/.

Syndicate content Slashdot
News for nerds, stuff that matters
Updated: 12 hours 58 min ago

Microsoft May Ban Your Favorite Password

Wed, 05/25/2016 - 5:25pm
wiredmikey writes from a report via SecurityWeek.Com: Microsoft is taking a step to better protect users by banning the use of weak and commonly-used passwords across its services. Microsoft has announced that it is dynamically banning common passwords from Microsoft Account and Azure Active Directory (AD) system. In addition to banning commonly used passwords to improve user account safety, Microsoft has implemented a feature called smart password lockout, meant to add an extra level of protection when an account is attacked. [Alex Weinert, Group Program Manager of Azure AD Identity Protection team explains in a blog post that] Microsoft is seeing more than 10 million accounts being attacked each day, and that this data is used to dynamically update the list of banned passwords. This list is then used to prevent people from choosing a common or similar password. Microsoft's new feature comes after last week's leak of 117 million LinkedIn credentials.

Read more of this story at Slashdot.

Former McDonald's USA CEO: $35K Robots Cheaper Than Hiring at $15 Per Hour

Wed, 05/25/2016 - 12:10pm
An anonymous reader shares an article on Fox Business: As fast-food workers across the country vie for $15 per hour wages, many business owners have already begun to take humans out of the picture. "I was at the National Restaurant Show yesterday and if you look at the robotic devices that are coming into the restaurant industry -- it's cheaper to buy a $35,000 robotic arm than it is to hire an employee who's inefficient making $15 an hour (warning: autoplaying video) bagging French fries -- it's nonsense and it's very destructive and it's inflationary and it's going to cause a job loss across this country like you're not going to believe," said former McDonald's USA CEO Ed Rensi during an interview on the FOX Business Network's Mornings with Maria. According to the Bureau of Labor Statistics, 1.3 million people earned the current minimum wage of $7.25 per hour with about 1.7 million having wages below the federal minimum in 2014. These three million workers combined made up 3.9 percent of all hourly paid workers.

Read more of this story at Slashdot.

Google To Bring Official Android Support To the Raspberry Pi 3

Wed, 05/25/2016 - 11:35am
An anonymous reader shares an Ars Technica report: The Raspberry Pi 3 is not hurting for operating system choices. The tiny ARM computer is supported by several Linux distributions and even has a version of Windows 10 IoT core available. Now, it looks like the Pi is about to get official support for one of the most popular operating systems out there: Android. In Google's Android Open Source Project (AOSP) repository, a new device tree recently popped up for the Raspberry Pi 3. The AOSP device tree contains mostly Nexus devices with the occasional "generic" entry or developer board tossed into the mix. It's rare to see a non-Google device in AOSP, so it seems Google has taken quite a shine to the tiny computer. With officially supported source code, it should be much easier for hackers to get Android up and running on the Pi 3. And once that's done, you should be able to sideload more than 1.5 million apps onto the Pi to make the device do whatever you want.

Read more of this story at Slashdot.

Google Steps Up Pressure on Partners Tardy in Updating Android

Wed, 05/25/2016 - 11:10am
Google is actively tracking the time its partner OEMs take to release a new version of Android onto their devices. According to a Bloomberg report, the company is drawing up rankings that could shame some phone makers into better behavior. From the report: Google shared this list with Android partners earlier this year. It has discussed making it public to highlight proactive manufacturers and shame tardy vendors through omission from the list, two of the people said. [...] Google is making progress persuading phone makers and carriers to install security updates quicker "for the good of users," Android chief Hiroshi Lockheimer said. The same expedited process may then be used to send operating system updates to phones, he explained. The most challenging discussions are with carriers, which can be slow to approve updates because they test them thoroughly to avoid network disruption. The report adds that several OEMs are also stepping up their game to better comply with Google's new wishes. Motorola, for instance, is working on offering quarterly updates to its three years old devices. For users with non-Nexus devices, it's really frustrating to wait for months, and in some cases, years, before their devices from Samsung, Xiaomi, Huawei, HTC and other manufacturers get upgraded to a newer version of Android. Another challenge for Google is to push its partners to actively release updates to affordable and mid-range smartphones. Many OEMs mostly worry about serving those users who have the flagship and high-end models.

Read more of this story at Slashdot.

Microsoft Backtracks On 'Nasty Trick' Upgrade To Windows 10

Wed, 05/25/2016 - 10:30am
Reader Raging Bool writes: Days after angering many users with its so-called "nasty trick", Microsoft has reversed its crazy decision to infuriate users by upgrading them to Windows 10 automatically. Users were angry that clicking the cross to dismiss the box meant that they had agreed to the upgrade. Based on "customer feedback", Microsoft said it would add another notification that provided customers with "an additional opportunity for cancelling the upgrade". Microsoft told the BBC it had modified the pop-up as a result of criticism: "We've added another notification that confirms the time of the scheduled upgrade and provides the customer an additional opportunity for cancelling or rescheduling the upgrade. If the customer wishes to continue with their upgrade at the designated time, they can click 'OK' or close the notifications with no further action needed."

Read more of this story at Slashdot.

Genius' Web Annotations Undermined Web Security

Wed, 05/25/2016 - 9:50am
New reader BradyDale shares an article on the Verge: Until early May, when The Verge confidentially disclosed the results of my independent security tests, the "web annotator" service provided by the tech startup Genius had been routinely undermining a web browser security mechanism. The web annotator is a tool which essentially republishes web pages in order to let Genius users leave comments on specific passages. In the process of republishing, those annotated pages would be stripped of an optional security feature called the Content Security Policy, which was sometimes provided by the original version of the page. This meant that anyone who viewed a page with annotations enabled was potentially vulnerable to security exploits that would have been blocked by the original site. Though no specific victims have been identified, the potential scope of this bug was broad: it was applied to all Genius users, undermined any site with a Content Security Policy, and re-enabled all blocked JavaScript code. Vijith Assar dives deep into how Genius did this :The primary way Genius annotations are accessed on the web is by adding "genius.it" in front of any URL as a prefix. The genius.it server reads the original content behind the scenes, adds the annotations, and delivers the hybrid content. The Genius version of the page includes a few extra scripts and highlighted passages, but until recently it also eliminated the original page's Content Security Policy. The Content Security Policy is an optional set of instructions encoded in the header of the HTTP connection which tells browsers exactly which sites and servers should be considered safe -- any code which isn't from one of those sites can then be ignored.

Read more of this story at Slashdot.

Tech Billionaire Peter Thiel Secretly Bankrolled Hulk Hogan's Lawsuit Against Gawker: Reports

Wed, 05/25/2016 - 9:10am
If you're a powerful Silicon Valley billionaire, and there's a media house which actively points out flaws in your investments, can you do something about it? If you're Peter Thiel, you certainly can. The New York Times and Forbes magazine have independently reported that Thiel has been funding a steady stream of lawsuits -- including three different ones filed by Hulk Hogan -- to destroy Gawker Media. Gawker reports: Gawker and Valleywag, Gawker Media's defunct tech gossip vertical, have often written critically of Thiel, a self-identified libertarian (and, it turns out, a California delegate for Donald Trump) and his investments, covering the failure of his hedge fund Clarium Capital, his right-wing politics, and his personal life. In just the last month, Gawker Media's tech site Gizmodo published a series of stories on Facebook's use of "news curators" to manipulate the site's "trending" module, sparking a congressional investigation into the social network's practices.Jay Rosen, media critic and a professor of journalism at New York University, said: Trying to kill a publication you don't like by funding lawsuits against them isn't very libertarian, is it?

Read more of this story at Slashdot.

Smaller Xbox One Coming This Year, More Powerful Xbox One In 2017, Says Report

Wed, 05/25/2016 - 8:30am
Keza MacDonald and Jason Schreier, reporting for game blog Kotaku: Microsoft is preparing at least two new Xbox models for release in the next two years, sources tell Kotaku. Later this year we'll see a cheaper, smaller Xbox One, and next year Microsoft will release a more powerful version of their premiere console. The 2017 Xbox, which is codenamed Scorpio, will have a more powerful GPU. We hear that it will also be technically capable of supporting the Oculus Rift and that Microsoft is pursuing a partnership with Oculus. As for 2016, sources have told us there's at least a more compact version coming by year's end. One source believed it will include a larger 2TB hard drive, double the capacity of the most spacious current model. We're expecting Microsoft to announce the more compact machine at E3 next month.

Read more of this story at Slashdot.

Foxconn Cuts 60,000 Jobs, Replaces With Robots

Wed, 05/25/2016 - 7:50am
An anonymous reader writes: In a bid to accelerate growth and reduce labor costs, Apple supplier Foxconn cut 60,000 jobs at a single factory, work that is now being completed by robots. As many as 600 companies in the Chinese manufacturing hub of Kunshan may have similar plans to automate their workforce, according to a government survey. Foxconn spokesperson Xu Yulian said, "The Foxconn factory has reduced its employee strength from 110,000 to 50,000, thanks to the introduction of robots. It has tasted success in reduction of labor costs." He added, "More companies are likely to follow suit." These changes are spurred in part by a desire to reduce labor costs, but have also been made in response to an explosion at a Kunshan factory in 2014 that killed 146 people. The explosion was attributed to unsafe working conditions in the Taiwanese-owned metal polishing factory, which were recognized and documented. After the explosion, the local government pledged 2 billion yuan per year in subsidies to support companies that install industrial robots on their production lines.

Read more of this story at Slashdot.

Facebook Could Be Eavesdropping On Your Phone Calls

Wed, 05/25/2016 - 7:10am
An anonymous reader writes: Facebook is not just looking at user's personal information, interests, and online habits but also to your private conversations, revealed a new report. According to NBC report, this may be the case as Kelli Burns, a professor at University of South Florida states, "I don't think that people realize how much Facebook is tracking every move we're making online. Anything that you're doing on your phone, Facebook is watching." the professor said. Now how do you prove that? Professor Kelli tested out her theory by enabling the microphone feature, and talked about her desire to go on a safari, informing about the mode of transport she would take. "I'm really interested in going on an African safari. I think it'd be wonderful to ride in one of those jeeps," she said aloud, phone in hand. The results were shocking, as less than 60 seconds later, the first post on her Facebook feed was about a safari story out of nowhere, which was then revealed that the story had been posted three hours earlier. And, after mentioning a jeep, a car ad also appeared on her page. On a support page, Facebook explains how this feature works: "No, we don't record your conversations. If you choose to turn on this feature, we'll only use your microphone to identify the things you're listening to or watching based on the music and TV matches we're able to identify. If this feature is turned on, it's only active when you're writing a status update." I wonder how many people are actually aware of this.

Read more of this story at Slashdot.

Microsoft Is Laying Off 1,850 to Streamline Its Smartphone Business

Wed, 05/25/2016 - 6:30am
Microsoft is making more changes to its smartphone business. The company, which sold its feature phone business last week, on Wednesday announced that it is scaling back hardware -- laying off 1,850 staff and take a charge of $950 million including $200 million in severance payments in a memo to all employees. The company insists that "great new devices" are in the works. From Myerson's memo: Last week we announced the sale of our feature phone business. Today I want to share that we are taking the additional step of streamlining our smartphone hardware business, and we anticipate this will impact up to 1,850 jobs worldwide, up to 1,350 of which are in Finland. These changes are incredibly difficult because of the impact on good people who have contributed greatly to Microsoft. Speaking on behalf of Satya and the entire Senior Leadership Team, we are committed to help each individual impacted with our support, resources, and respect. For context, Windows 10 recently crossed 300 million monthly active devices, our Surface and Xbox customer satisfaction is at record levels, and HoloLens enthusiasts are developing incredible new experiences. Yet our phone success has been limited to companies valuing our commitment to security, manageability, and Continuum, and with consumers who value the same. Thus, we need to be more focused in our phone hardware efforts.

Read more of this story at Slashdot.

Class Action Lawsuit Filed Against Fitbit For 'Highly Inaccurate' Heart Rate Trackers

Wed, 05/25/2016 - 5:00am
An anonymous reader quotes a report from NBC News: A class action lawsuit against Fitbit may have grown teeth following the release of a new study that claims the company's popular heart rate trackers are "highly inaccurate." Researchers at the California State Polytechnic University, Pomona tested the heart rates of 43 healthy adults with Fitbit's PurePulse heart rate monitors, using the company's Surge watches and Charge HR bands on each wrist. Subjects were then hooked up to a BioHarness device that produced an electrocardiogram (ECG), to record the heart's rhythm against the data being produced by Fitbit's devices. Comparative results from rest and exercise -- including jump rope, treadmills, outdoor jogging and stair climbing -- showed that the Fitbit devices miscalculated heart rates by up to 20 beats per minute on average during more intensive workouts. The study was commissioned by the Lieff Cabraser, the law firm behind the class action suit that is taking aim at three Fitbit models that use the PurePulse heart monitor, including the Fitbit Blaze, Fitbit Charge HR and Fitbit Surge. "What the plaintiffs' attorneys call a 'study' is biased, baseless, and nothing more than an attempt to extract a payout from Fitbit. It lacks scientific rigor and is the product of flawed methodology," Fitbit said in a statement posted by Gizmodo.

Read more of this story at Slashdot.

Billionaire Technologist Accuses NASA Asteroid Mission of Bad Statistics

Wed, 05/25/2016 - 2:00am
Taco Cowboy quotes a report from Science Magazine: Nathan Myhrvold, ex-CTO of Microsoft, is accusing NASA of providing bad statistics on asteroid size. Mr. Myhrvold alleged that scientists using a prominent NASA space telescope have made fundamental mistakes in their assessment of the size of more than 157,000 asteroids they have observed. In a paper posted to the arXiv.org e-print repository on 22 May, Myhrvold takes aim at the Wide-field Infrared Survey Explorer (WISE), a space telescope launched in 2009, and a follow-on mission, NEOWISE, which together are responsible for the discovery of more asteroids than any other observatory. Yet Myhrvold says that the WISE and NEOWISE teams' papers are riddled with statistical missteps. "None of their results can be replicated," he tells ScienceInsider. "I found one irregularity after another" Myhrvold says the NASA teams have made mistakes, such as ignoring the margin of error introduced when extrapolating from a small sample size to an entire population. They also neglected to include Kirchhoff's law of thermal radiation in their thermal models of the asteroids. Based on his own models, Myhrvold says that errors in the asteroid diameters based on WISE data should be 30%. In some cases, the size errors rise to as large as 300%. "Asteroids are more variable than we thought they were," he says. He has submitted the paper to the journal Icarus for review. However, the WISE and NEOWISE teams are standing by their results, and say that Myhrvold's criticism should be dismissed. "For every mistake I found in his paper, if I got a bounty, I would be rich," says Ned Wright, the principal investigator for WISE at the University of California, Los Angeles. Wright says that WISE's data match very well with two other infrared telescopes, AKARI and IRAS. To find out how accurately those infrared data determine the size of an asteroid, scientists have to calibrate them with radar observations, other observations made when asteroids pass in front of distant stars, and observations made by spacecraft up close. When they do that, Wright says, WISE's size errors end up at roughly 15%. Wright says his team doesn't have Myhrvold's computer codes, "so we don't know why he's screwing up." But Wright archly noted that Myhrvold once worked at Microsoft, so "is responsible in part for a lot of bad software."

Read more of this story at Slashdot.

HPE To Spin Out Its Huge Services Business, Merge It With CSC

Tue, 05/24/2016 - 11:00pm
itwbennett writes from a report via CIO: Hewlett-Packard Enterprise announced Tuesday that it will spin off its enterprise services business and merge it with IT services company Computer Sciences Corp. (CSC) to create a company with $26 billion in annual revenue. The services business "accounts for roughly 100,000 employees, or two-thirds of the Silicon Valley giant's workforce," according to the Wall Street Journal. In a statement, HPE CEO Meg Whitman said customers would benefit from a "stronger, more versatile services business, better able to innovate and adapt to an ever-changing technology landscape." Layoffs were not a topic of discussion in Tuesday's announcement, but HPE did say last year they would cut 33,000 jobs by 2018, in addition to the 55,000 job cuts it had already announced. The company also split into two last year, betting that the smaller parts will be nimbler and more able to reverse four years of declining sales.

Read more of this story at Slashdot.

TSA Replaces Security Chief As Tension Grows At Airports

Tue, 05/24/2016 - 7:30pm
HughPickens.com writes: Ron Nixon reports at the NYT that facing a backlash over long security lines and management problems, TSA administrator Peter V. Neffenger has shaken up his leadership team, replacing the agency's top security official Kelly Hoggan (Warning: source may be paywalled) and adding a new group of administrators at Chicago O'Hare International Airport. Beginning late that year, Hoggan received $90,000 in bonuses over a 13-month period, even though a leaked report from the Department of Homeland Security showed that auditors were able to get fake weapons and explosives past security screeners 95 percent of the time in 70 covert tests. Hoggan's bonus was paid out in $10,000 increments, an arrangement that members of Congress have said was intended to disguise the payments. During a hearing of the House Oversight Committee two weeks ago, lawmakers grilled Mr. Neffenger about the bonus, which was issued before he joined the agency in July. Last week and over the weekend, hundreds of passengers, including 450 on American Airlines alone, missed flights because of waits of two or three hours in security lines, according to local news reports. Many of the passengers had to spend the night in the terminal sleeping on cots. The TSA has sent 58 additional security officers and four more bomb-sniffing dog teams to O'Hare. Several current and former TSA employees said the moves to replace Hoggan and add the new officials in Chicago, where passengers have endured hours long waits at security checkpoints, were insufficient. "The timing of this decision is too late to make a real difference for the summer," says Andrew Rhoades, an assistant federal security director at Minneapolis-St. Paul International Airport who testified his supervisor accused him of "going native" after attending a meeting at a local mosque and that TSA's alleged practice of "directed reassignments," or unwanted job transfers were intended to punish employees who speak their minds. "Neffenger is only doing this because the media and Congress are making him look bad."

Read more of this story at Slashdot.

Toyota Forms 'Strategic Partnership' With Uber

Tue, 05/24/2016 - 5:50pm
An anonymous reader quotes a report from The Verge: Toyota and Uber are forming a "strategic partnership" which will include an investment by the Japanese automaker in the San Francisco-based ride-sharing company. Under the agreement, Uber drivers can lease their vehicles from Toyota and cover their payments through earnings generated as Uber drivers. Toyota says it will invest an undisclosed sum in Uber, which is already the most valuable technology startup in the world. A partnership between Toyota and Uber could help the ride-sharing company solve a lingering question surrounding its self-driving ambitions, namely where its going to get a fleet of cars to equip with its autonomous technology. Toyota, which is the world's largest car manufacturer, is taking self-driving technology very seriously. It recently established the Toyota Research Institute to develop AI technologies in two main areas: autonomous cars and robot helpers for around the home. Last month, Google, Ford, Volvo, Lyft and Uber joined a coalition to help spur the development of self-driving cars, ultimately to make them arrive to the market faster. Meanwhile, Apple made an investment in Uber's Chinese rival Didi.

Read more of this story at Slashdot.

Apple To Open Up Siri To Developers, Release An Amazon Echo Competitor

Tue, 05/24/2016 - 5:07pm
An anonymous reader quotes a report from BGR: According to a new report from The Information, Apple is finally ready to let Siri grow up. Specifically, the publication relays that Apple will finally offer official Siri APIs to developers, thus paving the way for third-party integrations, the kind that Amazon Echo users can't seem to get enough of. Things like ordering an Uber or pizza are currently impossible, because Siri is locked down by Apple. What's more, Apple is also reportedly working on a standalone device meant to compete with the Amazon Echo and Google's recently unveiled Google Home. If that's true, it's huge news -- Apple has been lacking any kind of smart home hub until now, but a Siri-powered device would be a serious play to get Apple into our homes. Google is the latest tech giant to announce a virtual home assistant. It unveiled Google Home, a small round gadget with microphones and speakers that listen and respond to your questions and commands.

Read more of this story at Slashdot.

E Ink Creates Full-Color Electronic Paper Display

Tue, 05/24/2016 - 4:23pm
SkinnyGuy writes: The reflective display company finally figured out how to make those ultra tiny balls produce 32,000 colors in one super-low-powered display. It's a breakthrough for E Ink, display advertising and, maybe someday, e-readers and digital photo frames. The new prototype display, which can be manufactured in an array of sizes, features a 20-inch, 2500 x 1600 resolution and is equally as power-efficient as the monochromatic display. E Ink Holding's Head of Global marketing Giovanni Mancini said it can be powered with solar cells used in bus stop signage, for example. Some of the limitations center around the resolution and refresh rate. As of right now, the resolution is only 150 pixels per inch (ppi), which is about half the resolution of a typical 6-inch, monochromatic E ink display. It also takes about two seconds to fully resolve images, which is pretty slow when compared to today's e-readers. The company is currently only focused on using the new color display for commercial signage.

Read more of this story at Slashdot.

Pastejacking Attack Appends Malicious Terminal Commands To Your Clipboard

Tue, 05/24/2016 - 3:40pm
An anonymous reader writes: "It has been possible for a long time for developers to use CSS to append malicious content to the clipboard without a user noticing and thus fool them into executing unwanted terminal commands," writes Softpedia. "This type of attack is known as clipboard hijacking, and in most scenarios, is useless, except when the user copies something inside their terminal." Security researcher Dylan Ayrey published a new version of this attack last week, which uses only JavaScript as the attack medium, giving the attack more versatility and making it now easier to carry out. The attack is called Pastejacking and it uses Javascript to theoretically allow attackers to add their malicious code to the entire page to run commands behind a user's back when they paste anything inside the console. "The attack can be deadly if combined with tech support or phishing emails," writes Softpedia. "Users might think they're copying innocent text into their console, but in fact, they're running the crook's exploit for them."

Read more of this story at Slashdot.

Elderly Use More Secure Passwords Than Millennials, Says Report

Tue, 05/24/2016 - 2:57pm
An anonymous reader writes from a report via Quartz: A report released May 24 by Gigya surveyed 4,000 adults in the U.S. and U.K. and found that 18- to 34-year-olds are more likely to use bad passwords and report their online accounts being compromised. The majority of respondents ages 51 to 69 say they completely steer away from easily cracked passwords like "password," "1234," or birthdays, while two-thirds of those in the 18-to-34 age bracket were caught using those kind of terms. Quartz writes, "The diligence of the older group could help explain why 82% of respondents in this age range did not report having had any of their online accounts compromised in the past year. In contrast, 35% of respondents between 18 and 34 said at least one of their accounts was hacked within the last 12 months, twice the rate of those aged 51 to 69."

Read more of this story at Slashdot.