Microsoft Lost a City Because They Used Wikipedia Data
"Microsoft can't tell North from South on Bing Maps," joked The Register, reporting that Microsoft's site had "
misplaced Melbourne, the four-million-inhabitant capital of the Australian State of Victoria." Long-time Slashdot reader
Though they're trying to minimise it, the recent relocation of Melbourne Australia to the ocean east of Japan in Microsoft's flagship mapping application is blamed on someone having flipped a sign in the latitude given for the city's Wikipedia page. Which may or may not be true. But the simple stupidity of using a globally-editable data source for feeding a mapping and navigation system is ... "awesome" is (for once) an appropriate word.
Well, it's Bing, so at least no-one was actually using it.
"Bing's not alone in finding Australia hard to navigate," reports The Register. "In 2012 police warned not to use Apple Maps as it directed those seeking the rural Victorian town of Mildura
into the middle of a desert."
Apples Fixes Three Zero Days Used In Targeted Attack
Trailrunner7 quotes a report from On The Wire:
Apple has patched three critical vulnerabilities in iOS that were identified when an attacker targeted a human rights activist in the UAE with an exploit chain that used the bugs to attempt to remotely jailbreak and infect his iPhone. The vulnerabilities include two kernel flaws and one in WebKit and Apple released iOS 9.3.5 to fix them.
The attack that set off the investigation into the vulnerabilities targeted Ahmed Mansoor, an activist living in the UAE. Earlier this month, he received a text message that included a link to what was supposedly new information on human rights abuses. Suspicious, Manor forwarded the link to researchers at the University of Toronto's Citizen Lab, who recognized what they were looking at. "On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising ;new secrets' about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based 'cyber war' company that sells Pegasus, a government-exclusive "lawful intercept" spyware product," Citizen Lab said in a new report on the attack and iOS flaws.
Japanese Government Plans Cyber Attack Institute
An anonymous reader quotes a report from The Stack:
The government of Japan will create an institute to train employees to counter cyber attacks. The institute, which will be operational early next year, will focus on preventing cyber attacks on electrical systems and other infrastructure. The training institute, which will operate as part of Japan's Information Technology Promotion Agency (IPA), is the first center for training in Japan to focus on preventing cyber attacks.
A government source said that the primary aims will be preventing a large-scale blackout during the Tokyo Olympics and Paralympics in 2020, and stopping leaks of sensitive power plant designs. The source also stated that there is potential for a joint exercise in cyber awareness between the Japanese group and foreign cybersecurity engineers in the future.
'Social Media ID, Please?' Proposed US Law Greeted With Anger
The U.S. government announced plans to require some foreign travelers to
provide their social media account names when entering the country -- and in June requested comments. Now the plan is being called "ludicrous," an "all-around bad idea," "blatant overreach," "desperate, paranoid heavy-handedness," "preposterous," "appalling," and "un-American," reports Slashdot reader
That's just a sampling of the outrage. Some 800 responded to the U.S. request for comments about a proposed rule affecting people traveling from "visa waiver" countries to the U.S., where a visa is not required. This includes most of Europe, Singapore, Chile, Japan, South Korea, Australia and New Zealand... In a little twist of irony, some critics said U.S. President Obama's proposal for foreign travelers is so bad, it must have been hatched by Donald Trump.
"Travelers will be asked to provide their Twitter, Facebook, Instagram, LinkedIn, Google+, and whatever other social ID you can imagine to U.S. authorities," reports Computer World. "It's technically an 'optional' request, but since it's the government asking, critics believe travelers will fear consequences if they ignore it..."
Domino's Will Deliver Pizza By Drone and By Robot
An anonymous Slashdot reader quotes CNN Money's report that "pizzas will soon be dropping from the heavens":
Domino's demonstrated its ability to deliver food via a drone Thursday in New Zealand and plans to test actual deliveries to customers next month. "It doesn't add up to deliver a two kilogram package in a two-ton vehicle," said Scott Bush, a general manager for Domino's Pizza Enterprises, which is independent of the U.S. chain and operates in seven countries. "In Auckland, we have such massive traffic congestion it just makes sense to take to the airways."
A Domino's customer who requests a drone delivery will receive a notification when their delivery is approaching. After going outside and hitting a button on their smartphone, the drone will lower the food via a tether. Once the package is released, the drone pulls the tether back up and flies back to the Domino's store.
Robotics Trends has video from the flight, and reports that Domino's
is also testing a pizza-delivering robot. Their Domino's Robotics Unit "has four wheels, is less than three feet tall, and has a heated compartment that can hold up to 10 pizzas. It can deliver pizzas within a 12.5-mile radius before needing to be recharged."
US Patients Battle EpiPen Prices And Regulations By Shopping Online
"The incredible increase in the cost of EpiPens, auto-injectors that can stop life-threatening emergencies caused by allergic reactions, has hit home on Capitol Hill," reports CNN. Slashdot reader
Applehu Akbar reports that the argument "has now turned into civil war in the US Senate":
One senator's daughter relies on Epi-Pen, while another senator's daughter is CEO of Mylan, the single company that is licensed to sell these injectors in the US. On the worldwide market there is no monopoly on these devices... Is it finally time to allow Americans to go online and fill their prescriptions on the world market?
Time reports some patients are ordering cheaper EpiPens from Canada and other countries online, "an act that the FDA says
is technically illegal and potentially dangerous." But the FDA also has "
a backlog of about 4,000 generic drugs" awaiting FDA approval, reports PRI, noting that in the meantime prices have also increased for drugs treating cancer, hepatitis C, and high cholesterol. In Australia, where the drug costs just $38, one news outlet reports that the U.S. "
is the only developed nation on Earth which allows pharmaceutical companies to set their own prices."
Linus Loves GPL, But Hates GPL Lawsuits
Long-time Slashdot reader
During LinuxCon, Torvalds was full of praise for GNU GPL: "The GPL ensures that nobody is ever going to take advantage of your code. It will remain free and nobody can take that away from you. I think that's a big deal for community management... FSF [Free Software Foundation] and I don't have a loving relationship, but I love GPL v2. I really think the license has been one of the defining factors in the success of Linux because it enforced that you have to give back, which meant that the fragmentation has never been something that has been viable from a technical standpoint."
And he thinks the BSD license is bad for everyone: "Over the years, I've become convinced that the BSD license is great for code you don't care about," Torvalds said.
But Linus also
addressed the issue of enforcing the GPL on the Linux foundation mailing list when someone proposed a discussion of it at Linuxcon. "I think the whole GPL enforcement issue is absolutely something that should be discussed, but it should be discussed with the working title 'Lawyers: poisonous to openness, poisonous to community, poisonous to projects'... quite apart from the risk of loss in a court, the real risk is something that happens whether you win or lose, and in fact whether you go to court or just threaten: the loss of community, and in particular exactly the kind of community that can (and does) help. You lose your friends."
BitTorrent Cases Filed By Malibu Media Will Proceed, Rules Judge
Long-time Slashdot reader
In the federal court for the Eastern District of New York, where all Malibu Media cases have been stayed for the past year, the Court has lifted the stay and denied the motion to quash in the lead case, thus permitting all 84 cases to move forward.
In his 28-page decision (PDF), Magistrate Judge Steven I. Locke accepted the representations of Malibu's expert, one Michael Patzer from a company called Excipio, that in detecting BitTorrent infringement he relies on "direct detection" rather than "indirect detection", and that it is "not possible" for there to be misidentification.
New SWEET32 Crypto Attacks Speed Up Deprecation of 3DES, Blowfish
Researchers "have devised a new way
to decrypt secret cookies which could leave your passwords vulnerable to theft," reports Digital Trends. Slashdot reader
New attacks revealed today against 64-bit block ciphers push cryptographic ciphers such as Triple-DES (3DES) and Blowfish closer to extinction. The attacks, known as SWEET32, allow for the recovery of authentication cookies from HTTPS traffic protected by 3DES, and BasicAUTH credentials from OpenVPN traffic protected by default by Blowfish.
ReactOS 0.4.2 Released: Supports Linux Filesystems, .NET Applications, and Doom 3
Continuing its rapid release cycle, ReactOS has
unveiled version 0.4.2 of its free "open-source binary-compatible Windows re-implementation." Slashdot reader
jeditobe reports that this new version can now read and write various Linux/Unix file systems like Btrfs and ext (and can read ReiserFS and UFS), and also runs applications like Thunderbird and 7-Zip.
ReactOS 0.4.2 also features Cygwin support, .NET 2.0 and 4.0 application support, among other updated packages and revised external dependencies such as Wine and UniATA. The team also worked to improve overall user experience...
ReactOS is free. You can boot your desktop or laptop from it. It looks like Windows (a 10-year-old version, anyway), so you already know how to use it. And it'll run some Windows and DOS applications, maybe including DOS games that regular 64-bit Windows can no longer touch. These videos even show ReactOS running
Elder Scrolls: Skyrim and
Cybercriminals Select Insiders To Attack Telecom Providers
An anonymous reader quotes a report from Help Net Security:
Cybercriminals are using insiders to gain access to telecommunications networks and subscriber data, according to Kaspersky Lab. In addition, these criminals are also recruiting disillusioned employees through underground channels and blackmailing staff using compromising information gathered from open sources...
According to Kaspersky Lab researchers, if an attack on a cellular service provider is planned, criminals will seek out employees who can provide fast track access to subscriber and company data or SIM card duplication/illegal reissuing. If the target is an Internet service provider, the attackers will try to identify the employees who can enable network mapping and man-in-the-middle attacks.
HAARP Holds Open House To Dispel Rumors Of Mind Control
An anonymous Slashdot reader writes:
HAARP -- the former Air Force/Navy/DARPA research program in Alaska -- will host an open house Saturday where "We hope to show people that it is not capable of mind control and not capable of weather control and all the other things it's been accused of..." said Sue Mitchell, spokesperson for the geophysical institute at the University of Alaska. "We hope that people will be able to see the actual science of it." HAARP, which was turned over to The University of Alaska last August, has been blamed for poor crop yields in Russia, with conspiracy theorists also warning of "a super weapon capable of mind control or weather control, with enough juice to trigger hurricanes, tornadoes and earthquakes."
The facility's 180 high-frequency antennas -- spread across 33 acres -- will be made available for public tours, and there will also be interactive displays and an unmanned aircraft 'petting zoo'. The Alaska Dispatch News describes it as "one of the world's few centers for high-power and high-frequency study of the ionosphere... important because radio waves used for communication and navigation reflect back to Earth, allowing long-distance, short-wave broadcasting."
Eavesdropping On Tinder: Researcher Demonstrates Man-in-the-Middle Attacks
An anonymous Slashdot reader writes:
Security expert Anthony Zboralski posted on HERT a social engineering attack for Tinder that lets you perform a man-in-the-middle attack against unsuspecting users. Zboralski says, "Not only we can eavesdrop on the conversation of two strangers, we can also change their reality." The attack can easily be extended to SMS, Whatsapp, iMessage and voice.
"At some point people exchange phone numbers and the Tinder convo stops. That's not a problem..." Zboralski explains, suggesting more ways to continue the man-in-the-middle exploits..
His article drew a response from Tinder, arguing they "employ several manual and automated mechanisms" to deter fake and duplicate profiles. But while they're looking for ways to improve, "ultimately, it is unrealistic for any company to positively validate the real-world identity of millions of users while maintaining the commonly expected level of usability."
White House Is Planning To Let More Foreign Entrepreneurs Work In the US
Peter Hudson writes from a report via Recode:
"After failing to get Congress to pass a 'startup visa' as part of broad immigration reform, the Obama administration is moving ahead with an alternative that would allow overseas entrepreneurs to live in the U.S. for up to five years to help build a company," reports Recode. "Already speaking out in favor of the new rules is PayPal co-founder Max Levchin: 'I believe that the most promising entrepreneurs from around the world should have the same opportunity I had -- the chance to deliver on their potential, here in America.' Levchin moved to the U.S. from the Soviet Union in 1991." There are three conditions that need to be met in order to be eligible to work in the U.S. under the new rule: the foreigner would have to own at least 15 percent of a U.S.-based startup, the foreigner would need to have a central role in the startup's operations, and the startup would need to have "potential for rapid business growth and job creation." The third requirement could be met by having at least $100,000 in government grants or $345,000 invested from U.S. venture investors. "Under [the
International Entrepreneur Rule (PDF)] being formally proposed on Friday, the Department of Homeland Security would be empowered to use its existing authority to allow entrepreneurs to legally work in the country for two years, possibly followed by a one-time three-year extension," reports Recode. "While the public will have 45 days to comment, the rules aren't subject to congressional approval."
Floating Solar Device Boils Water Without Mirrors
An anonymous reader quotes a report from Ars Technica:
Researchers from MIT and the Masdar Institute of Science and Technology, led by George Ni, describe a prototype design that boils water under ambient sunlight. Central to their floating solar device is a "selective absorber" -- a material that both absorbs the solar portion of the electromagnetic spectrum well and emits little back as infrared heat energy. For this, the researchers turn to a blue-black commercial coating commonly used in solar photovoltaic panels. The rest of the puzzle involves further minimizing heat loss from that absorber, either through convection of the air above it or conduction of heat into the water below the floating prototype. The construction of the device is surprisingly simple. At the bottom, there is a thick, 10-centimeter-diameter puck of polystyrene foam. That insulates the heating action from the water and makes the whole thing float. A cotton wick occupies a hole drilled through the foam, which is splayed and pinned down by a square of thin fabric on the top side. This ensures that the collected solar heat is being focused into a minute volume of water. The selective absorber coats a disc of copper that sits on top of the fabric. Slots cut in the copper allow water vapor from the wick to pass through. And the crowning piece of this technological achievement? Bubble wrap. It insulates the top side of the absorber, with slots cut through the plastic to let the water vapor out. Tests in the lab and on the MIT roof showed that, under ambient sunlight, the absorber warmed up to 100 degrees Celsius in about five minutes and started making steam. That's a first. The study has been published in two separate Nature articles: "
Steam by thermal concentration" and "
Steam generation under one sun enabled by a floating structure with thermal concentration."