras, says MTA spokesperson Maxwell Young. Young was responding to a photo taken in the Times Square subway station by New York Times analyst Alice Fung, which shows a prominently placed monitor with the words “RECORDING IN PROGRESS” and “Please Pay Your Fare” superimposed on a video feed. “Hey @MTA, who are you sharing the recordings with?” Fung asked. The monitor featured the name Wisenet, a security company that prominently advertises facial recognition capabilities, and the video feed traced squares around subjects’ faces. […] Young says that the recordings aren’t being monitored to identify individuals in the footage, though. “There is absolutely no facial recognition component to these cameras, no facial recognition software, or anything else that could be used to automatically identify people in any way, and we have no plans to add facial recognition software to these cameras in the future,” he tells The Verge. “These cameras are purely for the purpose of deterring fare evasion — if you see yourself on a monitor, you’re less likely to evade the fare.”

Read more of this story at Slashdot.

2019-04-20T00:01:00+00:00 [Slashdot]

Netflix Is Experimenting With a ‘Random Episode’ Feature For TV Shows

Netflix has begun testing a shuffle button with some users of its Android app. “Spotted by one our tipsters, the Android app (specifically v7.6.0 build 19 34157) offered to randomly select something to watch,” reports Android Police. “And in the playback controls, there’s a shuffle icon with a ‘Random Episode’ label.” From the report: It’s unclear at this point whether this is just an experiment or if we’ll see this roll out to a wider batch of people soon. For now, if you don’t have this, you’re stuck with picking something on your own.

Read more of this story at Slashdot.

2019-04-19T23:20:00+00:00 [Slashdot]

AI is Helping Old Video Games Look Like New

Classic video games are getting a makeover. But it’s not big-name game developers making the improvements: it’s independent modders. From a report: The technique being used is known as “AI upscaling.” In essence, you feed an algorithm a low-resolution image, and, based on training data it’s seen, it spits out a version that looks the same but has more pixels in it. Upscaling, as a general technique, has been around for a long time, but the use of AI has drastically improved the speed and quality of results. “It was like witchcraft,” says Daniel Trolie, a teacher and student from Norway who used AI to update the visuals of 2002 RPG classic The Elder Scrolls III: Morrowind. “[It] looked like I just downloaded a hi-res texture pack from [game developers] Bethesda themselves.” Trolie is a moderator at the r/GameUpscale subreddit where, along with specialist forums and chat apps like Discord, fans share tips and tricks on how to best use these AI tools. Browsing these forums, it’s apparent that the modding process is a lot like restoring old furniture or works of art. It’s a job for skilled craftspeople, requiring patience and knowledge. Not every game is a good fit for upscaling, and not every upscaling algorithm produces similar results. Modders have to pick the right tool for the job before putting in hundreds of hours of work to polish the final results. It’s a labor of love, not a quick fix.

Read more of this story at Slashdot.

2019-04-19T22:40:00+00:00 [Slashdot]

Marcus Hutchins, slayer of WannaCry worm, pleads guilty to malware charges

Then-23-year-old security researcher Marcus Hutchins in his bedroom in Ilfracombe, UK, in July 2017, just weeks before his arrest on malware charges.

Enlarge / Then-23-year-old security researcher Marcus Hutchins in his bedroom in Ilfracombe, UK, in July 2017, just weeks before his arrest on malware charges. (credit: Chris Ratcliffe/Bloomberg via Getty Images)

Marcus Hutchins, the security researcher who helped neutralize the virulent WannaCry ransomware worm, has pleaded guilty to federal charges of creating and distributing malware used to break into online bank accounts.

“I regret these actions and accept full responsibility for my mistakes,” Hutchins wrote in a short post. “Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”

Hutchins was changed in August 2017 with creating Kronos, a banking trojan that stole online bank account passwords from infected computers. A superseding indictment filed 10 months later charged him with 10 felony counts that alleged he created a second piece of malware called UPAS Kit. Hutchins, whose online persona MalwareTech attracts more than 143,000 followers on Twitter, had a league of vocal defenders claiming the allegations were false.

Read 5 remaining paragraphs | Comments

[Link] [Ars Technica]

Wannacry-slayer Marcus Hutchins pleads guilty to two counts of banking malware creation

‘I regret these actions and accept full responsibility for my mistakes’

Marcus Hutchins, the British security researcher who shot to fame after successfully halting the Wannacry ransomware epidemic, has pleaded guilty to crafting online bank-account-raiding malware.…

2019-04-19T22:10:20Z [The Register]

FTC May Hold Zuckerberg Personally Responsible For Facebook Privacy Failures

An anonymous reader quotes a report from Ars Technica: Federal Trade Commission officials are discussing whether to hold Facebook CEO Mark Zuckerberg personally accountable for Facebook’s privacy failures, according to reports by The Washington Post and NBC News. Facebook has been trying to protect Zuckerberg from that possibility in negotiations with the FTC, the Post wrote. Federal regulators investigating Facebook are “exploring his past statements on privacy and weighing whether to seek new, heightened oversight of his leadership,” the Post reported, citing anonymous sources who are familiar with the FTC discussions. “The discussions about how to hold Zuckerberg accountable for Facebook’s data lapses have come in the context of wide-ranging talks between the Federal Trade Commission and Facebook that could settle the government’s more than year-old probe,” the Post wrote. According to NBC, FTC officials are “discussing whether and how to hold Facebook Chief Executive Mark Zuckerberg personally accountable for the company’s history of mismanaging users’ private data.” However, NBC said its sources “wouldn’t elaborate on what measures are specifically under consideration.” According to the Post, one idea raised during the probe “could require [Zuckerberg] or other executives to certify the company’s privacy practices periodically to the board of directors.” But it’s not clear how likely the FTC is to target Zuckerberg in a final settlement, and “Facebook has fought fiercely to shield Zuckerberg as part of the negotiations, one of the sources familiar with the probe said,” the Post wrote.

Read more of this story at Slashdot.

2019-04-19T22:00:00+00:00 [Link] [Slashdot]

2019-04-19

French Government Releases In-house IM App To Replace WhatsApp and Telegram Use

A year ago, the French government unveiled its plan to build its own encrypted messenger service to ease fears that foreign entities could spy on private conversations between top officials. That app, named Tchap, is now official for Android handsets and the iPhone. From a report: A web dashboard is also in the works. Only official French government employees can sign-up for an account; however, the French government also open-sourced Tchap’s source code on GitHub so other organizations can roll out their own versions of Tchap for internal use as well. Work on the app started in July 2018, and the app itself is based on Riot, a well-known open-source, self-hostable, and secure instant messaging client-server package. The app was officially developed by DINSIC (Interministerial Directorate of Digital and Information System and Communication of the State), under the supervision of ANSSI, France’s National Cybersecurity Agency.

Read more of this story at Slashdot.

2019-04-19T21:20:00+00:00 [Slashdot]

Defense against the Darknet, or how to accessorize to defeat video surveillance

Boffins from Belgium break people recognition software with a colorful placard

A trio of Belgium-based boffins have created a ward that renders wearers unrecognizable to software trained to detect people.…

2019-04-19T21:16:09Z [The Register]

Ransomware Attack Knocks The Weather Channel Off the Air

A computer attack knocked the Weather Channel off the air for more than an hour Thursday morning [Editor’s note: the link may be paywalled; alternative source], and federal authorities are investigating the incident, WSJ is reporting. From the report: After its broadcast was disrupted, the weather news service sent a tweet saying it had been the victim of “a malicious software attack,” adding that federal law-enforcement officials were investigating the matter. A spokesman for the Federal Bureau of Investigation said the incident was a ransomware attack, and the agency was conducting an investigation. Ransomware is an increasingly common form of digital extortion. Criminals install it on computer networks via trickery or hacking, and the software then spreads from computer to computer, locking up systems until a digital ransom is paid.

Read more of this story at Slashdot.

2019-04-19T20:40:00+00:00 [Slashdot]

Not one of the 12 steps: Rehab patients’ details exposed in publicly visible database

Researcher disturbed at availability of very personal data

More than two years of billing records from a drug and alcohol rehabilitation center were made freely available on the internet, a security researcher has discovered.…

2019-04-19T20:26:19Z [The Register]

Instagram Hides Like Counts In Leaked Design Prototype

Instagram’s Android code is hiding a design change that hides the number of likes your posts get. “During this test, only the person who shares a post will see the total number of likes it gets,” the company says. TechCrunch reports on the seemingly small design change test and the massive potential impact it’ll have on users’ well-being: Hiding Like counts could reduce herd mentality, where people just Like what’s already got tons of Likes. It could reduce the sense of competition on Instagram, since users won’t compare their own counts with those of more popular friends or superstar creators. And it could encourage creators to post what feels most authentic rather than trying to rack up Likes for everyone to see. You can see [in a leaked screenshot] on the left that the Instagram feed post lacks a Like count, but still shows a few faces and a name of other people who’ve Liked it. Users are alerted that only they will see their post’s Like counts, and anyone else won’t. Many users delete posts that don’t immediately get “enough” Likes or post to their fake “Finstagram” accounts if they don’t think they’ll be proud of the hearts they collect. Hiding Like counts might get users posting more because they’ll be less self-conscious. It appears there’s no plan to hide follower counts on user profiles, which are the true measure of popularity, but also serve a purpose of distinguishing great content creators and assessing their worth to marketers. Hiding Likes could just put more of a spotlight on follower and comment counts. And even if users don’t see Like counts, they still massively impact the feed’s ranking algorithm, so creators will still have to battle for them to be seen.

Read more of this story at Slashdot.

2019-04-19T20:00:00+00:00 [Link] [Slashdot]

Reverse review bomb? AC: Unity draws praise for Notre Dame preservation

The famous cathedral lives on in interactive digital form.

Enlarge / The famous cathedral lives on in interactive digital form.

At this point, we’re actually a little tired of stories about “review bombing,” where various put-upon groups of gamers gather together to leave a flood a negative user reviews, often for issues that have nothing to do with the game itself. But this week’s flood of positive reviews for Ubisoft’s Assassin’s Creed Unity on Steam is a different (and much rarer) story altogether.

The impetus for this reverse review-bomb (Review rocket? Review scaffolding? Review hug?) came earlier this week after the tragic fire in Paris’ Notre Dame cathedral. On Wednesday, Ubisoft announced it would be donating €500,000 to help rebuild the cathedral that’s recreated as a central landmark in Assassin’s Creed Unity. On top of that, the company is giving away free copies of the game on its UPlay platform through April 25 as a way to encourage further donations and in order “to give everyone the chance to experience the majesty and beauty of Notre-Dame the best way we know how.”

“When we created Assassin’s Creed Unity, we developed an even closer connection with this incredible city and its landmarks,” the company wrote this week. “One of the most notable elements of the game was the extraordinary recreation of Notre-Dame… We hope, with this small gesture, we can provide everyone an opportunity to appreciate our virtual homage to this monumental piece of architecture.”

Read 3 remaining paragraphs | Comments

[Link] [Ars Technica]

New automation features are coming to macOS in Shortcuts—but not for every app

A few examples of "Shortcuts" that can be applied to Siri with iOS 12.

Enlarge / A few examples of “Shortcuts” that can be applied to Siri with iOS 12. (credit: Apple)

According to a report at 9to5mac citing people familiar with Apple’s plans, several iOS features will come to the Mac in macOS 10.15.

First and foremost among these is Shortcuts, the automation application that Apple built out of its acquisition of Workflow. The app, support for which was introduced in iOS 12, allows iPhone and iPad users to define steps for their devices to perform when they deliver certain user-definable Siri voice commands, tap user-created home screen icons, and so on.

Shortcuts is tightly integrated with Siri, and it was positioned by Apple as a way to make Siri much more powerful than it has been previously. Third-party app developers could develop their own Shortcuts and accompanying Siri commands that could be accessed across the operating system.

Read 11 remaining paragraphs | Comments

[Link] [Ars Technica]

∞ The Dalrymple Report: An Apple Music rant and Dave buys a new TV

I took a few minutes at the start of this week’s podcast to rant a little about some of the mistakes Apple Music is making lately, and then I talk to Dave about all the things he considered before buying a new TV.

Subscribe to this podcast

Brought to you by:

LinkedIn: Go to LinkedIn.com/DALRYMPLE and get $50 off your first job post!

[Comments] [The Loop]

This little electric car is the coolest thing at the NY Auto Show

As we detailed on Monday, this year’s Shanghai auto show has been the place to be if you want to see car designers’ ideas for future electric cars. But not everyone chose China as the place to reveal their electric concept cars. Genesis thinks the Big Apple is a better place to make an annual statement.

In 2017 it was the GV80, a hydrogen fuel cell EV that was the first clean-sheet design for the new Korean luxury brand and a vehicle that seems a lot more plausible now that we’ve driven Hyundai’s Nexo. Last year, we got the Essentia, an electric hypercar that will almost certainly remain nothing more than a concept. Now, for the third year in a row, Genesis has stolen the New York International Auto Show, this time with the Mint, its take on a small luxury battery EV.

Forget an electric car for the masses, this one is for a niche within a niche: the city dweller who only needs two seats but still wants cargo space, plus the added drama of scissor doors and a leather-lined interior that looks like it belongs in a coachbuilt Bugatti from the 1930s. Admittedly, it’s not the biggest demographic in the world, but I count myself firmly in that camp.

Read 6 remaining paragraphs | Comments

[Link] [Ars Technica]

Utah Bans Police From Searching Digital Data Without a Warrant

An anonymous reader quotes a report from Forbes: In a major win for digital privacy, Utah became the first state in the nation to ban warrantless searches of electronic data. Under the Electronic Information or Data Privacy Act (HB 57), state law enforcement can only access someone’s transmitted or stored digital data (including writing, images, and audio) if a court issues a search warrant based on probable cause. Simply put, the act ensures that search engines, email providers, social media, cloud storage, and any other third-party “electronic communications service” or “remote computing service” are fully protected under the Fourth Amendment (and its equivalent in the Utah Constitution). HB 57 also contains provisions that promote government transparency and accountability. In most cases, once agencies execute a warrant, they must then notify owners within 14 days that their data has been searched. Even more critically, HB 57 will prevent the government from using illegally obtained digital data as evidence in court. In a concession to law enforcement, the act will let police obtain location-tracking information or subscriber data without a warrant if there’s an “imminent risk” of death, serious physical injury, sexual abuse, livestreamed sexual exploitation, kidnapping, or human trafficking. Backed by the ACLU of Utah and the Libertas Institute, the act went through five different substitute versions before it was finally approved — without a single vote against it — last month. HB 57 is slated to take effect in mid-May.

Read more of this story at Slashdot.

2019-04-19T19:20:00+00:00 [Slashdot]

Surprise! Satellites show that thermometers don’t lie

Official weather stations are more standardized than this consumer one, which helps them track global temperature trends.

Enlarge / Official weather stations are more standardized than this consumer one, which helps them track global temperature trends. (credit: Raymond Shobe)

Taking a human’s temperature is easy. Taking a pet’s temperature is similarly straightforward, if a bit rude. Taking a planet’s temperature, on the other hand, is much more of a challenge. The temperature isn’t the same everywhere, so one thermometer won’t get it done. Weather stations on land near population centers are relatively common, but remote areas and the vast oceans also need to be represented.

On top of this geographical span, researchers have to deal with the reality that various issues like equipment changes have to be accounted for to ensure that the data is consistent over a century or more.

A handful of teams around the world separately maintain surface temperature datasets, including NASA, NOAA, the UK Met Office, and the Japan Meteorological Agency. The differences between their results are so small that only climate scientists could find them noteworthy. They all show pretty much exactly the same amount of global warming over time. But this hasn’t stopped conspiratorial critics from claiming that temperature measurements are somehow manipulated to create the appearance of warming where none exists. (These critics never explain how this cabal of scientists got shrinking glaciers, rising sea levels, and migrating species to play along.)

Read 7 remaining paragraphs | Comments

[Link] [Ars Technica]

Double trouble for Lyft after share price drop sparks class action lawsuits claiming hype

Rideshare company lied about market share, claim investors

Rideshare company Lyft has been hit with two class action lawsuits by investors who claim the company lied about its market share.…

2019-04-19T19:05:09Z [The Register]

World of Goo is Epic Game Store’s next freebie—and all PC owners will get HD update

The Goo is back! And free! And updated for existing owners! Everyone wins, we think.

Enlarge / The Goo is back! And free! And updated for existing owners! Everyone wins, we think. (credit: 2DBoy)

As has become a regular occurrence lately, Epic Games announced another solid free video game coming to all of its Epic Games Store (EGS) users, which has so far been an every-two-weeks promo for the relatively new storefront. And again, as has become a regular occurrence, the news came with some confusing crossover with Steam, the mega-ton retailer that EGS is not-so-subtly taking on.

Friday’s announcement confirmed that the award-winning puzzle game World of Goo, which launched in 2008 on PC and the Wii before reaching other platforms, will become an EGS freebie starting May 2. Users will have a two-week window to log in and claim a copy of the game (which currently retails for $10 at Steam and other digital-download storefronts).

Shortly after Epic’s announcement, a PC Gamer report clarified one key detail: this version of World of Goo includes a significant “framework” update with an emphasis on higher resolutions. However, that report didn’t answer if that update was an EGS exclusive—the kind of update that would require the game’s existing fans to log into a second storefront and claim a free copy—or when exactly its Steam equivalent will get the update.

Read 5 remaining paragraphs | Comments

[Link] [Ars Technica]

World of Goo’s devs answer questions about HD update, Epic Games Store launch

The Goo is back! And free! And updated for existing owners! Everyone wins, we think.

Enlarge / The Goo is back! And free! And updated for existing owners! Everyone wins, we think. (credit: 2DBoy)

As has become a regular occurrence lately, Epic Games announced another solid free video game coming to all of its Epic Games Store users, which has so far been an every-two-weeks promo for the relatively new storefront. And again, as has become a regular occurrence, the news came with some confusing crossover with Steam, the mega-ton retailer that EGS is not-so-subtly taking on.

Friday’s announcement confirmed that the award-winning puzzle game World of Goo, which launched in 2008 on PC and the Wii before reaching other platforms, will become an EGS freebie starting May 2. Users will have a two-week window to log in and claim a copy of the game (which currently retails for $10 at Steam and other digital-download storefronts).

Shortly after Epic’s announcement, a PC Gamer report clarified one key detail: this version of World of Goo includes a significant “framework” update with an emphasis on higher resolutions. However, that report didn’t answer if that update was an EGS exclusive—the kind of update that would require the game’s existing fans to log into a second storefront and claim a free copy—or when exactly its Steam equivalent will get the update.

Read 5 remaining paragraphs | Comments

[Link] [Ars Technica]

Google Will Begin To Block Sign-ins From Embedded Browser Frameworks in June

To fight phishing, Google last year announced it would require users to enable JavaScript during Google Account sign-in so that it could run attack-detecting risk assessments, and this week, the company said it’ll begin to block all sign-ins from embedded browser frameworks like Chromium Embedded Framework starting in June. From a report: For the uninitiated, embedded browser frameworks enable developers to add basic web browsing functionality to their apps, and to use web languages like HTML, CSS, and JavaScript to create those apps’ interface (or portions of it). They’re typically cross-platform — Chromium Embedded Framework runs on Linux, Windows, and macOS — and they support a range of language bindings. With the change, Google is specifically targeting man in the middle (MITM) attacks, which it says are particularly difficult to spot from automation platforms like embedded browser frameworks.

Read more of this story at Slashdot.

2019-04-19T18:42:00+00:00 [Slashdot]

Notre Dame Official Says ‘Computer Glitch’ Could Be Fire Culprit

A “computer glitch” may have been behind the fast-spreading fire that ravaged Notre Dame, Associated Press reported Friday, citing the cathedral’s rector. From the report: Speaking during a meeting of local business owners, rector Patrick Chauvet did not elaborate on the exact nature of the glitch, adding that “we may find out what happened in two or three months.” On Thursday, Paris police investigators said they think an electrical short-circuit most likely caused the fire. French newspaper Le Parisien has reported that a fire alarm went off at Notre Dame shortly after 6 p.m. Monday but a computer bug showed the fire’s location in the wrong place. The paper reported the flames may have started at the bottom of the cathedral’s giant spire and may have been caused by an electrical problem in an elevator. Chauvet said there were fire alarms throughout the building, which he described as “well protected.”

Read more of this story at Slashdot.

2019-04-19T18:01:00+00:00 [Slashdot]

The Behavioral Change Stairway Model

The Behavioral Change Stairway Model

BCSM is the FBI’s model for crisis negotiation, but it looks like it could be a useful negotiation framework for all kinds of other conflict mediation as well.

2019-04-19T17:46:02+00:00 [Simon Willison’s Weblog]

Microsoft Debuts Bosque, a New Programming Language With No Loops, Inspired by TypeScript

Microsoft has introduced a new open source programming language called Bosque that aspires to be simple and easy to understand by embracing algebraic operations and shunning techniques that create complexity. From a report: Bosque was inspired by the syntax and types of TypeScript and the semantics of ML and Node/JavaScript. It’s the brainchild of Microsoft computer scientist Mark Marron, who describes the language as an effort to move beyond the structured programming model that became popular in the 1970s. The structured programming paradigm, in which flow control is managed with loops, conditionals, and subroutines, became popular after a 1968 paper titled “Go To Statement Considered Harmful” by computer scientist Edsger Dijkstra. Marron believes we can do better by getting rid of sources of complexity like loops, mutable state, and reference equality. The result is Bosque, which represents a programming paradigm that Marron, in a paper he wrote, calls “regularized programming.”

Read more of this story at Slashdot.

2019-04-19T17:24:00+00:00 [Slashdot]

BBEdit Back in the Mac App Store

I want to thank Bare Bones Software for sponsoring The Loop this week. Bare Bones Software, makers of BBEdit, is one of my favorite software companies — in fact, I’ve been using BBEdit for more than 20 years. Now, BBEdit is also available in the Mac App Store! Same great features. Same user experience. You can subscribe in the Mac App Store or purchase perpetual licenses directly from Bare Bones Software. Also, you can still get great merch, including Classic and Rebus T-shirts, enamel pins, and more in their merch store!

∞ Read this on The Loop

[Comments] [The Loop]

Millions of Rehab Records Exposed on Unsecured Database

Records for potentially tens of thousands of patients seeking treatment at several addiction rehabilitation centers were exposed in an unsecured online database, an independent researcher revealed Friday. From a report: The 4.91 million documents included patients’ names, as well as details of the treatments they received, according to Justin Paine, the researcher. Each patient had multiple records in the database, and Paine estimates that the records may cover about 145,000 patients. Paine notified the main treatment center, as well as the website hosting company, when he discovered the database. The data has since been made unavailable to the public. Paine found the data by typing keywords into the Shodan search engine that indexes servers and other devices that connect to the internet. “Given the stigma that surrounds addiction this is almost certainly not information the patients want easily accessible,” Paine said in a blog post that he shared with CNET ahead of publication. Paine hunts for unsecured databases in his free time. His day job is head of trust and safety at web security company Cloudflare. The find is the latest example of a widespread problem: Any organization can easily store customer data on cloud-based services now, but few have the expertise to set them up securely. As a result, countless unsecured databases sit online and can be found by anyone with a few search skills. Many of those databases are full of sensitive personal data.

Read more of this story at Slashdot.

2019-04-19T16:44:00+00:00 [Slashdot]

McAfee joins Sophos, Avira, Avast—the latest Windows update breaks them all

A colorized transmission electron micrograph (TEM) of an Ebola virus virion. (Cynthia Goldsmith)

Enlarge / A colorized transmission electron micrograph (TEM) of an Ebola virus virion. (Cynthia Goldsmith) (credit: CDC)

The most recent Windows patch, released April 9, seems to have done something (still to be determined) that’s causing problems with anti-malware software. Over the last few days, Microsoft has been adding more and more antivirus scanners to its list of known issues. As of publication time, client-side antivirus software from Sophos, Avira, ArcaBit, Avast, and most recently McAfee are all showing problems with the patch.

Affected machines seem to be fine until an attempt is made to log in, at which point the system grinds to a halt. It’s not immediately clear if systems are freezing altogether or just going extraordinarily slowly. Some users have reported that they can log in, but the process takes ten or more hours. Logging in to Windows 7, 8.1, Server 2008 R2, Server 2012, and Server 2012 R2 are all affected.

Booting into safe mode is unaffected, and the current advice is to use this method to disable the antivirus applications and allow the machines to boot normally. Sophos additionally reports that adding the antivirus software’s own directory to the list of excluded locations also serves as a fix, which is a little strange.

Read 3 remaining paragraphs | Comments

[Link] [Ars Technica]

Facebook fights to “shield Zuckerberg” from punishment in US privacy probe

Facebook CEO Mark Zuckerberg wearing a suit and being photographed by several photographers as he leaves a hotel.

Enlarge / Facebook CEO Mark Zuckerberg leaving the Merrion Hotel in Dublin after meeting with Irish politicians to discuss regulation of social media on Tuesday, April 2, 2019. (credit: Getty Images | NurPhoto )

Federal Trade Commission officials are discussing whether to hold Facebook CEO Mark Zuckerberg personally accountable for Facebook’s privacy failures, according to reports by The Washington Post and NBC News. Facebook has been trying to protect Zuckerberg from that possibility in negotiations with the FTC, the Post wrote.

Federal regulators investigating Facebook are “exploring his past statements on privacy and weighing whether to seek new, heightened oversight of his leadership,” the Post reported, citing anonymous sources who are familiar with the FTC discussions.

“The discussions about how to hold Zuckerberg accountable for Facebook’s data lapses have come in the context of wide-ranging talks between the Federal Trade Commission and Facebook that could settle the government’s more than year-old probe,” the Post wrote.

Read 8 remaining paragraphs | Comments

[Link] [Ars Technica]

Windows 8 Will No Longer Get App Updates After This Summer

An anonymous reader shares a report: Last year, Microsoft announced when it would be killing app updates and distribution in the Windows Store for Windows Phone 8.x and Windows 8.x. At the time, the blog post stated that Windows Phone 8.x devices would stop receiving app updates after July 1, 2019, while Windows 8.x devices would get app updates through July 1, 2023. However, it seems as though plans have changed a little bit, as the blog post has quietly been updated earlier this month. Microsoft has changed the wording in the post to state that Windows 8 devices will stop getting updates for their apps at the same time as Windows Phone 8.x, that is, July 1 of this year. Windows 8.1 devices will continue to receive updates through the previously announced date in 2023.

Read more of this story at Slashdot.

2019-04-19T16:01:00+00:00 [Slashdot]

The future of high-speed computing may be larger CPUs with optics

The future of high-speed computing may be larger CPUs with optics

Enlarge (credit: FreeGreatPicture)

Contrary to current trends, the CPU may get bigger in the future. Yes, the size of CPUs are larger today than they were in the past, but they also pack in more transistors. The future may involve larger CPUs but with a much lower density of transistors. Why? Because of optics.

The idea of purely optical computers—and hybrid electronic-optical computers—is not new. But a set of recent advances is the first time I’ve thought we might be entering an era where some functions beyond long-distance communication will be handled optically.

Have you seen the light?

There are two properties of optical computers that make them attractive. The first is that they are naturally fast: light pulses travel at (yes) the speed of light. And when light switches light—the optical equivalent of a transistor—it happens very fast (think femtoseconds, which are 10-15 of a second). These two properties combine to make optical computers much faster than electronic computers.

Read 15 remaining paragraphs | Comments

[Link] [Ars Technica]

Gearbox’s Pitchford: Steam may be “a dying store” in 5 to 10 years

"You can't get us on Steam, and that's a good thing."

Enlarge / “You can’t get us on Steam, and that’s a good thing.”

Earlier this month, Gearbox drew some ire from Steam-loving Borderlands fans by announcing the next game in the series, due in September, would be exclusive to the Epic Games Store on PC. In a massive tweet thread earlier this week, though (helpfully collated in this reddit post), Gearbox founder and CEO Randy Pitchford defends that decision and highlights what he sees as the long-term positives that Epic’s competition with Steam will bring to the industry.

While acknowledging that Epic’s platform currently lacks many quality-of-life features available on Steam, Pitchford pointed to Epic’s public road map for adding many of those features before September’s Borderlands 3 launch. In fact, Pitchford sees the game’s impending release as a “forcing function… that will, in turn, make all those features available on a faster timeline than otherwise possible… If I were to bet on this… Epic will inevitably surpass Valve on features and quality of service.”

Pitchford acknowledges that publisher 2K and developer Gearbox could have hedged their bets by releasing on both Steam and Epic. But he added that he feels the entire industry will be better served in the long run if Borderlands 3’s exclusivity can help make the Epic Games Store competitive with Steam. (The sizable investment Epic has made in paying to get exclusive content on its store probably didn’t hurt, either)

Read 6 remaining paragraphs | Comments

[Link] [Ars Technica]

HDD Shipments Fell Nearly 13% in the First Quarter of 2019, 18% Since Last Year

Suren Enfiajyan writes: HDD shipments are continuing to decline. This is about all major HDD vendors with WDC with the most decline yearly — 26.1% against 11.3% (Toshiba) and 14.4% (Seagate). Desktop HDD shipments are said to have fallen to just 24.5 million units, a drop of nearly 4 million units from the previous quarter. Laptop HDD shipments dropped more than 6 million units to hit the 37 million mark. Enterprise HDDs are said to have rebounded by nearly 1 million units, however, to around 11.5 million hard drives purchased in the quarter. Business customers essentially picked up the slack left by consumers. These shipments were likely affected by many factors. But there’s also the simple fact that most people want SSDs instead of HDDs for most of their devices. Nobody wants to wait for their system to boot, their files to load, or their apps to finish routine tasks.

Read more of this story at Slashdot.

2019-04-19T15:20:00+00:00 [Slashdot]

IoT: Aus Project Things wird Mozilla WebThings

Mozilla will mit WebThings ein sicheres Web of Things ermöglichen und bietet neben einem RasPi-Image auch diverse Komponenten zum Download an.

2019-04-19T17:13:00+02:00 [heise online News]

CppCast Episode 195: fmt with Victor Zverovich

Episode 195 of CppCast the first podcast for C++ developers by C++ developers. In this episode Rob and Jason are joined by Victor Zverovich to discuss the fmt modern formatting library and the proposal to bring it to C++20.

CppCast Episode 195: fmt with Victor Zverovich

by Rob Irving and Jason Turner

About the interviewee:

Victor Zverovich is a software engineer at Facebook working on the Thrift RPC framework. Before joining Facebook in 2016, he worked for several years on modeling systems for mathematical optimization. He is an active contributor to open-source projects, an author of the {fmt} library and the ISO proposal P0645 to add a new formatting facility to C++.

2019-04-19T15:04:25+00:00 [Standard C++ | News]

Get a look at Android’s browser and search ballots for the EU

Last year the European Commission ruled that Google had illegally used Android to dominate search. Last month the European Commission gave Google feedback that bundling Chrome with the OS was also frowned upon. This week Google is implementing actual software changes to Android. The company has created a Windows-style ballot system which will encourage users to actively pick alternative browsers and search engines.

Google outlines the new ballot system in a post on its official blog. Pictures show two new setup screens in Android, one shows the currently installed search engine (usually Google Search) and offers to install alternatives like DuckDuckGo and Qwant. The second screen shows the currently installed browser (Chrome) and offers alternatives like Firefox and Edge.

Rather than make these screens part of setup that would be shown to new users only, Google says “These new screens will be displayed the first time a user opens Google Play after receiving an upcoming update.” The browser and search pages each show five apps total, including any apps that are already installed. Google notes that the app selection will vary by country, and that new apps “will be included based on their popularity and shown in a random order.” There’s also going to be a new prompt in Google Chrome, which will encourage users to pick a search engine.

Read 2 remaining paragraphs | Comments

[Link] [Ars Technica]

[$] Implementing fully immutable files

Like all Unix-like systems, Linux implements the traditional protection bits controlling who can access files in a filesystem (and what access they have). Fewer users, perhaps, are aware of a set of additional permission bits hidden away behind the chattr and lsattr commands. Among other things, these bits can make a file append-only, mark a file to be excluded from backups, cause a file’s data to be automatically overwritten on deletion, or make a file immutable. The implementation of many of these features is incomplete at best, so perhaps it’s not surprising that immutable files can still be changed in certain limited circumstances. Darrick Wong has posted a patch set changing this behavior, implementing a user-visible behavioral change that he describes as “an extraordinary way to destroy everything”.

2019-04-19T14:57:19+00:00 [LWN.net]

The Quest To Save the Banana From Extinction

Panama disease, an infection that ravages banana plants, has been sweeping across Asia, Australia, the Middle East and Africa. The impact has been devastating. From a report: In the Philippines alone, losses have totalled US$400m. And the disease threatens not only the livelihoods of everyone in this US$44 billion industry but also the 400m people in developing countries who depend on bananas for a substantial proportion of their calorie intake. However, there may be hope. In an attempt to save the banana and the industry that produces it, scientists are in a race to create a new plant resistant to Panama disease. But perhaps this crisis is a warning that we are growing our food in an unsustainable way and we will need to look to more radical changes for a permanent solution.

Read more of this story at Slashdot.

2019-04-19T14:40:00+00:00 [Slashdot]

YouTube und Prime Video: Google und Amazon begraben Kriegsbeil

Die beiden Unternehmen haben sich geeinigt und wollen auf ihren Geräten künftig die Videodienste des anderen zulassen.

2019-04-19T16:26:00+02:00 [heise online News]

Toyota leads $1B investment in Uber’s self-driving tech

Uber has been using Volvo XC90 hybrid SUVs as R&D platforms. Soon, we can expect these to be joined by Toyota Siennas.

Enlarge / Uber has been using Volvo XC90 hybrid SUVs as R&D platforms. Soon, we can expect these to be joined by Toyota Siennas. (credit: Uber)

On Thursday, news broke that Toyota, Denso, and the SoftBank Vision Fund are investing heavily in Uber’s autonomous driving operation. Together, the three companies will put $1 billion into Uber’s Advanced Technologies Group: $667 million from Toyota and Denso, with an additional $333 million coming from SoftBank.

“Leveraging the strengths of Uber ATG’s autonomous vehicle technology and service network and the Toyota Group’s vehicle control system technology, mass-production capability, and advanced safety support systems, such as Toyota Guardian™, will enable us to commercialize safer, lower cost automated ridesharing vehicles and services,” said Shigeki Tomoyama, Toyota executive vice president and president of Toyota’s in-house Connected Company, in a statement sent to Ars.

It’s actually not the first time Toyota has opened its wallet for Uber. In August 2018, the Japanese OEM signed a $500 million deal to integrate Uber’s autonomous tech into Toyota Sienna minivans, which will operate through Uber’s ride-hailing network at some future date. That followed an earlier investment of $300 million in 2016.

Read 2 remaining paragraphs | Comments

[Link] [Ars Technica]

After a $14-Billion Upgrade, New Orleans’ Levees Are Sinking

An anonymous reader shares a report: The $14 billion network of levees and floodwalls that was built to protect greater New Orleans after Hurricane Katrina was a seemingly invincible bulwark against flooding. But now, 11 months after the Army Corps of Engineers completed one of the largest public works projects in world history, the agency says the system will stop providing adequate protection in as little as four years because of rising sea levels and shrinking levees. The growing vulnerability of the New Orleans area is forcing the Army Corps to begin assessing repair work, including raising hundreds of miles of levees and floodwalls that form a meandering earth and concrete fortress around the city and its adjacent suburbs. “These systems that maybe were protecting us before are no longer going to be able to protect us without adjustments,” said Emily Vuxton, policy director of the Coalition to Restore Coastal Louisiana, an environmental group. She said repair costs could be “hundreds of millions” of dollars, with 75% paid by federal taxpayers. “I think this work is necessary. We have to protect the population of New Orleans,” Vuxton said. The protection system was built over a decade and finished last May when the Army Corps completed a final component that involves pumps.

Read more of this story at Slashdot.

2019-04-19T14:00:00+00:00 [Slashdot]

Zoomquilt

An infinitely zooming image. It’ll start as soon as you click the link.

Hypnotic.

∞ Read this on The Loop

[Comments] [The Loop]

Anti-vax parents lose in NY court, face steep fines for not vaccinating

A sign warns people of measles in the ultra-Orthodox Jewish community in Williamsburg on April 10, 2019 in New York City. Mayor Bill de Blasio recently announced a state of emergency and mandated residents at the center of the outbreak to get vaccinated for the viral disease.

Enlarge / A sign warns people of measles in the ultra-Orthodox Jewish community in Williamsburg on April 10, 2019 in New York City. Mayor Bill de Blasio recently announced a state of emergency and mandated residents at the center of the outbreak to get vaccinated for the viral disease. (credit: Getty | Spencer Platt)

A Brooklyn judge on Thursday rejected the petition from five anonymous anti-vaccine mothers who attempted to block the city’s recent vaccination mandate amid the largest measles outbreak the city has seen in several decades.

And the city wasted no time enforcing its upheld order. As the judge made his decision Thursday, city health officials doled out the first penalties to violators, according to the New York Times. Officials sent summonses to the parents of three children for failing to vaccinate the children even after city officials determined that they had been exposed to the dangerous viral illness.

Measles is so contagious that up to 90 percent of unvaccinated or otherwise susceptible individuals who are exposed will become ill, according to the Centers for Disease Control and Prevention. Measles’ extreme contagiousness is due in part to the fact that once it is launched into the air from a cough or sneeze it can remain airborne and infectious for up to two hours. Any vulnerable passersby who breathe in the virus or touch contaminated surfaces can pick it up.

Read 5 remaining paragraphs | Comments

[Link] [Ars Technica]

GeForce GTX 1650 mit 896 Shadern für 150 Euro kurz vor dem Start

Kurz vor dem erwarteten Start nach dem Osterwochenende sickern mehr Details zur GeForce GTX 1650 durch. Wenn sie stimmen, könnte es die Karte schwer haben.

2019-04-19T15:49:00+02:00 [heise online News]

15 months of fresh hell inside Facebook

Wired:

Earlier that month Facebook had unveiled a major change to its News Feed rankings to favor what the company called “meaningful social interactions.” News Feed is the core of Facebook—the central stream through which flow baby pictures, press reports, New Age koans, and Russian-­made memes showing Satan endorsing Hillary Clinton. The changes would favor interactions between friends, which meant, among other things, that they would disfavor stories published by media companies.

And:

Davos provided a first chance for many media executives to confront Facebook’s leaders about these changes. And so, one by one, testy publishers and editors trudged down Davos Platz to Facebook’s headquarters throughout the week, ice cleats attached to their boots, seeking clarity. Facebook had become a capricious, godlike force in the lives of news organizations; it fed them about a third of their referral traffic while devouring a greater and greater share of the advertising revenue the media industry relies on. And now this. Why? Why would a company beset by fake news stick a knife into real news?

This is a perfect weekend read, both riveting and chock full of detail. More detail to add to my growing stack of “Why I don’t use Facebook” arguments. I do love the idea of reconnecting with childhood friends, staying in touch with my family. I wish there was a true, do no evil platform for this.

∞ Read this on The Loop

[Comments] [The Loop]

Princeton IoT Inspector lets you see what your smart home devices are up to

Ben Lovejoy, 9to5Mac:

Smart home devices are potentially one of the bigger security threats since there is no easy way to check what they are up to on your network. That’s a problem Princeton University has set out to solve, with the Princeton IoT Inspector.

And:

The tool is Mac-only for now. Using it, you can see:

  • a list of all the IoT devices on your home network
  • when they exchange data with an external server
  • which servers they contact
  • whether those connections are secure

Nice find. I’ve long thought about a user friendly device you could add to your network, have it build a list of devices you know about, give them names (such as Dave’s Switch, or Emma’s Mac, etc.), then have it automatically report (send you a text, perhaps) whenever a new, unknown device hopped onto your network.

To extend that idea, how about adding in the ability to detect cellular communications, within a short radius, reporting on those devices as well.

There are lots of solutions out there that do some of these things, but none I’ve found that do all of them, and none in a particularly friendly, efficient way. Please do weigh in if you know of something along these lines.

In the meantime, this Princeton tool is a nice one to explore. Though it’s not part of the Mac App Store, so do so at your own risk.

∞ Read this on The Loop

[Comments] [The Loop]

Facebook’s auto-captions for a recent launch video are hilariously bad

An Antares rocket built by Northrop Grumman launched on Wednesday afternoon, boosting a Cygnus spacecraft with 3.4 tons of cargo toward the International Space Station. The launch from Wallops Island, Virginia, went flawlessly, and the spacecraft arrived at the station on Friday.

However, when NASA’s International Space Station program posted the launch video to its Facebook page on Thursday, there was a problem. Apparently the agency’s caption service hadn’t gotten to this video clip yet, so viewers with captions enabled were treated not just to the glory of a rocket launch, but the glory of Facebook’s automatically generated crazywords. As of Thursday morning, 86,995 people had watched the Facebook video.

Some of the captions are just hilariously bad. For example, when the announcer triumphantly declares, “And we have liftoff of the Antares NG-11 mission to the ISS,” the automatically generated caption service helpfully says, “And we have liftoff of the guitarist G 11 mission to the ice sets.”

Read 4 remaining paragraphs | Comments

[Link] [Ars Technica]

Doctors Used HIV To Develop Cure For ‘Bubble Boy’ Disease

An anonymous reader quotes a report from the BBC: U.S. scientists say they used HIV to make a gene therapy that cured eight infants of severe combined immunodeficiency, or “bubble boy” disease. The babies, born with little to no immune protection, now have fully functional immune systems. Untreated babies with this disorder have to live in completely sterile conditions and tend to die as infants. The gene therapy involved collecting the babies’ bone marrow and correcting the genetic defect in their DNA soon after their birth. The “correct” gene — used to fix the defect — was inserted into an altered version of one of HIV, the virus that causes AIDS. Researchers said most of the babies were discharged from the hospital within one month. Dr Ewilina Mamcarz of St Jude, an author of the study, said in a statement: “These patients are toddlers now, who are responding to vaccinations and have immune systems to make all immune cells they need for protection from infections as they explore the world and live normal lives. This is a first for patients with SCID-X1 (the most common type of SCID).” The study was published in the New England Journal of Medicine.

Read more of this story at Slashdot.

2019-04-19T13:00:00+00:00 [Slashdot]

Hubble gets crabby for its 29th anniversary

Next week marks the 29th anniversary of the launch of the Hubble Space Telescope into orbit. On April 24, 1990, the Space Shuttle Discovery roared into space, and just one day later, astronaut — and, fittingly, astronomer — Steve Hawley used the Canadarm to grasp Hubble, pull it from the payload bay, and deploy it into its own orbit around Earth.

To say it revolutionized astronomy is to ridiculously understate the case. And to this day, nearly three decades later, I still wonder if its biggest impact is on the public perception of astronomy.

After all, you don’t have to understand much about science to gasp out loud at an image like this:

The Southern Crab nebula, a huge structure caused by the winds of a dying star. Credit: NASA, ESA, and STScI

The Southern Crab nebula, a huge structure caused by the winds of a dying star. Credit: NASA, ESA, and STScI

That is the Southern Crab, aka Henize 2-104, a nebula something like 12,000 light years away that is flamboyantly announcing the location of a star on the thin hairy edge of dying… and it’s previously demised companion, which plays an important role, too.

First off, the nickname “Southern Crab” is an homage to the Crab Nebula, one of the most famous objects in the sky… that also happens to look nothing like a crab. At least this one really does look like one! Kinda. I mean, the big arcs resemble crab legs. Sorta. Really it’s more like an hourglass.

But what is it?

Although the details are hard to pin down, there’s a general idea of how this works. In the very center of this object is a pair of stars. Both of them were once very much like the Sun, but not any more. One is a white dwarf, the remnants of a Sun-like star that used up all its nuclear fuel, puffed up into a red giant, blew off its outer layers, and exposed its hot, dense, tiny core to space. It plays a key role here as the engine that made this nebula… but the other star was the gas tank. Literally.

The other star is a red giant, a star that is almost done using up its nuclear fuel. Complicated reactions in its core have bloated it up to something like 500 times the Sun’s size, and it’s blasting out radiation at a rate thousands of times the Sun’s, too. If it ever had any planets, they’re either cooked by its heat or consumed by its growth.

Artist's drawing of the RS Ophiuchi system, a recurring nova, where a white dwarf is accumulating matter from a star orbiting it. Credit: David Hardy & PPARC

Artist’s drawing of the RS Ophiuchi system, a symbiotic star and recurring nova, where a white dwarf is accumulating matter from a star orbiting it. Credit: David Hardy & PPARC

It’s also blowing out a tremendous wind of dusty material, choked with grains of silicates (rock) and carbon. This material is so thick and opaque it blocks our view of the star almost entirely. A lot (but not all) of it winds up circling the white dwarf, forming a flattened disk called an accretion disk. As it whirls around the dwarf it gets very hot and very bright. This disk is small, probably less than a million kilometers across.

The two stars orbit each other with a period of roughly 30 years, putting them a couple of billion kilometers apart. As material flows out from the red giant, the centrifugal force from the orbital motions of the two stars means this material tends to get ejected in the plane of the orbit. This forms a dense, thick disk around both of them (though in detail probably more like a torus or donut shape), so it’s billions of kilometers across.

But then deep inside the red giant, disaster. The physics is quite complicated (if you’re curious, I have a detailed description in my book “Death from the Skies!” in the chapter “The Death of the Sun”), but the amount of energy generated in the red giant’s core is extremely sensitive to temperature. Any hiccup inside winds up creating chaos and vast amounts of energy very rapidly. This is called a thermal pulse: Something tips the scales, and a huge blast of energy erupts from the red giant.

This paroxysm makes its way to the surface, causing a huge belch of gas and dust from the star. This is like turning a hose spigot all the way up: Material starts to flow down onto the white dwarf’s accretion disk a lot more rapidly. The disk gets so hot and energetic that it can reverse the flow, blasting this material away at high speed.

This ejected stuff wants to expand away in all directions, but can’t because of that thick disk surrounding both stars. So it goes up and down, away from the equatorial plane, two colossal bubbles expanding outward. As it slams into material already there it breaks up into knots and clumps (due to the Rayleigh-Taylor instability, which happens a lot in expanding gas in space). That is what formed those big outer arcs of the hourglass; we’re seeing the edges of the two bubbles. We don’t see the outer edge possibly because that part has become disrupted entirely (causing the fringes at the outer edge).

But there’s more. See those two blobs at opposite ends of the bubbles? Those may be winds that were focused into beams (astronomers call them jets) by the strong magnetic field of the white dwarf’s accretion disk. This is known to occur in other systems, so it makes sense as part of the picture here. They tend to be faster than other material, so they’re farther out.

Eventually, perhaps after a century or three, things calm down (although the timing of this is somewhat arguable). The winds from the red giant slow, the garden hose of material aimed at the white dwarf slows, and the system settles. But there’s still a wind from the giant onto the dwarf, which still has a hot accretion disk. So some of the wind material is still ejected, but much more slowly. It also forms an hourglass figure, but smaller and brighter due to being thicker. If you look closely at the inner hourglass you’ll see some circular features along the edge; those may be where sudden small outbursts ejected a bit more material for a brief time.

When did all this happen? Well, the big hourglass is probably about 9 light years end-to-end (which is crushingly enormous). Looking at how rapidly the gas is expanding, astronomers put a date on all this of about 5,700 years ago! That’s very recent, astronomically speaking.

Happy anniversary, Hubble! Credit: NASA / mi_brami, Open Clip Art Library

Happy anniversary, Hubble! Credit: NASA / mi_brami, Open Clip Art Library

Which brings up an important point: This structure won’t last long. As huge and bright as it is, it’s gossamer and ephemeral. In a few thousand more years it’ll expand away, fading as it does, and it will disappear.

… but maybe only to be resurrected. Stars like the red giant typically undergo several thermal pulses, each one blasting off a significant part of the star’s outer layers. This may be the first in that series, or in any case not the last one. If so, in a hundred thousand years it may all happen again.

But at some point the red giant will run out of stuff. It’ll blow its entire outer shell into space, revealing its core: A white dwarf, much like its companion. At that point, the two dead stars will circle one another, cool off after a trillion years or so, and, well that’ll be that*.

So take a good look at this image while you can. By Hubble’s 29,000th anniversary, it’ll be gone.


*To be pedantic they’ll actually slowly spiral in to each other, eventually merging and exploding in what’s called a Type I supernova. But that’s not likely to happen for something like a trillion trillion trillion years (honestly, I don’t know how many trillions, but it’s a lot of them), so I figure it’s safe to not worry about that for now.

[Link] [Bad Astronomy]

UK comms watchdog mulls 5G tweaks: Operators want moooooar power

Oh and remove the guard bands, would you Ofcom?

Ofcom is amenable to technical tweaks that mobile operators have requested to 5G rules, launching a consultation yesterday.…

2019-04-19T12:40:13Z [The Register]

Kostenloses Musik-Streaming mit Alexa und Google-Lautsprechern

Amazon und Google haben werbefinanzierte Streaming-Angebote für Nutzer gestartet, die Geräte mit ihren Assistenten nutzen.

2019-04-19T14:36:00+02:00 [heise online News]

Unexpected protection added to Microsoft Edge subverts IE security

Unexpected protection added to Microsoft Edge subverts IE security

Enlarge (credit: Brian Smithson / Flickr)

A researcher has uncovered strange and unexpected behavior in Windows 10 that allows remote attackers to steal data stored on hard drives when a user opens a malicious file downloaded with the Edge browser.

The threat partially surfaced last week when a different researcher, John Page, reported what he called a flaw in Internet Explorer. Page claimed that when using the file manager to open a maliciously crafted MHT file downloaded with Internet Explorer, the browser uploaded one or more files to a remote server. According to Page, the vulnerability affected the most recent version of IE, version 11, running on Windows 7, Windows 10, and Windows Server 2012 R2 with all security updates installed. (It’s no longer clear whether any OS other than Windows 10 is affected, at least for some users. More about that in a moment.)

Below this paragraph in Page’s post was a video demonstration of the proof-of-concept exploit Page created. It shows a booby-trapped MHT file triggering an upload of the host computer’s system.ini file to a remote server. Interestingly, while Page’s post says his exploit is triggered when the malicious file is downloaded by IE, and makes no mention of Edge at all, the video shows the file being downloaded with the newer Microsoft browser.

Read 15 remaining paragraphs | Comments

[Link] [Ars Technica]

Spiele-Engine Unity 2019.1 bringt produktionsreifen Shader Graph

Neben mehr als 280 neuen Funktionen und Verbesserungen hat auch die Lightweight Render Pipeline (LWRP) den Preview-Status verlassen.

2019-04-19T13:34:00+02:00 [heise online News]

Iron Man VR preview makes me want to put on nerdy headgear again

Trailer for PSVR game Marvel’s Iron Man VR

AUSTIN, Texas—In some ways, I am the worst candidate among the Ars Technica gaming braintrust to demo the world premiere of Iron Man VR, a video game slated to launch on PlayStation VR by the end of this year. I have never used a PSVR, let alone any VR headset between the pricey HTC Vive and the build-it-yourself Nintendo Labo VR. And I’m an inconsistent Marvel movie follower at best. If we don’t count the early 2000s Spider-Man trilogy, Black Panther is my only MCU reference point.

But maybe that actually makes me the best candidate to fake like Tony Stark via a bulky headset. There is no veneer of VR snobbery to rely on. Instead, I had simple questions: Is this fun? Would I do it again, and for longer?

After a 20-minute(ish) flight test with a rep from the devs at Camouflaj (the studio behind the upcoming PSVR game) nearby, I can still confidently say the old X-Men co-op arcade cabinet remains my favorite Marvel game of all-time. But I would absolutely be down to fly around a bit more in Iron Man’s ruby-red armor soon, which is probably good news for millions of VR and Marvel novices who might be intrigued by the possibility of becoming their own living-room Iron Person.

Read 13 remaining paragraphs | Comments

[Link] [Ars Technica]

Millionen von Instagram-Zugangsdaten kompromittiert

Ende März hatte Facebook eine Datenpanne zunächst kleingeredet. Nun gibt der Konzern zu: Statt “Zehntausende” sind “Millionen” von Instagram-Nutzern betroffen.

2019-04-19T13:25:00+02:00 [heise online News]

Rocket Report: A new Delta 2, Blue Origin inks with NASA, a fiery Falcon Heavy

The Rocket Report is published weekly.

Enlarge / The Rocket Report is published weekly. (credit: Arianespace)

Welcome to Edition 1.45 of the Rocket Report! This week, half of our stories concern the biggest rockets on the planet, from Blue Origin engine tests at Marshall Space Flight Center to NASA’s efforts to accelerate development of the Space Launch System.

As always, we welcome reader submissions, and if you don’t want to miss an issue, please subscribe using the box below (the form will not appear on AMP-enabled versions of the site). Each report will include information on small-, medium-, and heavy-lift rockets as well as a quick look ahead at the next three launches on the calendar.

Stratolaunch flies for the first time. The world’s largest airplane, nicknamed Roc, took to the skies for the first time on Saturday, April 13. The flight lasted 150 minutes, during which time the aircraft reached a maximum of 15,000 feet and a top speed of 189mph, Parabolic Arc reports. Backed by Microsoft-co-founder Paul Allen and built by Burt Rutan’s Scaled Composites, the aircraft is designed to air-launch satellites using boosters carried on the wing between its two fuselages.

Read 26 remaining paragraphs | Comments

[Link] [Ars Technica]

Aussies, Yanks may think they’re big drinkers – but Brits easily booze them under the table

Isssh nothing to be proud of, hic, hic. Shame again pleesh

The top ten per cent of Australia’s boozy population downs more than half of the alcohol consumed in the country, according to new research – and the Brits are even worse.…

2019-04-19T10:59:05Z [The Register]

Über 500 Beamte kümmern sich künftig um Speicherung von Fluggastdaten

Um Verbrechen zu verhindern oder zu verfolgen, wertet eine Software die gesammelten Fluggastdaten aus. Doch auch viele Beamte sind damit beschäftigt.

2019-04-19T12:28:00+02:00 [heise online News]

Nur 140 Euro: 4K/UHD-Player Panasonic DP-UB154 im Test

Der Panasonic 4K/UHD-Blu-ray-Player DP-UB154 ist ein unkomplizierter Einstiegsplayer mit hoher Kompatibilität, guter Bedienbarkeit und günstigem Preis.

2019-04-19T12:03:00+02:00 [heise online News]

BlackBerry Messenger To Shut Down In May

The consumer version of Blackberry Messenger is shutting down May 31. CNET reports: Emtek, the company BlackBerry partnered with in 2016 to run the consumer version of the messaging app, said in a blog post Thursday that the technology industry is “very fluid” and despite “substantial efforts,” users have moved on to other platforms. “We poured our hearts into making this a reality, and we are proud of what we have built to date,” Emtek said. Mark Wilson, BlackBerry’s chief marketing officer, said that though the company is disappointed, BBM users won’t be without a secure messaging platform. They can now go to the Google Play store to download BBMe, the enterprise version of the app that BlackBerry continues to run. The app will be free the first year. Then a 6-month subscription will cost $2.49. BlackBerry is working on an iOS app.

Read more of this story at Slashdot.

2019-04-19T10:00:00+00:00 [Slashdot]

Strong-willed field support op holds it together during painful customer call

Are you… Are you sure that we make this machine, sir?

On Call  Roll up, roll up, to the best part of your day, nay, your week – On Call, where Reg readers share Eureka moments and gleeful memories in tech support.…

2019-04-19T09:58:07Z [The Register]

Microsoft gibt ISO für Windows 10 V1903 auf MSDN frei

Microsoft hat am 18. April überraschend die Installationsdateien des Windows 10 Mai 2019 Update für MSDN-Abonnenten freigegeben.

2019-04-19T11:50:00+02:00 [heise online News]

UNO-Organisation warnt: Heimarbeit kann krank machen

Wer morgens nicht ins Büro muss, sondern vom Sofa aus arbeiten kann, findet das meist sehr angenehm. Doch birgt Heimarbeit auch Risiken für die Gesundheit.

2019-04-19T11:49:00+02:00 [heise online News]

CloudBees baut Continuous Delivery durch Übernahme von Electric Cloud aus

Ergänzend zum eigenen CI/CD-Portfolio sollen die Electric-Cloud-Dienste CloudBees zu einem Komplettanbieter für Software Delivery Management (SDM) machen.

2019-04-19T11:15:00+02:00 [heise online News]

#TGIQF: Die große Easter-Egg-Suche

Kurz vor Ostern gibt es auch bei uns Easter Eggs, die viele Entwickler in ihren Programmen verstecken. Wie viele Easter Eggs entdecken Sie in unserem Quiz?

2019-04-19T11:11:00+02:00 [heise online News]

Deutsche Industrie setzt auf eigene 5G-Campusnetze

Die 5G-Auktion neigt sich allmählich dem Ende entgegen. Einen Teil hält die Bundesnetzagentur für Unternehmen außerhalb der Mobilfunkbranche zurück.

2019-04-19T11:00:00+02:00 [heise online News]

Hands off Brock! EFF pleads with Google not to kill its Privacy Badger with its Manifest destiny

It’s not hard, we just need some coding tweaks to make sure Privacy Badger stays sane

In an effort to discourage Google from breaking or hobbling content blocking and privacy Chrome Extensions, the Electronic Frontier Foundation on Wednesday presented the Chocolate Factory with a modest wish list [PDF] to guide the company’s ongoing API revision.…

2019-04-19T08:31:11Z [The Register]

Milky Way in Northern Spring

A postcard from planet Earth, this springtime night skyscape looks over Alandan lake in the Alborz mountains. Taken after local midnight on April 17, the central Milky Way is rising over the region’s southeast horizon. Its luminous track of stars and nebulae along the plane of our galaxy are reflected in the mirror-like lake. The brightest celestial beacon mingled with the diffuse galactic starlight is Jupiter. Slightly dimmer, Saturn is below and left just above the mountains. As spring brought leaves to the trees and the galactic center to the northern night the photographer found it also gave frogs their voices, heard like a melody across the calm water.

[Astronomy Picture of the Day]

011418

[Userfriendly]

Old-school cruel: Dodgy PDF email attachments enjoying a renaissance

Let’s go back… way back

The last few months have seen a big increase in malware attacks using PDF email attachments, according to security firm SonicWall.…

2019-04-19T07:06:03Z [The Register]

Complaints About Wally

[Dilbert]

86c3a140278701378982005056a9545d

[Calvin & Hobbes]

2019-04-19

[Garfield]

Digitales Filmfestival: Die Hauptschlagader der Berlinale ist aus Glas

Nach dem Festival ist vor dem Festival: Vom umstrittenen Berlinale-Leiter Dieter Kosslick bleibt auf jeden Fall die Digtalisierung des Filmfestivals.

2019-04-19T09:00:00+02:00 [heise online News]

TESS Discovers Its First Earth-Sized Planet

Iwastheone shares a report from MIT News: NASA’s Transiting Exoplanet Survey Satellite, TESS, has discovered its first Earth-sized exoplanet. The planet, named HD 21749c, is the smallest world outside our solar system that TESS has identified yet. In a paper published today in the journal Astrophysical Journal Letters, an MIT-led team of astronomers reports that the new planet orbits the star HD 21749 — a very nearby star, just 52 light years from Earth. The star also hosts a second planet — HD 21749b — a warm “sub-Neptune” with a longer, 36-day orbit, which the team reported previously and now details further in the current paper. The new Earth-sized planet is likely a rocky though uninhabitable world, as it circles its star in just 7.8 days — a relatively tight orbit that would generate surface temperatures on the planet of up to 800 degrees Fahrenheit. The discovery of this Earth-sized world is nevertheless exciting, as it demonstrates TESS’ ability to pick out small planets around nearby stars. In the near future, the TESS team expects the probe should reveal even colder planets, with conditions more suitable for hosting life. Slashdot reader RockDoctor shares a link to the paper at Arxiv, adding: The ‘b’ object in the system (the largest perturbation on the star’s light) is estimated at 2.61*Radius_earth, and 22.7*Mass_earth for a surface gravity of 3.332*littleG_Earth. If it has a “surface” in any recognizable sense rather than gradual transitions between gas mixtures, liquid mixtures, and the digested remains of any “metals” (lithium or higher, as the astronomers say). The ‘c’ object is more poorly constrained. The authors give a radius (0.892*Radius_earth, derived from the depth of the eclipses), but only put an upper limit on the mass at The TESS mission has a Science Requirement “of providing 50 transiting planets smaller than 4*Radius_earth with measured masses,” and the ‘b’ planet fits that criterion, but the ‘c’ planet does not, yet, have a well-enough constrained mass. Keep on catching planets!

Read more of this story at Slashdot.

2019-04-19T07:00:00+00:00 [Link] [Slashdot]

Error’d: On Second Thought, I’ll Just Go Back to Bed

Gordon S. wrote, “In seeing how someone botched the deployment of Windows on the flight boards, I sure hope that’s ALL that admin was allowed to work on.”

 

“This is the login page for the French health insurance system. The red text says ‘The Ameli portal will be unavailable from the 01/02/2003 to the 04/05/2006’,” Joelle wrote, “Three years of maintenance downtime may seem a bit excessive, but at least they’ve chosen a time slot that will not affect many users.”

 

Eric writes, “Somehow I don’t think giving your card number as **Bunch_of_numbers** will work here.”

 

“Charlotte Airport is here to remind us all that it’s the computers, not the airplanes, that crash,” David B. writes.

 

“I can see it now - a long time ago, someone named Craig hurt the BBC’s web servers and now, it works tirelessly to ignore me,” wrote Craig K.

 

“Was it helpful? Umm…was it anything?” Ian wrote.

 

[Advertisement] Otter - Provision your servers automatically without ever needing to log-in to a command prompt. Get started today!

[Link] [The Daily WTF]

Seehofers Geheimdienstgesetz: Die Abrissbirne für die Grundrechte

Der Plan von Innenminister Seehofer, die Geheimdienste etwa mit Staatstrojanern aufzurüsten, atmet Orwellschen Geist, analysiert Stefan Krempl.

2019-04-19T08:15:00+02:00 [heise online News]

Source Code of Iranian Cyber-Espionage Tools Leaked on Telegram

In an incident reminiscent of the Shadow Brokers leak that exposed the NSA’s hacking tools, someone has now published similar hacking tools belonging to one of Iran’s elite cyber-espionage units, known as APT34, Oilrig, or HelixKitten. From a report: The hacking tools are nowhere near as sophisticated as the NSA tools leaked in 2017, but they are dangerous nevertheless. The tools have been leaked since mid-March on a Telegram channel by an individual using the Lab Dookhtegan pseudonym. Besides hacking tools, Dookhtegan also published what appears to be data from some of APT34’s hacked victims, mostly comprising of username and password combos that appear to have been collected through phishing pages. ZDNet was previously aware of some of these tools and victim data after this reporter received a tip in mid-March. In a Twitter DM, a Twitter user shared some of the same files that were discovered today on Telegram, and we believe that this Twitter user is the Telegram Lab Dookhtegan persona.

Read more of this story at Slashdot.

2019-04-19T05:30:00+00:00 [Slashdot]

Spiegellose Vollformatkamera Canon EOS RP im Praxistest

Die EOS RP ist Canons Einsteigerkamera für das spiegellose Vollformat. In einem Praxistest untersuchen wir die Stärken und Schwächen des Modells.

2019-04-19T07:30:00+02:00 [heise online News]

Losung

Karfreitag

Gott hat mich wachsen lassen in dem Lande meines Elends.

1. Mose 41,52

Einer der Übeltäter, die am Kreuz hingen, sprach: Jesus, gedenke an mich, wenn du in dein Reich kommst! Und Jesus sprach zu ihm: Wahrlich, ich sage dir: Heute wirst du mit mir im Paradies sein.

Lukas 23,42-43

Global Attention Span Is Narrowing and Trends Don’t Last As Long, Study Reveals

An anonymous reader quotes a report from The Guardian: It’s just as you suspected; the information age has changed the general attention span. A recently published study from researchers at the Technical University of Denmark suggests the collective global attention span is narrowing due to the amount of information that is presented to the public. Released on Monday in the scientific journal Nature Communications, the study shows people now have more things to focus on — but often focus on things for short periods of time. The researchers studied several modes of media attention, gathered from several different sources, including (but not limited to): the past 40 years in movie ticket sales; Google books for 100 years; and more modernly, 2013 to 2016 Twitter data; 2010 to 2018 Google Trends; 2010 to 2015 Reddit trends; and 2012 to 2017 Wikipedia attention time. The researchers then created a mathematical model to predict three factors: the “hotness” of the topic, its progression throughout time in the public sphere and the desire for a new topic, said Dr Philipp Hovel, an applied mathematics professor of University College Cork in Ireland. The empirical data found periods where topics would sharply capture widespread attention and promptly lose it just as quickly, except in the cases of publications like Wikipedia and scientific journals. For example, a 2013 Twitter global trend would last for an average of 17.5 hours, contrasted with a 2016 Twitter trend, which would last for only 11.9 hours.

Read more of this story at Slashdot.

2019-04-19T03:30:00+00:00 [Slashdot]

In Kākāpō breeding season news…

In Kākāpō breeding season news…

I posted on MetaFilter about this year’s record-breaking Kākāpō breeding season.

2019-04-19T03:11:34+00:00 [Simon Willison’s Weblog]

Exploring Neural Networks with Activation Atlases

Exploring Neural Networks with Activation Atlases

Another promising attempt at visualizing what’s going on inside a neural network.

2019-04-19T02:24:16+00:00 [Simon Willison’s Weblog]

The Mueller Report

We’ve all been bombarded by news alerts on Robert Mueller’s Special Counsel report today. I’ve spent most of my day reading it. I strongly suggest all of you do the same.

Yes, it’s effectively a book, and not a short one, but it is incredibly well written and structured. That’s not a surprise to me — we knew Mueller hired a team of excellent attorneys, and good lawyers are good writers. But the information density is very high — no summary or simple list of highlights can do it justice. It is 400+ pages not because it is padded with extraneous details or legal jargon, but because it contains 400+ pages of evidence and narrative. It reads almost like a novel.

And like any good novel, it begins with a bracing opening line:

The Russian government interfered in the 2016 presidential election in sweeping and systematic fashion.

 ★ 

2019-04-19T01:32:06Z [Daring Fireball]

Amazon Will No Longer Sell Chinese Goods In China

Amazon announced today that it will close its marketplace in China in the coming months, meaning Amazon customers in the country will no longer be able to buy goods from Chinese merchants. “Amazon did not explain why it was withdrawing its marketplace service, saying only it will instead focus on selling goods shipped from other countries into China,” reports CNN. From the report: “We are notifying sellers we will no longer operate a marketplace on Amazon.cn, and we will no longer be providing seller services on Amazon.cn effective July 18,” the company said in a statement. Amazon’s platform competes for Chinese sellers with Tmall, owned by the country’s e-commerce leader Alibaba. Users logging onto Amazon’s Chinese site after July 18 will see products sold from its global store, the company said. “Over the past few years, we have been evolving our China online retail business to increasingly emphasize cross-border sales, and in return we’ve seen very strong response from Chinese customers,” Amazon said. It will retain its other operations in China, such as cloud computing services. It will also continue to sell its Kindle e-readers and content in the country. “Amazon’s commitment to China remains strong. We have built a solid foundation here in a number of successful businesses and we will continue to invest and grow in China,” the company added.

Read more of this story at Slashdot.

2019-04-19T00:50:00+00:00 [Slashdot]

‘15 Months of Fresh Hell Inside Facebook’

Hard to summarize this massive Wired cover story by Nicholas Thompson and Fred Vogelstein other than that Facebook is a terrible company run by terrible people, particularly Mark Zuckerberg and Sheryl Sandberg. We all have a lot of reading on our hands with today’s release of Robert Mueller’s Special Counsel report, but this one is worth queuing up and setting time aside for. A few highlights:

In addition to general mendacity and capriciousness, Facebook decisions are often inept:

To define trustworthiness, the company was testing how people responded to surveys about their impressions of different publishers. To define news, the engineers pulled a classification system left over from a previous project — one that pegged the category as stories involving “politics, crime, or tragedy.”

That particular choice, which meant the algorithm would be less kind to all kinds of other news — from health and science to technology and sports — wasn’t something Facebook execs discussed with media leaders in Davos. And though it went through reviews with senior managers, not everyone at the company knew about it either. When one Facebook executive learned about it recently in a briefing with a lower- level engineer, they say they “nearly fell on the fucking floor.”

Zuckerberg was jealous of Instagram co-founder Kevin Systrom:

Systrom’s glowing press coverage didn’t help. In 2014, according to someone directly involved, Zuckerberg ordered that no other executives should sit for magazine profiles without his or Sandberg’s approval. Some people involved remember this as a move to make it harder for rivals to find employees to poach; others remember it as a direct effort to contain Systrom.

And vindictiveness:

At Wired, the month after an image of a bruised Zuckerberg appeared on the cover, the numbers were even more stark. One day, traffic from Facebook suddenly dropped by 90 percent, and for four weeks it stayed there. After protestations, emails, and a raised eyebrow or two about the coincidence, Facebook finally got to the bottom of it. An ad run by a liquor advertiser, targeted at Wired readers, had been mistakenly categorized as engagement bait by the platform. In response, the algorithm had let all the air out of Wired’s tires. The publication could post whatever it wanted, but few would read it. Once the error was identified, traffic soared back. It was a reminder that journalists are just sharecroppers on Facebook’s giant farm. And sometimes conditions on the farm can change without warning.

Who believes this was a coincidence? Anyone?

 ★ 

2019-04-19T00:28:40Z [Link] [Daring Fireball]

Why Juul and Republican Lawmakers Want To Raise the Minimum Vaping Age To 21

Senate Majority Leader Mitch McConnell announced a new bill today that would block all tobacco and vape purchases for Americans under 21 years old, citing widespread public health risks. Surprisingly, vaping companies don’t appear to be too concerned, as Juul’s CEO Kevin Burns issued this statement supporting the measure: “JUUL Labs is committed to eliminating combustible cigarettes, the number one cause of preventable death in the world and to accomplish that goal, we must restrict youth usage of vapor products. Tobacco 21 laws fight one of the largest contributors to this problem — sharing by legal-age peers — and they have been shown to dramatically reduce youth usage rates.” The Verge says it all has to do with Big Vape’s image: Over the past year, Juul has come under the FDA’s fire for its massive popularity among young people. So supporting a higher minimum age could help its image and take some of the regulatory pressure off. From an industry perspective, the move is fairly low risk since the product is already embedded in the population, and people under age 21 may already be addicted, says Kathleen Hoke, a law professor at the University of Maryland. “We can change this age to 21 but we’re going to have to work extraordinarily hard at the state and local level to actually get cigarettes or vape products or chew out of the hands of the 18 to 20 year olds,” she says. [T]he bill’s success will depend on how it’s crafted. Rob Crane, professor of family medicine at The Ohio State University and president of the Preventing Tobacco Addiction Foundation, is skeptical that it will really hold tobacco retailers responsible for selling to people who are underage. From the more than 450 cities and counties that have passed Tobacco 21 laws, “what we have found that does work is when you make local health departments under civil law do the enforcement,” he says. “For a rogue retailer that keeps on selling, there’s a risk of license suspension.” But if the law winds up penalizing convenience store clerks who sell vapes and tobacco products to kids, the retailer who’s profiting gets off scot-free, he says. In the end, Crane is skeptical of the motivations behind the bill, no matter what form it takes. “This is all a PR move to keep Juul out of the hot seat from the FDA.”

Read more of this story at Slashdot.

2019-04-19T00:10:00+00:00 [Link] [Slashdot]

‘Secrecy, Self-Dealing, and Greed at the N.R.A.’

Mike Spies, reporting for The New Yorker:

The N.R.A. and Ackerman have become so intertwined that it is difficult to tell where one ends and the other begins. Top officials and staff move freely between the two organizations; Oliver North, the former Iran-Contra operative, who now serves as the N.R.A.’s president, is paid roughly a million dollars a year through Ackerman, according to two N.R.A. sources. But this relationship, which in many ways has built the contemporary N.R.A., seems also to be largely responsible for the N.R.A.’s dire financial state. According to interviews and to documents that I obtained — federal tax forms, charity records, contracts, corporate filings, and internal communications — a small group of N.R.A. executives, contractors, and venders has extracted hundreds of millions of dollars from the nonprofit’s budget, through gratuitous payments, sweetheart deals, and opaque financial arrangements. Memos created by a senior N.R.A. employee describe a workplace distinguished by secrecy, self-dealing, and greed, whose leaders have encouraged disastrous business ventures and questionable partnerships, and have marginalized those who object. “Management has subordinated its judgment to the vendors,” the documents allege. “Trust in the top has eroded.”

Couldn’t happen to a nicer group of people.

 ★ 

2019-04-18T23:49:41Z [Daring Fireball]

We’ve read the Mueller report. Here’s what you need to know: ██ ██ ███ ███████ █████ ███ ██ █████ ████████ █████

Trump predicted he was ‘fucked’ – but he hadn’t reckoned on ██████████

Analysis  It’s 448 pages of which roughly 50 have been blacked out.…

2019-04-18T23:43:24Z [The Register]

The Source Code For All Infocom Text Adventure Classics Has Been Released

You can now download the source code of every Infocom text adventure game, thanks to archivist Jason Scott who uploaded the code to GitHub. “There are numerous repositories under the name historicalsource, each for a different game,” reports Ars Technica. “Titles include, but are not limited to, The Hitchhiker’s Guide to the Galaxy, Planetfall, Shogun, and several Zork games — plus some more unusual inclusions like an incomplete version of Hitchhiker’s sequel The Restaurant at the End of the Universe, Infocom samplers, and an unreleased adaptation of James Cameron’s The Abyss.” From the report: The code was uploaded by Jason Scott, an archivist who is the proprietor of textfiles.com. His website describes itself as “a glimpse into the history of writers and artists bound by the 128 characters that the American Standard Code for Information Interchange (ASCII) allowed them” — in particular those of the 1980s. He announced the GitHub uploads on Twitter earlier this week. The games were written in the LISP-esque “Zork Implementation Language,” or ZIL, which you could be forgiven for not being intimately familiar with already. Fortunately, Scott also tweeted a link to a helpful manual for the language on archive.org. Gamasutra, which first reported the news, notes that Activision still owns the rights to Infocom games and could request a takedown if it wanted.

Read more of this story at Slashdot.

2019-04-18T23:30:00+00:00 [Slashdot]

Facebook Says It ‘Unintentionally Uploaded’ 1.5 Million People’s Email Contacts Without Their Consent

Rob Price, reporting for Business Insider:

Facebook harvested the email contacts of 1.5 million users without their knowledge or consent when they opened their accounts.

Since May 2016, the social-networking company has collected the contact lists of 1.5 million users new to the social network, Business Insider can reveal. The Silicon Valley company said the contact data was “unintentionally uploaded to Facebook,” and it is now deleting them.

Again I will say what few in the media seem willing to: Facebook is a criminal enterprise.

And, as per my previous item, is anyone willing to bet that the actual number is a lot higher than 1.5 million?

 ★ 

2019-04-18T23:27:50Z [Daring Fireball]

Amazon and Google Both Launch Ad-Based ‘Free’ Music Tiers

Amazon:

And so, beginning today, customers in the U.S. who do not yet have a Prime membership or a subscription to Amazon Music Unlimited will now be able to listen to an ad-supported selection of top playlists and stations for free with Amazon Music on compatible Alexa-enabled devices.

Google:

Listening to music on your Google Home speaker right out-of-the-box seems too good to be true, right? It’s not! Starting today, YouTube Music is offering a free, ad-supported experience on Google Home speakers (or other Google Assistant-powered speakers).

Seems like the exact same thing from both companies: free streaming, but only using their respective smart speakers (so not on phones or computers), and with ads. Will be interesting to see just how many ads that is.

 ★ 

2019-04-18T23:25:09Z [Daring Fireball]

Facebook Updates Month-Old Post, Now Admits Millions, Not Thousands, of Instagram Passwords Were Stored in Plain Text

Kurt Wagner, writing for Recode:

On the same morning Special Counsel Robert Mueller’s report on Russian election interference finally became public, Facebook dropped some troubling news: Millions of Instagram users’ passwords were accidentally stored unencrypted on Facebook’s servers, which means Facebook employees could access them.

Facebook first announced late last month that it had stored hundreds of millions of user passwords unencrypted on its servers, a massive security problem. At the time, it said that “tens of thousands” of Instagram passwords were also stored in this way.

On Thursday morning, Facebook updated its blog to say that, actually, “millions” of Instagram users, not “tens of thousands,” were impacted:

Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format. We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed.

Me, a year ago, regarding Facebook’s initial public estimate of the number of accounts harvested by Cambridge Analytica:

Do you want to bet it’s actually a lot more than 87 million, and they’ll announce that bigger number in a few weeks? The drip-drip-drip PR strategy is an old trick, and Facebook utilizes it every time they have bad news involving a number of users. First they announce a low number, then a higher number, and then an even higher number. Notice that their mistakes always — always — start low and then go high. They never once announce that their original number was too high.

The fact that they announced this update number the same day the Mueller report was released is not a coincidence. PR is PR and every company looks to put bad news in as good a light as possible. But most companies don’t outright lie the way Facebook continuously does. They completely lack credibility at this point.

 ★ 

2019-04-18T23:13:20Z [Daring Fireball]

IBM Watson Health cuts back Drug Discovery ‘artificial intelligence’ after lackluster sales

And seemingly uses machine learning to explain why it’s kinda not but kinda is

IBM Watson Health is tapering off its Drug Discovery program, which uses “AI” software to help companies develop new pharmaceuticals, blaming poor sales.…

2019-04-18T23:07:10Z [The Register]

First Japan-Built Airliner In 50 Years Takes On Boeing and Airbus

An anonymous reader quotes a report from Bloomberg: More cities in Asia and Europe are seeking to link up with each other and the global air travel network. The Mitsubishi Regional Jet, the first airliner built in Japan since the 1960s, began certification flights last month in Moses Lake, Washington, to satisfy that demand. Mitsubishi Heavy Industries Ltd.’s new airliner is testing the skies just as rivals are moving to sell off their manufacturing operations for jets with up to 160 seats. Boeing is set to buy 80 percent of the Embraer SA’s commercial operations in a joint venture, while Bombardier last year sold control of its C Series airliner project to Airbus SE and is exploring “strategic options” for its regional-jet operations. At stake, particularly in the market for jets with fewer seats, is $135 billion in sales in the two decades through 2037, according to industry group Japan Aircraft Development Corp. With few seats and smaller fuselages, regional jets are a different class of aircraft from larger narrow-body planes such as Boeing’s 737 or Airbus’s A320. The MRJ has a range of about 2,000 miles, while a smaller variant can haul up to 76 people for about the same distance. A longtime supplier of aircraft components to Boeing, Mitsubishi Heavy is developing the MRJ to emerge from its customer’s shadow. After spending at least $2 billion over more than a decade, the manufacturer is looking to get its jet certified and start deliveries to launch partner ANA Holdings. Mitsubishi expects to have the plane ready for customers next year, a timetable that will test the company, said Mitsubishi Aircraft President Hisakazu Mizutani.

Read more of this story at Slashdot.

2019-04-18T22:50:00+00:00 [Link] [Slashdot]

Netflix Will Invest Up To $100 Million In a NYC Production Hub

Netflix is establishing an NYC production hub that will include six sound stages in Brooklyn and an expanded office in Manhattan’s Flatiron District. “It should create ‘hundreds of jobs’ (including 127 executive, marketing and production development roles) over the next five years, and should foster up to $100 million in investments, according to Governor Cuomo,” reports Engadget. From the report: The sound stages will also have the capacity for “thousands” of jobs, Cuomo said, although that’s likely to vary widely based on what’s in production at any given time. Not surprisingly, there are financial incentives attached to the move. The state is offering up to $4 million in tax credits over 10 years, although those are contingent on Netflix’s ability to both create the 127 promised office jobs and keep the 32 existing positions.

Read more of this story at Slashdot.

2019-04-18T22:10:00+00:00 [Slashdot]

2019-04-18

We reveal what’s inside Microsoft’s Azure Govt Secret regions… wait, is that a black helico–

Redmond hopes to lure Uncle Sam’s spy agencies, military away from Amazon

Microsoft has set up two new Azure cloud regions in the US – dubbed Azure Government Secret regions – to store data involving American national security. The services are in private preview, and are pending official government accreditation.…

2019-04-18T21:42:45Z [The Register]

In new gaffe, Facebook improperly collects email contacts for 1.5 million

In new gaffe, Facebook improperly collects email contacts for 1.5 million

Enlarge (credit: Getty Images)

Facebook’s privacy gaffes keep coming. On Wednesday, the social media company said it collected the stored email address lists of as many as 1.5 million users without permission. On Thursday, the company said the number of Instagram users affected by a previously reported password storage error was in the “millions,” not the “tens of thousands” as previously estimated.

Facebook said the email contact collection was the result of a highly flawed verification technique that instructed some users to supply the password for the email address associated with their account if they wanted to continue using Facebook. Security experts almost unanimously criticized the practice, and Facebook dropped it as soon as it was reported.

In a statement issued to reporters, Facebook wrote:

Read 7 remaining paragraphs | Comments

[Link] [Ars Technica]

Ask Slashdot: What’s a Good Chair For a Software Developer?

AmiMoJo writes: It’s time to buy a new chair so I’m turning to Slashdot for recommendations. The Herman Miller Aeron seems to be the go-to, much like the Model M for keyboards, but I’ve heard that there are some other good options on the market. I need something that is comfortable and durable — too many chairs get squeaky and loose because I can’t sit still and keep shifting my weight around. Many are difficult to maintain as well, e.g. the screws attacking the back are often under plastic attached with very stiff clips so you can’t easily give them a quick tighten. What does Slashdot recommend for my posterior? It’s been more than a decade since readers sought recommendations for a quality chair for desktop coding, or back-friendly chairs. In fact, it’s been almost two decades since a user inquired about the perfect computer chair. Hopefully office chairs have improved in quality/design since then…

Read more of this story at Slashdot.

2019-04-18T21:30:00+00:00 [Slashdot]

Microsoft buys Express Logic, adds a third operating system to its IoT range

Different-colored rolls of thread are lined next to each other.

Enlarge / Multi-threading. (credit: Jamie Golden / Flickr)

Not content with having a Windows-based Internet of Things platform (Windows 10 IoT) and a Linux-based Internet of Things platform (Azure Sphere), Microsoft has added a third option. The company has announced that it has bought Express Logic and its ThreadX real-time operating system for an undisclosed sum.

Real-time operating systems (RTOSes) differ from more conventional platforms in their predictability. With an RTOS, a developer can guarantee that, for example, interrupt handling or switching from one process to another takes a known, bounded amount of time. This gives applications strong guarantees that they’ll be able to respond in time to hardware events, timers, or other things that might make an application want to use the CPU. This predictability is essential for control applications; for example, ThreadX was used in NASA’s Deep Impact mission that hurled a large object at a comet. ThreadX was also used in the iPhone 4’s cellular radio controller, and ThreadX is embedded in the firmware of many Wi-Fi devices. These tasks need the determinism of an RTOS because there are timing constraints on how quickly they need to respond.

Linux can be built with various options to offer more predictable behavior and so can address some similar scenarios. But ThreadX has another big advantage up its sleeve: it’s tiny. A minimal ThreadX installation takes 2,000 bytes of storage and needs 1KB of RAM, far less than Linux can use. By way of comparison, Microsoft’s Sphere hardware (which uses a custom-designed ARM processor with various security features embedded) has 4MB of RAM for applications and 16MB of storage. There are an estimated 6.2 billion deployments of ThreadX running on several dozen different kinds of processor or microcontroller.

Read 3 remaining paragraphs | Comments

[Link] [Ars Technica]

Using the HTML lang attribute

Using the HTML lang attribute

TIL the HTML lang attribute is used by screen readers to understand how to provide the correct accent and pronunciation.

Via Lindsey Kopacz

2019-04-18T21:09:31+00:00 [Simon Willison’s Weblog]

Google rolls out Android Easter Egg for Europe – a Microsoft antitrust-style browser, search engine choice box

Now how about we forget that little $5bn fine, eh, mes amies? Meine Freunde? Mis amigos?

Android users across Europe are due a software update from Google today that will ask them to make a choice for the future of their smartphones and gadgets – which browser and search engine do you want to use?…

2019-04-18T20:56:37Z [The Register]

Ajit Pai Proposes Blocking China-Owned Telecom From US Phone Market

An anonymous reader quotes a report from Ars Technica: FCC Chairman Ajit Pai has proposed denying China Mobile USA’s application to offer telecom services in the U.S., saying the Chinese government-owned company poses a security risk. The FCC is scheduled to vote on an order to deny the application at its open meeting on May 9, and Pai yesterday announced his opposition to China Mobile entering the U.S. market. “After reviewing the evidence in this proceeding, including the input provided by other federal agencies, it is clear that China Mobile’s application to provide telecommunications services in our country raises substantial and serious national security and law enforcement risks,” Pai said. “Therefore, I do not believe that approving it would be in the public interest. I hope that my colleagues will join me in voting to reject China Mobile’s application.” China Mobile filed its application in 2011, and has repeatedly complained about the government’s lengthy review process. According to Pai’s announcement, China Mobile’s application sought authority “to provide international facilities-based and resale telecommunications services between the U.S. and foreign destinations.” In simpler terms, the company was seeking “a license to connect calls between the United States and other nations” and “was not seeking to provide domestic cell service and compete in the country with businesses like AT&T and Verizon,” The New York Times wrote yesterday. An FCC official told reporters that such calls “could be intercepted for surveillance and make the domestic network vulnerable to hacking and other risks,” the Times wrote.

Read more of this story at Slashdot.

2019-04-18T20:52:00+00:00 [Link] [Slashdot]

Facebook is working on an AI voice assistant similar to Alexa, Google Assistant

Facebook's Portal+ smart display.

Enlarge / Along with video chatting through Facebook Messenger, both Portal devices have built-in Amazon Alexa. (credit: Facebook)

Facebook is working on developing an AI voice assistant similar in functionality to Amazon Alexa, Google Assistant, or Siri, according to a report from CNBC and a later statement from a Facebook representative.

The CNBC report, which cites “several people familiar with the matter,” says the project has been ongoing since early 2018 in the company’s offices in Redmond, Washington. The endeavor is led by Ira Snyder, whose listed title on LinkedIn is “Director, AR/VR and Facebook Assistant at Facebook.” Facebook Assistant may be the name of the project. CNBC writes that Facebook has been reaching out to vendors in the smart-speaker supply chain, suggesting that Portal may only be the first of many smart devices the company makes.

When contacted for comment, Facebook sent a statement to Reuters, The Verge, and others, saying: “We are working to develop voice and AI assistant technologies that may work across our family of AR/VR products including Portal, Oculus, and future products.”

Read 4 remaining paragraphs | Comments

[Link] [Ars Technica]

Facebook passwords for hundreds of millions of users were exposed to Facebook employees

Facebook is the Samsung of social media. They just can’t stop shooting themselves in the feet. Unlike Samsung, their screw ups can create a lot more damage.

∞ Read this on The Loop

[Comments] [The Loop]

MoviePass Has Lost Over 90% of Its Subscribers in Less Than a Year, Leaked Documents Reveal

MoviePass users apparently hit the exits en masse after it scaled back the number of movies users could see each month. From a report: The flailing cinema-subscription provider has seen its subscriber rolls plunge from a peak of more than 3 million to just 225,000 in under a year, according to a new report. The numbers were reported by Business Insider, which cited “internal data” it had obtained. Asked for comment, a MoviePass spokeswoman declined to confirm the subscriber figure. In June 2018, MoviePass claimed it had signed up more than 3 million subscribers for its $9.95 monthly plan, which let customers see one movie every single day. But that proved unsustainable, and MoviePass was forced to change that to a three-movies-per-month plan. In August 2018, MoviePass began to convert subscribers on annual subscription plans to the three-movies-per-month subscription plan, by giving annual subscribers the option to either cancel or refund their annual subscription or continue on the new three-movies-per-month subscription plan.

Read more of this story at Slashdot.

2019-04-18T20:11:00+00:00 [Slashdot]

The Dirty Truth About Green Batteries

If we’re going to avoid the worst consequences of climate change, we’ll need an energy revolution. But there’s a big problem. Making that future a reality will, among other things, require a lot of batteries: batteries to charge our electric cars; batteries to store solar power collected while the sun’s up and wind power harnessed when it’s gusty out. And as a new report by researchers at the University of Technology Sydney warns, that’s likely to drive demand for the metals used to build green batteries — as well as wind turbines and solar panels — through the roof. From a report: In other words the clean tech boom is, at least in the short term, likely to fuel a mining boom. And that won[‘t come without cost. “We already know about the environmental, social, and human rights impacts extraction is posing to front line communities right now,” Payal Sampat, mining program director at Earthworks, which commissioned the new report, told Earther. “It’s kind of unimaginable to think about… how it would be considered sustainable to scale up those impacts that many fold and still be reaping benefits.” Much like our smartphones and computers, the high-tech energy infrastructure of tomorrow requires a host of metals and minerals from across the periodic table and the planet. The lithium-ion batteries used in EVs and energy storage require not just lithium, but often cobalt, manganese, and nickel. Electric vehicle engines rely on rare earths, as do the permanent magnet-based generators inside some wind turbines. Solar panels gobbles up a significant share of the world’s supply of tellurium, and gallium, along with a sizable fraction of mined silver and indium. Most renewable technologies demand heaps of copper and aluminum.

Read more of this story at Slashdot.

2019-04-18T19:30:00+00:00 [Link] [Slashdot]

Idiot admits destroying scores of college PCs using USB Killer gizmo, filming himself doing it

MBA grad faces hefty fine, jail time after zapping computer, display, equipment mobos

A former student at a $32,000-a-year private New York college pleaded guilty this week to destroying 66 computers on its campus.…

2019-04-18T19:07:13Z [The Register]

IBM Halting Sales of Watson AI Tool For Drug Discovery Amid Sluggish Growth

Citing lackluster financial performance, IBM is halting development and sales of a product that uses its Watson AI software to help pharmaceutical companies discover new drugs, news outlet Stat reported on Thursday, citing a person familiar with the company’s internal decision-making. From the report: The decision to shut down sales of Watson for Drug Discovery marks the highest-profile retreat in the company’s effort to apply artificial intelligence to various areas of health care. Last year, the company scaled back on the hospital side of its business, and it’s struggled to develop a reliable tool to assist doctors in treating cancer patients. In a statement, an IBM spokesperson said, “We are focusing our resources within Watson Health to double down on the adjacent field of clinical development where we see an even greater market need for our data and AI capabilities.” Further reading: IBM Pitched Its Watson Supercomputer as a Revolution in Cancer Care. It’s Nowhere Close (September 2017); IBM Watson Reportedly Recommended Cancer Treatments That Were ‘Unsafe and Incorrect’ (July 2018).

Read more of this story at Slashdot.

2019-04-18T18:51:00+00:00 [Slashdot]

Dealmaster: A number of big-name video games are discounted today

Dealmaster: A number of big-name video games are discounted today

Enlarge (credit: Ars Technica)

Greetings, Arsians! The Dealmaster is back with another round of deals to share, and a number of high-profile video games all happen to be discounted at the same time today.

You can see the full selection of deals below, but a good chunk of what we’ve found includes games that launched within the past six or seven months. A few highlights include Marvel’s Spider-Man available for $30, which is a $10 discount, and Kingdom Hearts III available for $40, which is $20 off. Super Smash Bros. Ultimate is still $10 off, as is Devil May Cry 5, which released to acclaim just last month. Red Dead Redemption 2Assassin’s Creed Odyssey, Resident Evil 2, and Call of Duty: Black Ops 4 are all currently slashed as well.

Note that most of these sales focus on consoles and cover physical copies instead of digital download codes. Just about every video game drops in price after a little while on the market, so if you’re not aching to pick up anything below, we’re likely to see each fall a few bucks further in the coming months. But if you missed out on one of these games at launch and have been curious to give it a try, this might be a good time to jump aboard.

Read 2 remaining paragraphs | Comments

[Link] [Ars Technica]

Who’s using Mueller Report Day to bury bad news? If you guessed Facebook, you’re right: Millions more passwords stored in plaintext

Wham, bam, gee thanks, Instagram

While journalists and netizens are distracted digesting the redacted 400-plus-page Mueller report, released within the past few hours, today will be a good day for spin doctors to bury bad news.…

2019-04-18T18:23:51Z [The Register]

How Zoom’s web client avoids using WebRTC

How Zoom’s web client avoids using WebRTC

It turns out video conferencing app Zoom uses their own WebAssembly compiled video and audio codecs and transmits H264 over WebSockets.

Via @simonw

2019-04-18T18:20:16+00:00 [Simon Willison’s Weblog]

Facebook Quietly Updates Last Month’s Security Disclosure To Add That ‘Millions’ of Instagram Users Are Also Impacted

Last month, Facebook disclosed that hundreds of millions of users on its platform had their account passwords stored in plain text — in some cases going back to 2012 — and searchable by thousands of Facebook employees. Today, the company quietly updated that blog post to reveal that Instagram users are also impacted. It said, in the update: Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format. We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed.

Read more of this story at Slashdot.

2019-04-18T18:13:00+00:00 [Slashdot]

Idris Elba steals the show as “Black Superman” in Hobbs and Shaw trailer

Hobbs and Shaw trailer.

Universal Pictures dropped a second trailer for the studio’s forthcoming Hobbs and Shaw, the first spinoff of its wildly popular Fast and Furious franchise. It looks like it will be the perfect summer popcorn movie, with ludicrous over-the-top action, Idris Elba stealing every scene as a cocky super-soldier, and the lovable, wisecracking duo of Hobbs and Shaw putting aside their differences yet again to save the world.

(Spoilers for some of the prior films in Fast and Furious franchise below.)

The first film in the series, The Fast and the Furious, debuted in 2001, and it focused on an undercover cop (the late Paul Walker) taking on a group of car hijackers led by Vin Diesel’s Dominic Toretto. It earned more than $200 million worldwide against its relatively modest $38 million budget, so the film was followed by seven equally successful sequels and two short tie-in films. It’s now Universal Pictures’ most successful franchise of all time, grossing more than $5 billion worldwide. This juggernaut shows no signs of stopping: the ninth and tenth films are already in development, slated for release in April 2020 and 2021, respectively.

Read 4 remaining paragraphs | Comments

[Link] [Ars Technica]

Wipro Intruders Targeted Other Major IT Firms

The crooks responsible for launching phishing campaigns that netted dozens of employees and more than 100 computer systems last month at Wipro, India’s third-largest IT outsourcing firm, also appear to have targeted a number of other competing providers, including Infosys and Cognizant, new evidence suggests. The clues so far suggest the work of a fairly experienced crime group that is focused on perpetrating gift card fraud.

On Monday, KrebsOnSecurity broke the news that multiple sources were reporting a cybersecurity breach at Wipro, a major trusted vendor of IT outsourcing for U.S. companies. The story cited reports from multiple anonymous sources who said Wipro’s trusted networks and systems were being used to launch cyberattacks against the company’s customers.

In a follow-up story Wednesday on the tone-deaf nature of Wipro’s public response to this incident, KrebsOnSecurity published a list of “indicators of compromise” or IOCs, telltale clues about tactics, tools and procedures used by the bad guys that might signify an attempted or successful intrusion.

If one examines the subdomains tied to just one of the malicious domains mentioned in the IoCs list (internal-message[.]app), one very interesting Internet address is connected to all of them — 185.159.83[.]24. This address is owned by King Servers, a well-known bulletproof hosting company based in Russia.

According to records maintained by Farsight Security, that address is home to a number of other likely phishing domains:

securemail.pcm.com.internal-message[.]app
secure.wipro.com.internal-message[.]app
securemail.wipro.com.internal-message[.]app
secure.elavon.com.internal-message[.]app
securemail.slalom.com.internal-message[.]app
securemail.avanade.com.internal-message[.]app
securemail.infosys.com.internal-message[.]app
securemail.searshc.com.internal-message[.]app
securemail.capgemini.com.internal-message[.]app
securemail.cognizant.com.internal-message[.]app
secure.rackspace.com.internal-message[.]app
securemail.virginpulse.com.internal-message[.]app
secure.expediagroup.com.internal-message[.]app
securemail.greendotcorp.com.internal-message[.]app
secure.bridge2solutions.com.internal-message[.]app
ns1.internal-message[.]app
ns2.internal-message[.]app
mail.internal-message[.]app
ns3.microsoftonline-secure-login[.]com
ns4.microsoftonline-secure-login[.]com
tashabsolutions[.]xyz
www.tashabsolutions[.]xyz

The subdomains listed above suggest the attackers may also have targeted American retailer Sears; Green Dot, the world’s largest prepaid card vendor; payment processing firm Elavon; hosting firm Rackspace; business consulting firm Avanade; IT provider PCM; and French consulting firm Capgemini, among others. KrebsOnSecurity has reached out to all of these companies for comment, and will update this story in the event any of them respond with relevant information.

WHAT ARE THEY AFTER?

It appears the attackers in this case are targeting companies that in one form or another have access to either a ton of third-party company resources, and/or companies that can be abused to conduct gift card fraud.

Wednesday’s follow-up on the Wipro breach quoted an anonymous source close to the investigation saying the criminals responsible for breaching Wipro appear to be after anything they can turn into cash fairly quickly. That source, who works for a large U.S. retailer, said the crooks who broke into Wipro used their access to perpetrate gift card fraud at the retailer’s stores.

Another source said the investigation into the Wipro breach by a third party company has determined so far the intruders compromised more than 100 Wipro systems  and installed on each of them ScreenConnect, a legitimate remote access tool. Investigators believe the intruders were using the ScreenConnect software on the hacked Wipro systems to connect remotely to Wipro client systems, which were then used to leverage further access into Wipro customer networks.

This is remarkably similar to activity that was directed in 2016 and 2017 against Cognizant, one of Wipro’s competitors and likely the target of the same attackers. In May 2018, Maritz Holdings Inc., a Missouri-based firm that handles customer loyalty and gift card programs for third-parties, sued Cognizant (PDF), saying a forensic investigation determined that hackers had broken into Cognizant’s systems and used them to pivot attacks into Maritz’s loyalty program and siphon more than $11 million in fraudulent eGift cards.

That investigation determined the attackers also used ScreenConnect to access computers belonging to Maritz employees. “This was the same tool that was used to effectuate the cyber-attack in Spring 2016. Intersec [the forensic investigator] also determined that the attackers had run searches on the Maritz system for certain words and phrases connected to the Spring 2016 attack.”

According to the lawsuit by Maritz Holdings, investigators also determined that the “attackers were accessing the Maritz system using accounts registered to Cognizant. For example, in April 2017, someone using a Cognizant account utilized the “fiddler” hacking program to circumvent cyber protections that Maritz had installed several weeks earlier.”

Maritz said its forensic investigator found the attackers had run searches on the Maritz system for certain words and phrases connected to the Spring 2016 eGift card cashout. Likewise, my retailer source in the Wipro attack told KrebsOnSecurity that the attackers who defrauded them also searched their systems for specific phrases related to gift cards, and for clues about security systems the retailer was using.

It’s unclear if the work of these criminal hackers is tied to a specific, known threat group. But it seems likely that the crooks who hit Wipro have been targeting similar companies for some time now, and with a fair degree of success in translating their access to cash given the statements by my sources in the Wipro breach and this lawsuit against Cognizant.

What’s remarkable is how many antivirus companies still aren’t flagging as malicious many of the Internet addresses and domains listed in the IoCs, as evidenced by a search at virustotal.com.

2019-04-18T17:42:46Z [Link] [Krebs on Security]

Some Internet Outages Predicted For the Coming Month as ‘768k Day’ Approaches

An internet milestone known as “768k Day” is getting closer and some network administrators are shaking in their boots fearing downtime caused by outdated network equipment. From a report: The fear is justified, and many companies have taken precautions to update old routers, but some cascading failures are still predicted. The term 768k Day comes from the original mother of all internet outages known as 512k Day. […] Many legacy routers received emergency firmware patches that allowed network admins to set a higher threshold for the size of the memory allocated to handle the global BGP routing table. Most network administrators followed documentation provided at the time and set the new upper limit at 768,000 — aka 768k. CIDR Report, a website that keeps track of the global BGP routing table, puts the size of this file at 773,480 entries; however, their version of the table isn’t official and contains some duplicates. A Twitter bot named BGP4-Table, which has also been tracking the size of the global BGP routing table in anticipation of 768K Day, puts the actual size of the file at 767,392, just a hair away from overflowing. ZDNet spoke today with Aaron A. Glenn, a networking engineer with AAGICo Berlin, and Jim Troutman, Director at the Northern New England Neutral Internet Exchange (NNENIX). Both estimate 768K Day happening within the next month. But unlike many network admins, they don’t expect the event to cause internet-wide outages like in 2014. However, both Glenn and Troutman expect some companies and smaller, local ISPs to be affected. “I would be mildly surprised if there was any interruption or outage at any real scale,” Glenn told ZDNet.

Read more of this story at Slashdot.

2019-04-18T17:33:00+00:00 [Link] [Slashdot]