Huge Trove of Employee Records Discovered At Abandoned Toys 'R' Us
An anonymous reader writes:
Hackaday recently engaged in a bit of urban exploration, taking a look inside of a recently purchased Toys "R" Us location that has been boarded up since the once giant toy store chain folded in June. Inside they found plenty of hardware left behind, from point-of-sale systems to the Cisco networking gear in the server room. But the most interesting find was on paper.
In a back office, they found "several boxes" of personal information about the store's employees, from their medical records to photocopies of their driver's licenses and Social Security cards [and also tax forms]. A video included with the article gives the viewer an impression of just how large a collection of files were left behind.
The author wonders if the situation in this particular store was a fluke, or if the other  Toys "R" Us locations were left in a similar state.
The article calls it "a very surprising look at what get's left behind when the money runs out and the employees simply give up...."
"We saw the great lengths the company went to protect customer information, so to see how little regard they had for their own people was honestly infuriating."
MIT's Elegant Schoolbus Algorithm Was No Match For Angry Parents
"Computers can solve your problem. You may not like the answer," writes the
Boston Globe. Slashdot reader
sandbagger explains: "Boston Public Schools asked MIT graduate students Sebastien Martin and Arthur Delarue to build an algorithm that could do the enormously complicated work of changing start times at dozens of schools -- and re-routing the hundreds of buses that serve them. In theory this would also help with student alertness...." MIT also reported that "Approximately 50 superfluous routes could be eliminated using the new method,
saving the school district between $3 million and $5 million annually."
They took to the new project with gusto, working 14- and 15-hour days to meet a tight deadline -- and occasionally waking up in the middle of the night to feed new information to a sprawling MIT data center. The machine they constructed was a marvel. Sorting through 1 novemtrigintillion options -- that's 1 followed by 120 zeroes -- the algorithm landed on a plan that would trim the district's $100 million-plus transportation budget while shifting the overwhelming majority of high school students into later start times.... But no one anticipated the crush of opposition that followed. Angry parents signed an online petition and filled the school committee chamber, turning the plan into one of the biggest crises of Mayor Marty Walsh's tenure. The city summarily dropped it. The failure would eventually play a role in the superintendent's resignation...
Big districts stagger their start times so a single fleet of buses can serve every school: dropping off high school students early in the morning, then circling back to get the elementary and middle school kids. If you're going to push high school start times back, then you've probably got to move a lot of elementary and middle schools into earlier time slots. The district knew that going in, and officials dutifully quizzed thousands of parents and teachers at every grade level about their preferred start times. But they never directly confronted constituents with the sort of dramatic change the algorithm would eventually propose -- shifting school start times at some elementary schools by as much as two hours. Even more... Hundreds of families were facing a 9:30 to 7:15 a.m. shift. And for many, that was intolerable. They'd have to make major changes to work schedules or even quit their jobs...
Nearly 85% of the district had ended up with a new start time, and "In the end, the school start time quandary was more political than technical... This was a fundamentally human conflict, and all the computing power in the world couldn't solve it."
But will the whole drama play out again? "Last year, even after everything went sideways in Boston, some 80 school districts from around the country reached out to the whiz kids from MIT, eager for the algorithm to solve their problems."
Comcast Outbids Fox With $40 Billion Offer For Sky In Auction
outbid Rupert Murdoch's Twenty-First Century Fox after offering $40 billion in an auction on Saturday. According to Yahoo Finance, "The U.S. cable giant bid $22.59 a share for control of London-listed Sky, bettering a $20.49 dollars-a-share offer by Fox, Britain's Takeover Panel said." From the report:
Buying Sky will make Philadelphia-based Comcast, which owns the NBC network and Universal Pictures, the world's largest pay-TV operator with around 52 million customers. Chairman and chief executive Brian Roberts has had his eye on Sky as a way to help counter declines in subscribers for traditional cable TV in its core U.S. market as viewers switch to video-on-demand services like Netflix and Amazon. Comcast's knock-out offer thwarted Murdoch's long-held ambition to win control of Sky, and is also a setback for U.S. entertainment giant Walt Disney which would have likely been its ultimate owner. Disney agreed a separate $71 billion deal to buy most of Fox's film and TV assets, including its existing 39 percent stake in Sky, in June and would have taken full ownership after a successful Fox takeover.
NSA's 'Codebreaker Challenge' Features Exploiting Blockchain To Steal Ethereum
"The National Security Agency's
2018 Codebreaker Challenge kicked off on Friday, 9/21, and runs through 12/31," writes Slashdot reader
eatvegetables. Each year's challenge -- which is open to U.S. students -- comes with its own (fictitious) backstory which the organizers say is "meant for providing realistic context."
This year's story?
A new strain of ransomware has managed to penetrate several critical government networks and NSA has been called upon to assist in remediating the infection to prevent massive data losses. For each infected machine, an encrypted copy of the key needed to decrypt the ransomed files has been stored in a smart contract on the Ethereum blockchain* and is set to only be unlocked upon receipt of the ransom payment. Your mission is to ultimately (1) find a way to unlock the ransomware without giving in to the attacker's demands and (2) figure out a way to recover all of the funds already paid by other victims.
* For the purposes of this challenge, a private blockchain has been created with no real monetary value associated with the Ether.
"The first half focuses on network protocol analysis and binary reverse-engineering," writes
eatvegetables, while "The second half is all about attempting to exploit the blockchain."
An email address from "a recognized U.S. school or university" is required, and
the original submission notes that America's college students "are already hard at work trying to push their school to the top of
Should The US Government Break Up Google, Twitter, and Facebook?
The Bay Area Newsgroup reports:
Political momentum for a crackdown on Silicon Valley's social media giants got a boost this week when a state attorney general said he would tell U.S. Attorney General Jeff Sessions next week that Google, Facebook and Twitter should be broken up. Louisiana Attorney General Jeff Landry wants the federal government to do to the social media firms what it did to Standard Oil in 1911, according to a Louisiana newspaper report Tuesday... "This can't be fixed legislatively," Landry told the paper. "We need to go to court with an antitrust suit." He or another high official from his office will next week present the break-up proposal to Sessions... Landry, president of the National Association of Attorneys General, had spent months with his colleagues probing what they described as anti-competitive practices by Facebook, Google and Twitter, according to the paper.
On Friday, Bloomberg reported it had obtained a draft of a potential White House executive order that asks certain government agencies to recommend actions that would "protect competition among online platforms and address online platform bias." The order, reportedly in its preliminary stages, asks US antitrust authorities to "thoroughly investigate whether any online platform has acted in violation of the antitrust laws."
Cody Wilson, 3D-Printed Gun Pioneer, Arrested In Taiwan
Cody Wilson, maker of the first 3D-printed plastic gun, has been arrested in Taiwan. Long-time Slashdot reader
Earlier this week, Texas police issued a warrant for his arrest. Wilson, they claimed, found a woman on sugardaddymeet.com, a website that requires all users to assert they are 18 or over, then met her and paid for sex with her. Police say the woman was actually 16, which made that act a violation of Texas penal code 22.011 (A)(2)(a), regarding sex with a minor, which is legally considered sexual assault regardless of consent or payment.
While Taiwan has no formal extradition treaty with the U.S., and Wilson was not said to have been doing anything directly criminal in Taiwan, the press there reports that he was arrested without incident because the U.S. had revoked his passport, making his mere presence in Taiwan illegal. (The U.S. government has the power to revoke the passports of people facing felony arrest warrants.) Wilson was then, according to The New York Times, "delivered...to the National Immigration Agency" in Taiwan. It is expected to deport him to the U.S. to face those charges, which carry a potential 2 to 20 years in prison and $10,000 fine.
A reporter for
Ars Technica visited Wilson's home weapons printing company, and was told that "
A management restructuring is coming." But they also contacted Adam Bhala Lough, who directed and wrote a documentary film about Wilson. Prior to Wilson's arrest, Lough argued that "Without Cody, it can't last. It's like Tesla and Elon Musk, you can't separate the two.
"If he comes home and faces the music, there is a chance Defense Distributed will survive because it is a totally independent company without a board or any regulatory body. And the buyers of these products -- not to generalize, but at least the ones I met while doing the documentary -- they won't care about buying a product from an [accused] pedophile. In fact they may be even more emboldened by the idea that Cody was 'set-up' or that it is a 'deep-state conspiracy' against him, even if (or when) he admits to it."
Space Junk Successfully Captured In Orbit For the First Time (with Video)
"The Surrey Space Center successfully used a net to capture a piece of artificial space junk in orbit for the first time in history on Sunday," writes Slashdot reader
dmoberhaus. "The video was just released Wednesday and is quite stunning."
"Not only does the net look cool as hell, it's
addressing a major problem for the future of space exploration," reports Motherboard:
The test was carried about by the RemoveDEBRIS satellite, an experimental space debris removal platform built by an international consortium of space companies and university research centers. There are tens of thousands of pieces of fast-moving space junk in orbit, which range from the centimeter-scale all the way to entire rocket stages. Some of these pieces are moving faster than a bullet and all of them pose a serious danger to other satellites and crewed capsules... Removing this junk from orbit is particularly challenging because of the various sizes of the debris, its erratic tumbling motion, and the fact that some pieces are moving as fast as 30,000 miles per hour.
The successful experiment follows
six years of Earth-based testing, according to a professor at the lead research institution, the Surrey Space Centre.
"While it might sound like a simple idea, the complexity of using a net in space to capture a piece of debris took many years of planning, engineering and coordination."
Purism Launches First Security Key with Tamper-Evident Protection for Laptops
An anonymous reader quotes Softpedia:
Purism announced Thursday that its highly anticipated Librem Key security key is now available for purchase as the first and only OpenPGP-based smart card to offer a Heads-firmware-integrated tamper-evident boot process for laptops. Developed in partnership with Nitrokey, a company known for manufacturing open-source USB keys that enable secure encryption and signing of data for laptops, Purism's Librem Key is dedicated to Librem laptop users, allowing them to store up to 4096-bit RSA keys and up to 512-bit ECC keys on the security key, as well as to securely generate new keys directly on the device. Librem Key integrates with the secure boot process of the latest Librem 13 and 15 laptops...
Designed to let Librem laptop users see if someone has tampered with the software on their computers when it boots, Librem Key leverages the Heads-enabled TPM (Trusted Platform Module) chip in new Librem 13 and Librem 15 laptops. According to Purism, when inserted, the security key will blink green to show users that the laptop hasn't been tampered with, so they can continue from where they left off, and blinks red when tampering has occurred.
Purism's web site explains:
With so many attacks on password logins, most security experts these days recommend adding a second form of authentication (often referred to as "2FA" or "multi-factor authentication") in addition to your password so that if your password gets compromised the attacker still has to compromise your second factor.
USB security tokens work well as this second factor because they are "something you have" instead of "something you know" like a password is, and because they are portable enough you can just keep them in your pocket, purse, or keychain and use them only when you need to login to a secure site.
Did John Deere Just Swindle California's Farmers Out of Their Right to Repair?
An anonymous reader quotes a new
Wired opinion piece by Kyle Wiens and Elizabeth Chamberlain from iFixit:
A big California farmers' lobbying group just blithely signed away farmers' right to access or modify the source code of any farm equipment software. As an organization representing 2.5 million California agriculture jobs, the California Farm Bureau gave up the right to purchase repair parts without going through a dealer. Farmers can't change engine settings, can't retrofit old equipment with new features, and can't modify their tractors to meet new environmental standards on their own. Worse, the lobbyists are calling it a victory.... John Deere and friends had already made every single "concession" earlier this year...
Just after the California bill was introduced, the farm equipment manufacturers started circulating a flyer titled "Manufacturers and Dealers Support Commonsense Repair Solutions." In that document, they promised to provide manuals, guides, and other information by model year 2021. But the flyer insisted upon a distinction between a right to repair a vehicle and a right to modify software, a distinction that gets murky when software controls all of a tractor's operations. As Jason Koebler of Motherboard reported, that flyer is strikingly similar -- in some cases, identical word-for-word -- to the agreement the Farm Bureau just brokered...
Instead of presenting a unified right-to-repair front, this milquetoast agreement muddies the conversation. More worryingly, it could cement a cultural precedent for electronics manufacturers who want to block third-party repair technicians from accessing a device's software.
New Custom Linux Distro is Systemd-Free, Debian-Based, and Optimized for Windows 10
An anonymous reader quotes
Nearly every Linux distro is already available in the Microsoft Store, allowing developers to use Linux scripting and other tools running on the Windows Subsystem for Linux (WSL). Now another distro has popped up in the Store, and unlike the others it claims to be specifically optimised for WSL, meaning a smaller and more appropriate package with sane defaults which helps developers get up and running faster.
WLinux is based on Debian, and the developer, Whitewater Foundry, claims their custom distro will also allow faster patching of security and compatibility issues that appear from time to time between upstream distros and WSL... Popular development tools, including git and python3, are pre-installed. Additional packages can be easily installed via the apt package management system... A handful of unnecessary packages, such as systemd, have been removed to improve stability and security.
The distro also offers out of the box support for GUI apps with your choice of X client, according to
the original submission.
WLinux is open source
under the MIT license, and is
available for free on GitHub. It can also be
downloaded from Microsoft Store at a 50% discount, with the development company promising the revenue
will be invested back into new features.
Mystery Solved: FBI Closed New Mexico Observatory to Investigate Child Porn
mysterious 11-day closure of a New Mexico solar observatory stemmed from
an FBI investigation of a janitor suspected of using the facility's wireless internet service to send and receive child pornography, federal court documents showed..."
An anonymous reader quotes the Washington Post:
In July, FBI agents investigating child sexual exploitation traced the location of several IP addresses linked to child pornography activity to the observatory, according to a 39-page search warrant application. During an interview with federal authorities on Aug. 21, the facility's chief observer said he had found, on a number of occasions, the same laptop hidden and running in various seldom-used offices around the observatory. He described the contents of the laptop as "not good," according to court documents. A federal agent immediately went to the observatory, located deep within Lincoln National Forest, and took the laptop into evidence...
Aside from continuing to "feverishly" search the facility, the documents state that the janitor said, "it was only a matter of time before the facility 'got hit,'" and that he "believed there was a serial killer in the area, and that he was fearful that the killer might enter the facility and execute someone." In response to the janitor's behavior, the management of the observatory, without input from the FBI, shut it down and evacuated its personnel. The facility's cleaning contract with the janitor's parents was also terminated.
The warrant application specified that the janitor "has a key to the building and unlimited access to the building, and is familiar with which offices are used only a handful of times a year."
It also says that the janitor was the only person in the facility at the time of the alleged downloads.
'Bombe' Replica Code-Breaking WW2 Computer Was Used To Decipher Message Scrambled By An Enigma Machine
An anonymous reader quotes a report from the BBC:
Computer historians have staged a re-enactment of World War Two code-cracking at Bletchley Park. A replica code-breaking computer called a Bombe was used to decipher a message scrambled by an Enigma machine. Held at the National Museum of Computing (TNMOC), the event honored Polish help with wartime code-cracking. Enigma machines were used extensively by the German army and navy during World War Two. This prompted a massive effort by the Allies to crack the complex method they employed to scramble messages. That effort was co-ordinated via Bletchley Park and resulted in the creation of the Bombe, said Paul Kellar who helps to keep a replica machine running at the museum. Renowned mathematician Alan Turing was instrumental in the creation of the original Bombe.
For its re-enactment, TNMOC recruited a team of 12 and used a replica Bombe that, until recently, had been on display at the Bletchley Park museum next door. The electro-mechanical Bombe was designed to discover which settings the German Enigma operators used to scramble their messages. As with World War Two messages, the TNMOC team began with a hint or educated guess about the content of the message, known as a "crib," which was used to set up the Bombe. The machine then cranked through the millions of possible combinations until it came to a "good stop," said Mr Kellar. This indicated that the Bombe had found key portions of the settings used to turn readable German into gobbledygook. After that, said Mr Kellar, it was just a matter of time before the 12-strong team cracked the message.
Streaming Accounts For 75 Percent of Music Industry Revenue In the US
Mallory Locklear reporting via Engadget:
The Recording Industry Association of America (RIAA) has released music industry revenue statistics for the first half of 2018 in the U.S., and on average, revenue growth has slowed. While overall revenue was up 10 percent compared to the same time last year, clocking in at $4.6 billion, that rate is only around half of the increase observed between the first halves of 2016 and 2017. Streaming revenue growth slowed as well, though it was still up 28 percent compared to last year. Notably, streaming accounted for the vast majority of revenue so far this year, with 75 percent of overall revenue coming from streaming services like Spotify, Apple Music and Tidal.
The numbers also show that more people continue to join paid subscription services, with subscription rates growing by about one million per month. But while streaming revenue is still on an upward trend, the news isn't so good for digital downloads and CD sales. Digital downloads have only made up 12 percent of overall revenue so far this year, down from 19 percent last year, and CD sales saw a whopping 41 percent drop in revenue. To compare, during the same time last year, CD sales were only down three percent from the year before. Vinyl revenue, however, is up 13 percent.
Japan Has Attempted To Land Two Tiny Rovers On a Distant Asteroid
On Friday, Japan's Hayabusa2 spacecraft
attempted to deploy two miniature rovers on an asteroid that it's been orbiting
since mid-August. Ars Technica reports:
Each weighed only about a kilogram, and after separating from the main spacecraft they approached the asteroid named Ryugu. Japanese mission scientists think the rovers touched down successfully, but are not completely sure. Communication with the two landers stopped near the moment of touchdown. This is presumably because Ryugu's rotation took the rovers out of view from the Hayabusa2 spacecraft, but scientists won't know for sure until later Friday (or Saturday morning, in Japan) when they attempt to download images from the rovers. And thus we are left with a suspenseful situation.
Massive Undersea Walls Could Stop Glaciers From Melting, Scientists Say
An anonymous reader quotes a report from CNN:
Building walls on the seafloor could prevent glaciers from melting and sea levels rising due to global warming, scientists say. Barriers of sand and rock positioned at the base of glaciers would stop ice sheets sliding and collapsing, and prevent warm water from eroding the ice from beneath, according to research published this week in the Cryosphere journal, from the European Geosciences Union. The audacious idea centers on the construction of "extremely simple structures, merely piles of aggregate on the ocean floor, although more advanced structures could certainly be explored in the future," said the report's authors, Michael Wolovick, a researcher at the department of geosciences at Princeton University, and John Moore, professor of climate change at the University of Lapland in Finland.
Using computer models to gauge the probable impact of walls on erosion of the Thwaites glacier in Antarctica, one of the world's largest, Wolovick and Moore hoped to test the efficiency of "a locally targeted intervention." They claimed the simplest designs would allow direct comparison with existing engineering projects. "The easiest design that we considered would be comparable to the largest civil engineering projects that humanity has ever attempted," they said. "An ice sheet intervention today would be at the edge of human capabilities." For example, building four isolated walls would require between 0.1 and 1.5 cubic km of material. "That is comparable to the 0.1 km3 that was used to create Palm Jumeirah in Dubai ($12 billion)...(and) the 0.3 km3 that was used to create Hong Kong International Airport ($20 billion)," the report said. The authors say there's only a 30% probability of success due to the harsh environment, but did mention that the scientific community could work on a plan that was both achievable and had a high probability of success.