Sorry, you need to enable JavaScript to visit this website.

Slashdot

Syndicate content Slashdot
News for nerds, stuff that matters
Updated: 14 min 14 sec ago

Some HTTPS Inspection Tools Actually Weaken Security

Sat, 18/03/2017 - 5:34pm
America's Department of Homeland Security issued a new warning this week. An anonymous reader quotes IT World: Companies that use security products to inspect HTTPS traffic might inadvertently make their users' encrypted connections less secure and expose them to man-in-the-middle attacks, the U.S. Computer Emergency Readiness Team warns. US-CERT, a division of the Department of Homeland Security, published an advisory after a recent survey showed that HTTPS inspection products don't mirror the security attributes of the original connections between clients and servers. "All systems behind a hypertext transfer protocol secure (HTTPS) interception product are potentially affected," US-CERT said in its alert. Slashdot reader msm1267 quotes Threatpost: HTTPS inspection boxes sit between clients and servers, decrypting and inspecting encrypted traffic before re-encrypting it and forwarding it to the destination server... The client cannot verify how the inspection tool is validating certificates, or whether there is an attacker positioned between the proxy and the target server.

Read more of this story at Slashdot.

Could We Eliminate Spam With DMARC?

Sat, 18/03/2017 - 4:34pm
An anonymous reader writes: "The spam problem would not only be significantly reduced, it'd probably almost go away," argues Paul Edmunds, the head of technology from the cybercrimes division of the U.K.'s National Crime Agency -- suggesting that more businesses should be using DMARC, an email validation system that uses both the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). "Edmunds argued, if DMARC was rolled out everywhere in order to verify if messages come from legitimate domains, it would be a major blow to spam distributors and take a big step towards protecting organizations from this type of crime..." reports ZDNet. "However, according to a recent survey by the Global Cyber Alliance, DMARC isn't widely used and only 15% of cybersecurity vendors themselves are using DMARC to prevent email spoofing. Earlier this month America's FTC also reported that 86% of major online businesses used SPF to help ISPs authenticate their emails -- but fewer than 10% have implemented DMARC.

Read more of this story at Slashdot.

Researchers Build An AI That's Better At Reading Lips Than Humans

Sat, 18/03/2017 - 3:34pm
An anonymous reader quotes the BBC: Scientists at Oxford say they've invented an artificial intelligence system that can lip-read better than humans. The system, which has been trained on thousands of hours of BBC News programs, has been developed in collaboration with Google's DeepMind AI division. "Watch, Attend and Spell", as the system has been called, can now watch silent speech and get about 50% of the words correct. That may not sound too impressive - but when the researchers supplied the same clips to professional lip-readers, they got only 12% of words right... The system now recognizes 17,500 words, and one of the researchers says, "As it keeps watching TV, it will learn."

Read more of this story at Slashdot.

Physicists Find That As Clocks Get More Precise, Time Gets More Fuzzy

Sat, 18/03/2017 - 2:34pm
Physicists "have combined two grand theories of physics to conclude not only is time not universally consistent, any clock we use to measure it will blur the flow of time in its surrounding space." An anonymous reader quotes ScienceAlert: A team of physicists from the University of Vienna and the Austrian Academy of Sciences have applied quantum mechanics and general relativity to argue that increasing the precision of measurements on clocks in the same space also increases their warping of time... [W]hile the theories are both supported by experiments, they usually don't play well together, forcing physicists to consider a new theory that will allow them both to be correct at the same time... In this case, the physicists hypothesized the act of measuring time in greater detail requires the possibility of increasing amounts of energy, in turn making measurements in the immediate neighborhood of any time-keeping devices less precise. "Our findings suggest that we need to re-examine our ideas about the nature of time when both quantum mechanics and general relativity are taken into account," says researcher Esteban Castro. The article opens with the statement that "time is weird," noting that despite our own human-centric expectations, "the Universe doesn't have a master clock to run by."

Read more of this story at Slashdot.

US Lawmakers Propose Minimum Seat Sizes For Airlines

Sat, 18/03/2017 - 1:34pm
The size of each passenger's seat on an airplane -- as well as the distance between rows of seats -- should be standardized, according to legislation proposed by two American lawmakers. Slashdot reader AmiMoJo quotes Consumerist: The text of the bill does not specify any dimensions for seat widths or legroom. Rather, if the legislation is passed, the particulars would be left up to the FAA to sort out... Though seat size may vary from airline to airline, Cohen notes that the average distance between rows of seats has dropped from 35 inches before airline deregulation in the 1970s, to around 31 inches today. Your backside is getting the squeeze, as well, as the average width of an airline seat has also shrunk from 18 inches to about 16.5 inches.

Read more of this story at Slashdot.

Ask Slashdot: Best Virtual Reality Headsets?

Sat, 18/03/2017 - 1:00pm
Quantus347 writes: Straightforward question: I held off for a year to let the various manufacturers shake out the bugs, but now it's down to either a virtual-reality system or a new generation console. So I ask you, the Slashdot community, what are your personal experiences with any of the various VR systems out there? What are their strengths and weaknesses? What little things annoy you the most? What features make a given product the best (or worst) option? "Sprinkle us with wisdom from your mighty brain!" For reference, the HTC Vive costs $799.00, while the Oculus Rift with Oculus Touch motion controllers costs $598 (which is the price after the recent markdown from $799). These prices do not include the necessary hardware required to power each headset. The PlayStation VR ($399.99), Samsung Gear VR ($99.99), and Google Daydream View ($79.00) are also available for less moolah.

Read more of this story at Slashdot.

Southwest Airlines Is Doing Away With Pneumatic Tubes, Paper Tickets

Sat, 18/03/2017 - 10:00am
As part of Southwest's biggest tech upgrade in its 45 years of existence, the company will doing away with several of its antiquated practices, including paper tickets and the use of pneumatic tubes to send messages at airports. Consumerist reports: The airline says the goal of these upgrades is to keep planes moving in and out of airports as quickly as possible. "We're looking for minutes," Chief Operating Officer Mike Van de Ven told Bloomberg. "How do I save a minute here, a minute there? In 2017, we are more deliberate in our continuous improvement efforts." The new reservation system will allow Southwest to accept foreign money -- something its rivals can already do -- bounce back faster from storms, and have more control over price changes and schedules. Ramp workers will be getting tablets with real-time information to speed up airplanes' "turn time" -- how quickly they can deboard and reboard passengers and take off again. Tarmac staffers also won't be using pneumatic tubes anymore to send notes via canister about lost luggage and other communications to the cargo workers in charge of calculating jet weight and balance. Digital transmissions will replace that system, as well as printouts for workers who transport bags to and fro. Customers will be seeing changes as well, as the new reservation system means Southwest can ditch paper tickets altogether and stick with electronic tickets only.

Read more of this story at Slashdot.

Climate Shaped the Human Nose, Researchers Say

Sat, 18/03/2017 - 7:00am
An anonymous reader quotes a report from The Guardian: Human noses have been shaped by climate, according to research probing variation in the human snout. Researchers say their findings back up the theory that wider nostrils developed in populations living in warm, humid conditions, while populations living in high latitudes, such as northern Europe, developed narrower nostrils as an adaptation to the chilly, dry conditions. Writing in the journal Plos Genetics, researchers from the U.S., Ireland and Belgium describe how they began to unpick variations in nose shape by using 3D facial imaging to take a host of measurements from 476 volunteers of south Asian, east Asian, west African and northern European ancestry. The results revealed that only two out of seven nose-related traits were found to differ more between the populations than would be expected from the impact of random, chance changes in genetic makeup over time. The authors say that suggests variations in those traits have been influenced by natural selection. With further analysis, based on data from participants of west African and European ancestry, confirming that nose shape is highly heritable, the team looked to see if there was a link between nose shape and climate. The results showed that nostril width is linked to temperature and absolute humidity, with participants whose ancestors lived in warm-humid climates on average having wider nostrils than those whose ancestors lived in cool-dry climates. That, says Arslan Zaidi, co-author of the study from Pennsylvania State University, could be because narrower nasal passages help to increase the moisture content of air and warm it -- a bonus for those in higher latitudes.

Read more of this story at Slashdot.

Scientists Sent a Rocket To Mars For Less Than It Cost To Make 'The Martian'

Sat, 18/03/2017 - 3:30am
Ipsita Agarwal via Backchannel retells the story of how India's underfunded space organization, ISRO, managed to send a rocket to Mars for less than it cost to make the movie "The Martian," starring Matt Damon as Mark Watney. "While NASA's Mars probe, Maven, cost $651 million, the budget for this mission was $74 million," Agarwal writes. In what appears to be India's version of "Hidden Figures" (a movie that also cost more to make than ISRO's budget for the Mars rocket), the team of scientists behind the rocket launch consisted of Indian women, who not only managed to pull off the mission successfully but did so in only 18 months. Backchannel reports: A few months and several million kilometers later, the orbiter prepared to enter Mars' gravity. This was a critical moment. If the orbiter entered Mars' gravity at the wrong angle, off by so much as one degree, it would either crash onto the surface of Mars or fly right past it, lost in the emptiness of space. Back on Earth, its team of scientists and engineers waited for a signal from the orbiter. Mission designer Ritu Karidhal had worked 48 hours straight, fueled by anticipation. As a child, Minal Rohit had watched space missions on TV. Now, Minal waited for news on the orbiter she and her colleague, Moumita Dutta, had helped engineer. When the signal finally arrived, the mission control room broke into cheers. If you work in such a room, deputy operations director, Nandini Harinath, says, "you no longer need to watch a thriller movie to feel the thrill in life. You feel it in your day-to-day work." This was not the only success of the mission. An image of the scientists celebrating in the mission control room went viral. Girls in India and beyond gained new heroes: the kind that wear sarees and tie flowers in their hair, and send rockets into space. User shas3 notes in a comment on Hacker News' post: "If you are interested in Indian women scientists and engineers, there is a nice compilation (a bit tiresome to read, but worth it, IMO) of biographical essays called 'Lilvati's Daughters.'"

Read more of this story at Slashdot.

Windows 10 UAC Bypass Uses Backup and Restore Utility

Sat, 18/03/2017 - 2:05am
An anonymous reader writes: "A new User Access Control (UAC) bypass technique relies on altering Windows registry app paths and using the Backup and Restore utility to load malicious code without any security warning," reports BleepingComputer. The technique works when an attacker launches the Backup and Restore utility, which loads its control panel settings page. Because the utility doesn't known where this settings page is located, it queries the Windows Registry. The problem is that low-privileged users can modify Windows Registry values and point to malware. Because the Backup and Restore utility is a trusted application, UAC prompts are suppressed. This technique only works in Windows 10 (not earlier OS versions) and was tested with Windows 10 build 15031. A proof-of-concept script is available on GitHub. The same researcher had previously found two other UAC bypass techniques, one that abuses the Windows Event Viewer, and one that relies on the Windows 10 Disk Cleanup utility

Read more of this story at Slashdot.

Insurance Startup Uses Behavioral Science To Keep Customers Honest

Sat, 18/03/2017 - 1:25am
tedlistens quotes a report from Fast Company: Insurance startup Lemonade won itself headlines in January with the boast that it had successfully approved a claim in just three seconds. In that time, Lemonade's software had run 18 anti-fraud algorithms and sent a payment to the lucky customer's bank account -- a process that would have taken a traditional property and casualty insurer days, if not weeks. But it's what happened before Lemonade's artificial intelligence kicked into gear that makes the renegade insurer so potentially disruptive to this trillion-dollar industry, for which premiums alone comprise 7% of U.S. GDP. The customer, Brooklyn educator Brandon Pham, opened Lemonade's mobile app, signed an "honesty pledge" to attest to the truth of his claim, and then recorded a short video explaining that his Canada Goose parka, worth nearly $1,000, had been stolen. That deceptively simple claims process is the byproduct of academic research on psychology and behavioral economics conducted by Dan Arielyblog, one of the field's most prominent voices and Lemonade's chief behavioral officer. "There's a lot of science about when people behave and misbehave that has not been put to use," says Lemonade cofounder and CEO Daniel Schreiber. Lemonade is even applying behavioral science to itself, publishing unusually transparent blog posts that include data on customer growth, bank account balances, and more.

Read more of this story at Slashdot.

Raspberry Pi Becomes Third Best-Selling General Purpose Computer of All Time, Beating Commodore 64

Sat, 18/03/2017 - 12:45am
The Raspberry Pi has outsold the Commodore 64 by selling north of 12.5 million boards in five years, becoming the world's third best-selling general purpose computer. "The Commodore 64, had, until recently, the distinction of being the third most popular general purpose computing platform," Eben Upton told a crowd at the fifth birthday party. "That's what I'm here to celebrate," he said, "we are now the third most popular general purpose computing platform after the Mac and PC." The MagPi Magazine reports: The Raspberry Pi Model 3 is the best-selling Raspberry Pi. This chart shows that Raspberry Pi 3 has accounted for almost a third of all Raspberry Pi boards sold. The Model 3 sits next to its immediate predecessor, the Raspberry Pi 2B+ (which has the same board shape but a slightly slower CPU). These two boards account for over half of all Raspberry Pi boards sold. The rest of the sales are between older models. The original Model A accounts for just 2 percent of sales. So keep one if you've got it as they're pretty rare. We should point out, before the Commodore fan club arrives, that there are discrepancies in the total number of sales of the C64. The 12.5 million figure comes from an analysis of serial numbers. This article by Michael Steil explains in detail why the 12.5 million number is accurate. We hold it to be the most accurate analysis of Commodore 64 sales (other opinions are available).

Read more of this story at Slashdot.

Tesla Discontinuing Model S With 60 KWh Battery

Sat, 18/03/2017 - 12:05am
An anonymous reader quotes a report from Electrek: April 16th, 2017 will be the last day to order the Model S 60 and 60D. The vehicles were the least expensive models that customers could purchase from Tesla -- starting at $68,000. The Model S 60 and 60D were equipped with 75 kWh battery packs software-locked to 60 kWh. Owners were able to unlock the remaining 15 kWh through a software update for a fee at any time after the purchase if they decided that they wanted more capacity. Tesla says that they are making the change because most customers ultimately end up upgrading to 75 kWh and they want to streamline the ordering process. It comes as Tesla is preparing to launch the Model 3, which should start at $35,000, but higher performance versions are expected to be offered at higher prices closer to the price of the Model S. It would make sense for Tesla to try to create a bigger gap between the two vehicles.

Read more of this story at Slashdot.

YouTube To Discontinue Video Annotations Because They Never Worked On Mobile

Fri, 17/03/2017 - 11:20pm
You know those notes found plastered on many YouTube videos, often asking for you to "CLICK TO SUBSCRIBE?" Well, they're called annotations and they're being replaced with what YouTube calls "End Screen and Cards," which are mobile-friendly tools that let content creators poll their audience, link to merchandise, recommend videos, and more. Unlike annotations, they work on mobile and are designed to be less obnoxious to viewers. The Verge reports: YouTube says it made this change primarily because annotations didn't work on mobile and most viewers found them obnoxious and unhelpful. The change takes effect on May 2nd, and existing annotations will continue to show up when using the desktop browser version of YouTube. YouTube annotations have felt increasingly outdated and out of place. The small text boxes were meant as a way to let creators link to other videos, write in little jokes, and add ancillary information to a video much like a hyperlink or footnote of sorts. But over the years, annotation use has drastically fallen off, by 70 percent, YouTube product manager Muli Salem says. In fact, a majority of viewers interact with annotations only to close them, so the boxes don't obstruct the video screen. Many users turn them off altogether. So now YouTube is investing entirely in End Screens and Cards, and making both tools easier to use and faster to implement.

Read more of this story at Slashdot.

Judge Grants Search Warrant For Everyone Who Searched a Crime Victim's Name On Google

Fri, 17/03/2017 - 10:40pm
Hennepin County District Judge Gary Larson has issued a search warrant to Edina, Minnesota police to collect information on people who searched for variations of a crime victim's name on Google from Dec. 1 through Jan. 7. Google would be required to provide Edina police with basic contact information for people targeted by the warrant, as well as Social Security numbers, account and payment information, and IP and MAC addresses. StarTribune reports: Information on the warrant first emerged through a blog post by public records researcher Tony Webster. Edina police declined to comment Thursday on the warrant, saying it is part of an ongoing investigation. Detective David Lindman outlined the case in his application for the search warrant: In early January, two account holders with SPIRE Credit Union reported to police that $28,500 had been stolen from a line of credit associated with one of their accounts, according to court documents. Edina investigators learned that the suspect or suspects provided the credit union with the account holder's name, date of birth and Social Security number. In addition, the suspect faxed a forged U.S. passport with a photo of someone who looked like the account holder but wasn't. Investigators ran an image search of the account holder's name on Google and found the photo used on the forged passport. Other search engines did not turn up the photo. According to the warrant application, Lindman said he had reason to believe the suspect used Google to find a picture of the person they believed to be the account holder. Larson signed off on the search warrant on Feb. 1. According to court documents, Lindman served it about 20 minutes later.

Read more of this story at Slashdot.

Netflix Replacing Star Ratings With Thumbs Up and Thumbs Down

Fri, 17/03/2017 - 10:00pm
An anonymous reader quotes a report from Variety: Get ready to say goodbye to star ratings on Netflix: The company is getting ready to replace stars with Pandora-like thumbs ups and thumbs downs in the coming weeks. Previously-given star rating will still be used to personalize the profiles of Netflix users, but the stars are disappearing from the interface altogether. Netflix VP of Product Todd Yellin told journalists on Thursday during a press briefing at the company's headquarters in Los Gatos, Calif., that the company had tested the new thumbs up and down ratings with hundred of thousands of members in 2016. "We are addicted to the methodology of A/B testing," Yellin said. The result was that thumbs got 200% more ratings than the traditional star-rating feature. Netflix is also introducing a new percent-match feature that shows how good of a match any given show or movie is for an individual subscriber. For example, a show that should close to perfectly fit a user's taste may get a 98% match. Shows that have less than a 50% match won't display a match-rating, however.

Read more of this story at Slashdot.

Uber Nowhere Close to Having a Fully Autonomous Vehicle, Its Self-Driving Cars Need a Lot of Human Help

Fri, 17/03/2017 - 9:20pm
Uber may see self-driving cars as "existential" to its future, but the company is nowhere close to having a fully autonomous vehicle. According to internal documents obtained by Recode, during the week ending March 8, Uber's self-driving cars traveled, on average, just 0.8 miles on their own before a human had to take over, in a process known as "disengagement." From the report: As a whole, Uber's self-driving system is putting on many more miles than it did in January. Last week, the company's 43 active cars drove 20,354 miles autonomously, according to the documents. This is only the second time since late December 2016 that its cars have driven more than 20,000 miles in a week. In January, the cars only drove 5,000 miles. At that point, however, the company only had about 20 active vehicles, mainly in Pittsburgh. By February, the company's cars were driving themselves around 18,000 miles a week. Uber passengers took around 930 rides in these autonomous cars in Pittsburgh last week and around 150 rides in Phoenix. To be clear, these vehicles still had a driver at the wheel to take over if needed. In Pittsburgh, where Uber launched its commercial self-driving pilot in September, the company has been performing around 800 or more UberX trips per week in semi-autonomous mode since the middle of February.

Read more of this story at Slashdot.

Movie Theaters Haven't Innovated Beyond Popcorn, Says Netflix CEO

Fri, 17/03/2017 - 8:40pm
Janko Roettgers, reporting for Variety: Asked about his company's relationship with major theater chains, Netflix CEO Reed Hastings didn't pull any punches on Thursday. "How did distribution innovate in the movie business in the last 30 years? Well, the popcorn tastes better, but that's about it," he quipped. "What Netflix wants to do is to unleash film," he said. "It's fundamentally about growing the movie business." [...] On Thursday, Hastings pushed back against the notion that the company aims to bypass theaters. "We are not anti theater," he said. "We just want things to come out at the same time."

Read more of this story at Slashdot.

FBI Arrests Alleged Attacker Who Tweeted Seizure-Inducing Strobe at a Writer

Fri, 17/03/2017 - 8:00pm
From a report on The Verge: An arrest has been made three months after someone tweeted a seizure-inducing strobe at writer and Vanity Fair contributing editor Kurt Eichenwald. The Dallas FBI confirmed the arrest to The Verge today, and noted that a press release with more details is coming. Eichenwald, who has epilepsy, tweeted details of the arrest and said that more than 40 other people also sent him strobes after he publicized the first attack. Their information is now with the FBI, he says. It isn't clear whether these "different charges" relate to similar online harassment incidents or something else entirely.

Read more of this story at Slashdot.

IBM To Hire 2,000 More Veterans, Expand Tech Training Schools

Fri, 17/03/2017 - 7:20pm
Ina Fried, reporting for Axios: IBM CEO Ginni Rometty is among the tech leaders meeting Friday with President Trump and German Chancellor Angela Merkel, Axios has learned. They'll discuss worker training. And IBM will announce plans to: Open 20 more of its P-TECH schools, which let students get a combined high school degree and associate degree in science and technology in as little as four and a half years. Hire 2,000 U.S. military veterans over the next four years and expand a program that trains and certifies veterans in the use of the type of IBM software often used by law enforcement, cybersecurity and national security agencies.

Read more of this story at Slashdot.