Alterslash

the unofficial Slashdot digest for 2019-May-14 today archive

Contents

  1. Fourth-Largest Coal Producer In the US Files For Bankruptcy
  2. Scientists Help Artificial Intelligence Outsmart Hackers
  3. Class-Action Lawsuit Says TurboTax Tricked Taxpayers Into Paying For 'Free' Tax Prep
  4. Lenovo Launches HoloLens Competitor
  5. 5G Networks Will Likely Interfere With US Weather Satellites, Navy Warns
  6. It's Almost Impossible To Tell If Your iPhone Has Been Hacked
  7. Walmart Announces Next-Day Delivery, Firing Back At Amazon
  8. 'Hard-To-Fix' Cisco Flaw Puts Work Email At Risk
  9. Microsoft Patches 'Wormable' Flaw in Windows XP, 7 and Windows 2003
  10. Google Is About To Have a Lot More Ads On Phones
  11. Google's Censored Search Would Help China 'Be More Open', Said Ex-CEO Eric Schmidt
  12. Google Exec's Internal Email On Data Leak Policy Rattles Employees
  13. San Francisco Could Be First US City To Ban Facial-Recognition Technology
  14. Europe Sticks a Knife Into Vegan Meat
  15. Intel CPUs Released in Last 8 Years Impacted by New Zombieload Side-Channel Attack
  16. OnePlus 7 Pro Boasts a 90Hz Screen, Three Cameras, and Costs $669
  17. Disney is Taking Full Control of Hulu
  18. Huawei Says It is Willing To Sign 'No-Spy' Agreements With Governments
  19. Who To Sue When a Robot Loses Your Fortune
  20. Adobe Warns Creative Cloud Users With Older Apps of Legal Problems
  21. Making America Carbon Neutral Could Cost $1 Trillion a Year
  22. NASA Says the Moon Is Shrinking and Experiencing 'Moonquakes'
  23. Algorithmic Analysis Shows That Pop Music Is Sadder and Angrier Than Ever

Alterslash picks the best 5 comments from each of the day’s Slashdot stories, and presents them on a single page for easy reading.

Fourth-Largest Coal Producer In the US Files For Bankruptcy

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from Ars Technica: Cloud Peak Energy, the U.S.' fourth-largest coal mining company, filed for Chapter 11 bankruptcy late last week as the company missed an extension deadline to make a $1.8 million loan payment. In a statement, Cloud Peak said it will continue to operate its three massive coal mines in Wyoming and Montana while it goes through the restructuring process. Colin Marshall, the president and CEO of the company, said that he believed a sale of the company's assets "will provide the best opportunity to maximize value for Cloud Peak Energy."

Cloud Peak was one of the few major coal producers who escaped the significant coal industry downturn between 2015 and 2016. That bought it a reputation for prudence and business acumen. But thinning margins have strained the mining company as customers for thermal coal continue to dry up. Coal-fired electricity is expected to fall this summer, even though summer months are usually boom times for coal plants as air conditioning bolsters electricity demand. That's because cheap natural gas and a boost in renewable capacity have displaced dirtier, more expensive coal. According to the Casper Star Tribune, Cloud Peak shipped 50 million tons of coal in 2018. The paper noted that after the bankruptcy filing, "speculation almost immediately began that Cloud Peak would sell its mines."

Re:He was mixing base laod and off load

By Smidge204 • Score: 5, Insightful • Thread

The "Base load power" talking point is what's misleading. The idea that renewable sources combined can't possibly meet all of our electrical energy needs has been getting discredited for the better part of a decade at this point.

Even the (now former) chairman of the Federal Energy Regulatory Commission thinks it's nonsense; https://archive.nytimes.com/ww...

And for what it's worth, we can do "massive storage" right now. We've had the technology to do it for over a century now, but lack the political will or financial incentive to do it... but it can be done and there's nothing particularly challenging about it on the technical level. Helping the cause is we probably don't need nearly as much storage as you might think.
=Smidge=

Re: Wait wait

By Anonymous Coward • Score: 4, Insightful • Thread

The only sympathy Trump gave them was lying to their faces so he'd get their votes.

and there are still no coal jobs.

Trump exposed for all to see how truly corrupt and decadent the Republican party is. That doesn't make the Democratic party perfect. They are not, but Trump exposed that underneath all the bullshit there is nothing but a thirst for power and some common team goals that can be pursued at essentially any cost.

Trump is the biggest most effective Evil I've ever seen placed in a position of power in our country. He does so much shit that is so blatantly Evil and wrong, and it gets so little attention, because everyone is exhausted, and he will have gone on to do some other Evil shit that distracts from the first round of Evil shit. A lot of the shit he does to cause outrage seems to be intentional, just to distract from his previous outrage. His base is conditioned to believe only according to his state sponsored propaganda ecosystem and instinctively rejects conflicting information, making up wild excuses why it is all justified.

Fuck, Fox at times these days sounds worse than Baghdad Bob, and there is no outrage. He kept babbling that there was no collusion but we all saw it on live tv. He just turns out not to need to do so secretly when he could do so openly. Everyone's goals were on the table. He as much as said I'll scratch your back if you scratch mine, and they did. What's more, the only explanation that truly makes sense about how he talks about Russia is not that he fears his election will be made non legitimate. No, the fucker wants their help to win in 2020 and is determined to get it, fuck all ethics, patriotism or what is good for the country.

I'd like to hope the country will wise up and reject this shit, but in the end Trump's gravest crime, and it is grave indeed, is illustrating how to successfully con and divide the world to obtain power at any cost. He has shown us if your willing to push a country to the brink of civil war, well then few things are truly impossible. Russia couldn't have asked for a better asset. From all accounts he does his job of destroying America exceptionally well, and what's best is he does it simply for his own sake. That is his cost of his path to power.

He may indeed further subsidize coal, just to try to hold onto that power. He is at the realm of the ultimate con job. It's a topic he has spoken of often, just in respect to others, but given how he reflects everything you can see it really applies to him. His goal is to keep the scam going at least through the next election, and then he wins, but the country goes further down the drain.

I think ultimately you can destroy a country best from within, when it becomes decadent such that truth is a minority opinion, because at that point your building everything on sand, and that never ends well.

Re:It Begins

By mobby_6kl • Score: 4, Insightful • Thread

Mining is becoming less and less labor-intensive though, as coal now comes mostly from surface open-pit mines where a bucket-wheel excavator ran by half-dozen does the work of hundreds of miners. Which is killing all those high paying jobs.

Re:It Begins

By jwhyche • Score: 4 • Thread

Hawaiian activists are able to stonewall geothermal energy by claiming it is "stealing the breath of Pele."

Which is complete bullshit an they know it. Pele is an active goddess. She won't stand by and let puny humans do things that displease her. Many a foolish mortal has earned Pele wrath, much to their displeasure.

Re:It Begins

By jwhyche • Score: 4 • Thread

Someone is going to object to anything and everything.

An sometime, someone needs to tell these people they can go fuck themselves. "fuck off" should always be a valid answer to anything.

Scientists Help Artificial Intelligence Outsmart Hackers

Posted by BeauHDView on SlashDotShareable Link
sciencehabit shares a report from Science Magazine: A hacked message in a streamed song makes Alexa send money to a foreign entity. A self-driving car crashes after a prankster strategically places stickers on a stop sign so the car misinterprets it as a speed limit sign. Fortunately these haven't happened yet, but hacks like this, sometimes called adversarial attacks, could become commonplace -- unless artificial intelligence (AI) finds a way to outsmart them. Now, researchers have found a new way to give AI a defensive edge. The work could not only protect the public. It also helps reveal why AI, notoriously difficult to understand, falls victim to such attacks in the first place. Because some AIs are too smart for their own good, spotting patterns in images that humans can't, they are vulnerable to those patterns and need to be trained with that in mind, the research suggests.

To identify this vulnerability, researchers created a special set of training data: images that look to us like one thing, but look to AI like another -- a picture of a dog, for example, that, on close examination by a computer, has catlike fur. Then the team mislabeled the pictures -- calling the dog picture an image of a cat, for example -- and trained an algorithm to learn the labels. Once the AI had learned to see dogs with subtle cat features as cats, they tested it by asking it to recognize fresh, unmodified images. Even though the AI had been trained in this odd way, it could correctly identify actual dogs, cats, and so on nearly half the time. In essence, it had learned to match the subtle features with labels, whatever the obvious features. The training experiment suggests AIs use two types of features: obvious, macro ones like ears and tails that people recognize, and micro ones that we can only guess at. It further suggests adversarial attacks aren't just confusing an AI with meaningless tweaks to an image. In those tweaks, the AI is smartly seeing traces of something else. An AI might see a stop sign as a speed limit sign, for example, because something about the stickers actually makes it subtly resemble a speed limit sign in a way that humans are too oblivious to comprehend.
Engineers could change the way they train AI to help outsmart adversarial attacks. When the researchers trained an algorithm on images without the subtle features, "their image recognition software was fooled by adversarial attacks only 50% of the time," reports Science Magazine. "That compares with a 95% rate of vulnerability when the AI was trained on images with both obvious and subtle patterns."

Take a cue from human learning?

By geschild • Score: 3 • Thread

Humans make the same mistake when the visual differences are confusing or contradictory and we avoid them usually because our way of judging is based on the way we learn in the first place: large features first, only considering finer details if further classification is needed or if the larger features give too little information. Visual tricks that play into this can confuse humans even where they may not confuse AI.

Examples: sometimes it is hard to see if someone is male or female. We then call that person androgyn but factually it is a failure of our classification system. Some forms of optical illusions are the same: they deliberately take advantage of the way people (fail to) discern between 'objects'.

I think it is time to admit that our brains aren't too special. They really are nothing more than weighted networks that take inputs filter them and classify them. Ideas may be nothing more than a way for the brain to code and store the results. If that is true, then the 'human advantage' may be in that specific area: the greater ability to store and use these results as further input.

Re:This should be the other way round

By swilver • Score: 5, Insightful • Thread

I agree, that's the point of AI, so why are they using advanced pattern recognition for this instead and then call it "intelligence" ? Perhaps because nobody understands how these things work after they've been trained, so it must be intelligent?

AI smarter than human? Very funny.

By omfglearntoplay • Score: 3 • Thread

I hate sales lies. This sales pitch is trying to make the current hyped "AI" equivalent to our science fiction dreams (or nightmares) of sentient robots and computers. Let's take these statements and translate:

"... AI, notoriously difficult to understand, falls victim to such attacks in the first place. Because some AIs are too smart for their own good, spotting patterns in images that humans can't,"

AI making mistakes that can kill or maim, also known as:
Stupid, mindless machines without brains that do stupid as fuck stuff stuff because they aren't able to grasp concepts that a day old rat would automatically understand.

Now to take a step back, I'm all for AI that improves things. But here, let's talk facts and figures, not bullshit.

Class-Action Lawsuit Says TurboTax Tricked Taxpayers Into Paying For 'Free' Tax Prep

Posted by BeauHDView on SlashDotShareable Link
Less than a week after ProPublica found that TurboTax lied to taxpayers about its free filing program, "a new class action lawsuit against TurboTax maker Intuit claims the tax service breached its agreement with the Internal Revenue Service by intentionally obscuring its free filing service and charging qualifying taxpayers anyway," reports Gizmodo. From the report: The complaint was filed Sunday in a California district court on behalf of plaintiffs from three different states. TurboTax's free filing service is offered -- alongside programs from other tax companies -- in partnership with the IRS and is meant to benefit 70 percent of U.S. taxpayers with adjusted gross incomes of $66,000 or less. In TurboTax's case, the free filing service should be offered to those with adjusted gross incomes of $34,000 or less, per the IRS Free File Software page.

But according to the suit, TurboTax violated its agreement with the IRS by separating its free filing page from its primary service as well as by intentionally hiding the service from search engines -- and therefore qualifying taxpayers -- by altering its code, a discovery unearthed through ongoing investigations into TurboTax's practices by ProPublica. Additionally, TurboTax is accused of using language meant to lead taxpayers to believe that its primary service is free only to later charge them.
When asked about the lawsuit, a spokesperson for TurboTax said in a statement: "We are committed to offering Americans the ability to file their taxes for free, and we're committed to the IRS Free File program. More IRS Free File returns have been filed using a TurboTax product than any other of the member companies -- including approximately 1.2 million returns this tax season. We look forward to working with the IRS and private industry to improve the Free File program and help it continue to grow."

I'll say it again...

By b0s0z0ku • Score: 4, Informative • Thread
Free File Fillable Forms is more than 90% of taxpayers need, and is free for all income levels. It's as close to an IRS e-file system as there is, just fill out the fucking forms rather than playing "200 questions."

Never doubted it

By rmdingler • Score: 3 • Thread

I had an offer for an amazing package deal for home phone, cable, and internet that arrived faithfully for years as junk mail in the mailbox.

AT&T had a 200 pair line cut, and after tens of minutes of my life that I'll never get back, they offered to restore internet and phone service within 3 weeks. That seemed unreasonable to me, since I'm not living in Puerto Rico after a hurricane. Too soon?

Long story short, I contracted with the internet company that had been fluffing up my mailbox volume for a special promotion they couldn't honor because it was something their marketing department had done.

Cheese and rice! We're living in an era where internet/cable providers don't even pretend to honor their promises. What are we? Savages?

Re:DUPE!

By Sebby • Score: 4, Interesting • Thread

https://news.slashdot.org/story/19/04/22/2139215/turbotax-uses-dark-patterns-to-trick-you-into-paying-to-file-your-taxes

Where the hell did journalistic integrity and research go, because I'd like to follow soon.

This story is about the class-action lawsuit brought on by what was discovered in the story you quoted.

Re:I'll say it again...

By Burdell • Score: 4, Interesting • Thread

You mean the site that the IRS is forced to contract out (because Intuit lobbies Congress to prevent the IRS from running that directly)? They try hard to hide it (a site like this shouldn't be allowed to have a private domain registration for example), but it is run by... Intuit! They don't even have to run ads or try to milk users to pay for unneeded software, because they get guaranteed money from the IRS.

Re:I'll say it again...

By AmiMoJo • Score: 4, Interesting • Thread

As an outside observer... How is a first world country like America this corrupt?

Lenovo Launches HoloLens Competitor

Posted by BeauHDView on SlashDotShareable Link
Lenovo is launching a new AR-and-VR system targeted at businesses. It's called ThinkReality, and from the looks and description of the device and platform, it looks like a competitor for Microsoft's HoloLens. Engadget reports: There are two parts to the new ThinkReality system -- the AR headset and a software platform. The ThinkReality A6 is a comfortable 380-gram headset with two fisheye cameras on the front, as well as depth sensors and a 13-megapixel RGB sensor. There's also microphones onboard for voice control, and the headset can also detect where you're gazing to optimize resolution or navigation. You'll also be able to interact with your virtual environments using an included 3DoF controller. Untethered, the A6 can last up to four hours with its 6,800mAh battery, and you can still use the device while it's plugged in and charging.

The headset connects to an SSD-sized compute box that contains a Snapdragon 845 CPU running an Android-based platform. There's also an Intel Movidius chips powering waveguide optics here, and each eye on the A6 offers a 40-degree diagonal field of view and 1080p resolution. By comparison, the HoloLens 2 uses a Snapdragon 850 CPU and packs two 2K MEMS displays. Microsoft also squeezes all the computing components into the headset rather than in a separate box like Lenovo does. While I'm not a fan of having to carry around an additional accessory to power a headset, this setup does make the ThinkReality A6 lighter, so it's a compromise I'm willing to make. You can wear the box on a belt clip or an armband, which should make it easy to move around when wearing this setup at work. Lenovo claims this is "one of the lightest fully featured AR headsets in its class," and during a brief trial with a non-working model, I certainly found the A6 lightweight.

Kind of incomplete...

By serviscope_minor • Score: 4, Informative • Thread

The specs are kind of incomplete, and they've missed out some of the main bits. The Hololens has it's HPU chip (marketing wank for a big tensilica DSP with a bunch of custom units tacked on) which is where it actually does the processing for the onboard SLAM system.

Speaking of which, the thing that sets aside the Hololens is the exceptionally good tracking system and the tight coupling to the display. It really doens't matter how much crap has been crammed into the case if the software isn't up to scratch and the Hololens is way way way beyond its competitors in this regard.

5G Networks Will Likely Interfere With US Weather Satellites, Navy Warns

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from Ars Technica: A U.S. Navy memo warns that 5G mobile networks are likely to interfere with weather satellites, and senators are urging the Federal Communications Commission to avoid issuing new spectrum licenses to wireless carriers until changes are made to prevent harms to weather forecasting. The FCC has already begun an auction of 24GHz spectrum that would be used in 5G networks. But Sens. Ron Wyden (D-Ore.) and Maria Cantwell (D-Wash.) today wrote a letter to FCC Chairman Ajit Pai, asking him to avoid issuing licenses to winning bidders "until the FCC approves the passive band protection limits that the National Aeronautics and Space Administration (NASA) and the National Oceanic and Atmospheric Administration (NOAA) determine are necessary to protect critical satellite-based measurements of atmospheric water vapor needed to forecast the weather."

The internal Navy memo on the topic, written on March 27 by U.S. Naval Observatory Superintendent Marc Eckardt, was made public by Wyden and Cantwell today. The Navy memo cited NOAA and NASA studies on interference from 24GHz spectrum, which is intended for mobile use and is adjacent to spectrum used for weather operations. "[A]s such, it is expected that interference will result in a partial-to-complete loss of remotely sensed water-vapor measurements," the Navy memo said. "It is also expected that impacts will be concentrated in urban areas of the United States first." The problem could affect Navy and Marine Corps forecasts of tropical cyclones as well as rain, ice, and snow, the memo said. The Navy memo recommends asking the FCC to "tighten out-of-band interference by reducing bleed-over limits to -57dB." The memo also says the Navy should "work with NOAA and NASA to continually assess and quantify actual impacts" and develop mitigations including "limited use of other channels, substitution of lesser-fidelity parameters, and the development of new techniques and algorithms through new research and development."

Non-issue

By Shaitan • Score: 5, Interesting • Thread

Nobody is actually going to deliver anything on this spectrum anytime soon... if ever. This spectrum is just used to stick something with outrageous speeds in the spec, then the wireless carriers use the "lightning fast" performance of 5G as a selling point but actually provide below 6ghz and essentially the same speed as 4G but cheaper for them to operate service plus sell all new phones. They actually did something similar with 4G which is why you don't and never will have what they originally sold you on as 4G.

Re:So what?

By Narcocide • Score: 4, Informative • Thread

Funny, but it's not just about predictions. They're saying it could interfere with real-time tracking of storms. Logistically that puts some critical industries back into the 18th century. Imagine fishermen no longer being able to hear on the radio a plausibly-accurate prediction of where the storm appears to be going as seen from space, and having that replaced with... nothing. No weather predictions for anything beyond line-of-sight. That could be a problem.

What a dumb idea

By viperidaenz • Score: 3 • Thread

Why would you want to use 25GHz anyway?
It's one of the frequencies that water in the atmosphere absorbs.
Stick to between 5cm and 10m wavelengths.

Re:Did nobody

By omnichad • Score: 5, Insightful • Thread

New satellites wouldn't help. It's not a transmission frequency. They are bouncing 23.8GHz signals off the water vapor layer to see how much gets bounced back. This is a natural frequency that water vapor interacts with. Designing a new satellite is far from as simple as selecting a new frequency.

5-10 is a little crowded, doesn't have 10Gb bandwi

By raymorris • Score: 4, Informative • Thread

That band around 2.4 GHz a great region. Everyone should use it.
Hmm, maybe that's why everyone does use it. Total bandwidth of the entire band, for all users and all uses, is on the order of 10Gbs or so. 5G is planning for 10 Gbps *per person*. So unless you're the only person uaing it, that band won't work for 5G.

For the kind of bandwidth wanted from 5G, you need a much higher frequency band. Which also means it won't go through walls, rain, etc.

Physics is a bitch when you want to stream HD on a mobile all day.

It's Almost Impossible To Tell If Your iPhone Has Been Hacked

Posted by msmashView on SlashDotShareable Link
An anonymous reader writes: A recent vulnerability in WhatsApp shows that there's little defenders can do to detect and analyze iPhone hacks. Some iOS security experts say this is yet another incident that shows iOS is so locked down it's hard -- if not impossible -- to figure out if your own iPhone has been hacked.

[...] "The simple reality is there are so many 0-day exploits for iOS," said Stefan Esser, a security researcher that specializes in iOS. "And the only reason why just a few attacks have been caught in the wild is that iOS phones by design hinder defenders to inspect the phones." As of today, there is no specific tool that an iPhone user can download to analyze their phone and figure out if it has been compromised. In 2016, Apple took down an app made by Esser that was specifically designed to detect malicious jailbreaks.

Re:Because it is always "hacked".

By angel'o'sphere • Score: 5, Interesting • Thread

Other devices are just the same.

You have to root them to get "full control" with the risk that the rooting tool is malware or that rotting turns harmless apps that require root but did not have it yet turn into malware.

In the end, it is not hard to figure if your iPhone is hacked, just check its network access log.

Ignorance is bliss

By misnohmer • Score: 3 • Thread

Even if you are hacked, Apple prefers you never find out about it. They'd rather you use a compromised phone than have a bad experience (finding out your phone has been hacked qualifies as bad experience). There are actual user experience studies out there that prove it too - customers are happier if they don't know when there is something wrong with the device or service they use. Hidden bonus for Apple is when the malicious software hinders your device to motivate you to buy a new iPhone.

Weak article

By dog77 • Score: 3 • Thread
This article lacks facts to back up its claim that IOS is riddled with vulnerabilities. The Whatsapp vulnerability is the one example of a security flaw that the articles mentions and according to this New York Times source it occurs with both IOS and Android:

https://www.nytimes.com/2019/0...

Re: Because it is always "hacked".

By astrofurter • Score: 5, Interesting • Thread

"There were other easy, cheaper and convenient options."

No, there are not. Android and iOS together account for 99.999% of all smartphones available on the market today. Both are factory-p0wned at the hardware level. And both of them lock you into a prison state application ecosystem.(Let's deprecate the misleading euphemism "walled garden".)

Re: Because it is always "hacked".

By AmiMoJo • Score: 4, Interesting • Thread

Buy an older device and install Lineage OS. Something like an LG flagship from 5 years ago can be had on eBay in excellent condition for 50 bucks, and runs great with Lineage. You even get a headphone jack.

Walmart Announces Next-Day Delivery, Firing Back At Amazon

Posted by BeauHDView on SlashDotShareable Link
Walmart will now offer shoppers the option to have their online orders delivered the next day, following Amazon's recently announced plans to spend $800 million for one-day delivery for all Amazon Prime members. CNBC reports: Walmart said Tuesday it is rolling out next-day delivery in Phoenix, Las Vegas and Southern California over the next few days and will expand it to reach roughly 75% of American consumers by the end of 2019, including 40 of the top 50 major metros. Amazon hasn't yet detailed a timeline for its own rollout of next-day shipping. But even before its April announcement, the company had offered same-day and two-hour delivery for Prime members in certain markets for certain products and at an additional cost. Amazon's next-day shipping plan expands the number of items and ZIP codes eligible for expedited service.

Walmart isn't disclosing the cost of its latest delivery push. But the company says it has been working on it for quite some time. To start, next-day delivery will be available for about 220,000 items "most frequently purchased" online, Walmart said, including toys and electronics. The company said it plans to make more items available to ship next day over time. And the option is only free for orders over $35. Amazon, for comparison, has no minimum purchase threshold for free, next-day delivery but requires customers to have a Prime membership, which costs $119 annually.

What the hell!

By zippo01 • Score: 5, Funny • Thread
I ordered this years ago and its just now getting here?

Free Next Day Deliver.

By bjwest • Score: 4, Interesting • Thread
If Walmart were smart, they'd make a deal with the USPO for free next day delivery of items in stock at the local B&M store. Order before 6pm and have it delivered with your regular mail the next day. Hell, it might even be less expensive if they bought a truck or two and delivered the items locally themselves.

Re:Prime sucks

By ArchieBunker • Score: 4, Interesting • Thread

Prime no longer means two days. I've seen Prime items with ship times of a month.

Re:Prime sucks

By madbrain • Score: 4, Informative • Thread

It means 2 days from the shipping date for items in stock. For items that are out of stock, the delivery time can indeed be months.

'Hard-To-Fix' Cisco Flaw Puts Work Email At Risk

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from the BBC: Security researchers have discovered serious vulnerabilities affecting dozens of Cisco devices. The flaws allow hackers to deceive the part of the product hardware that checks whether software updates come from legitimate sources. Experts believe this could put emails sent within an organization at risk as they may use compromised routers. Messages sent externally constitute less of a risk, however, as they tend to be encrypted. The California-based firm said it is working on "software fixes" for all affected hardware.

"We've shown that we can quietly and persistently disable the Trust Anchor," Red Balloon chief executive Ang Cui, told Wired magazine. "That means we can make arbitrary changes to a Cisco router, and the Trust Anchor will still report that the device is trustworthy. Which is scary and bad, because this is in every important Cisco product. Everything." Security experts believe that the vulnerability could cause a major headache for Cisco, which has listed dozens of its products as vulnerable on its website. "We don't know how many devices could have been affected and it's unlikely Cisco can tell either," said Prof Alan Woodward, a computer security expert based at Surrey University. "It could cost Cisco a lot of money."
Security firm Red Balloon has set up a website with more details on the vulnerabilities, which they are calling "Thrangycat."

Calm down, it Requires Root Privileges...

By MikeDataLink • Score: 5, Insightful • Thread

Not that that makes it a "good" vulnerability. But I don't generally get excited about exploits that require the attacker to already have my root credentials. If s/he's got that I am already screwed.

Re: Please let it kill internal email

By Plugh • Score: 4, Informative • Thread
Careful what you wish for. It is far easier to manage hundreds of emails per day than hundreds of Slack messages per day. Fight me

Microsoft Patches 'Wormable' Flaw in Windows XP, 7 and Windows 2003

Posted by msmashView on SlashDotShareable Link
Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a "wormable" flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017. From a report: The vulnerability (CVE-2019-0708) resides in the "remote desktop services" component built into supported versions of Windows, including Windows 7, Windows Server 2008 R2, and Windows Server 2008. It also is present in computers powered by Windows XP and Windows 2003, operating systems for which Microsoft long ago stopped shipping security updates. Microsoft said the company has not yet observed any evidence of attacks against the dangerous security flaw, but that it is trying to head off a serious and imminent threat.

Windows XP still not going away

By xack • Score: 5, Interesting • Thread
Even after five years Microsoft is still giving out occasional updates to XP. Microsoft knows China and many other countries rely on XP too much to give it up. I get over 2000 hits a month on a Windows XP support site I run and I still make my sites viewable in old versions of IE. I’m really looking forward to all the shitstorms that will happen when Microsoft pulls the plug entirely, Windows 7 too.

Google Is About To Have a Lot More Ads On Phones

Posted by BeauHDView on SlashDotShareable Link
The Verge reports on the new ad types Google announced today that will start showing up throughout its mobile products, including some that interrupt the core Google search and discovery experiences. From the report: Google searches on mobile will soon include "gallery" ads that allow advertisers to display multiple images for users to swipe through. You'll also begin to see ads in Google's discover feed -- the feed of news stories that you find built into many Android home screens, inside the Google app, and on Google's mobile homepage -- though they'll only appear in select locations for now. The new ad formats are meant to make ads a lot more noticeable. In a blog post, Google ad chief Prabhakar Raghavan says that, in tests, gallery ads resulted in "up to 25 percent more interactions" than traditional search ads.

Gallery ads will only be launching on mobile, not the desktop. Discover ads will appear in Google's mobile app, as well as on the discover feed on Android phones. Google tells us those ads won't appear in the discover feed that's built into the google.com mobile homepage. [...] The discover feed -- a personalized feed of recommended news stories that Google displays on mobile -- will also be getting ads for the first time. They'll appear just like any other story, with an image on top, a headline, and a subject field with more information. But they'll have a small badge that says "ad" to let users know it's sponsored. Those ads will extend to YouTube as well, where they'll slot in alongside recommended videos. Discover ads will also roll out later this year.

Re:Ad-Free Generation

By stinky wizzleteats • Score: 5, Funny • Thread

Your ad here. Ask me how.

I am interested in advertising in your sig.

Re:we need to opt out of ads

By rogoshen1 • Score: 4, Insightful • Thread

This post is at the confluence of 'funny', 'informative', and 'underrated' :(

And it shows *precisely* how marketing goons think.

Fanboy!

By dark.nebulae • Score: 4, Interesting • Thread

Call me an Apple fanboy all you want, but at least I'm not looking at ads across multiple aspects of the UI...

"up to 25 percent more interactions"

By sqlrob • Score: 3 • Thread

And how much of that additional interaction was people mistouching?

The only reason I root my phone

By renegadesx • Score: 3 • Thread
Root level adblockers are still to this day the single best reason to get root access on your phone. I don't get a phone unless TWRP has been ported to it. Adaway is my personal favourite, in the past I used Adfree.

Google's Censored Search Would Help China 'Be More Open', Said Ex-CEO Eric Schmidt

Posted by msmashView on SlashDotShareable Link
Former Google CEO Eric Schmidt has defended the company's plan to build a censored version of its search engine in China. From a report: In an interview with the BBC on Monday, Schmidt said that he wasn't involved in decisions to build the censored search platform, codenamed Dragonfly. But he insisted that there were "many benefits" to working with China and said he was an advocate of operating in the country because he believed it could "help change China to be more open." As The Intercept first revealed in August, Google developed a prototype of the censored search engine that was designed to remove content that China's ruling Communist Party regime deems sensitive. The search engine would have blacklisted thousands of words and phrases, including terms such as "human rights," "student protest," and "Nobel Prize" in Mandarin.

Sure it will

By McFortner • Score: 3, Informative • Thread
Right. And if I put wheels on my Grandmother she'd be a wagon.

Yeah, like how capitasm made China more open?

By JoeyRox • Score: 5, Insightful • Thread
Remember America's foreign policy strategy of spreading democracy around the world by spreading capitalism? The idea was that once citizens tasted the fruit of capitalism they would crave other freedoms, the kind democracy would bring. Didn't quite work out as planned in China.

Dear Eric Schmidt

By sexconker • Score: 3 • Thread

Dear Eric Schmidt,

Shut the fuck up, you tool.

Oh, come on, Eric!

By OneHundredAndTen • Score: 3 • Thread
Please, do not insult our intelligence. Just tell the truth: that you guys are doing it because it is good to your bottom line. Business is business. Do NOT attempt to sell it as a virtuous thing to do, because you people only manage to look ridiculous. If you tell the truth, you'll come across as the bastards that you really are. If you lie, you will look ridiculous - because everybody will be able to see through your childish lie - while still coming across as the bastards that you really are.

Censorship is openness

By Deep Esophagus • Score: 3 • Thread

Schmidt went on to add that war is peace, freedom is slavery, and ignorance is strength.

The Ministry of Truth tweeted a thumbs-up emoji in response to Schmidt's speech and rated it "doubleplusgood".

Google Exec's Internal Email On Data Leak Policy Rattles Employees

Posted by msmashView on SlashDotShareable Link
With employees organizing sit-ins over retaliation and continuing to agitate for change, Google is locking down internal communications. From a report: Google's top legal executive Kent Walker sent an all-staff email on Thursday informing employees that accessing documents classified as "need to know" without permission could result in termination, sources inside the company tell BuzzFeed News. After BuzzFeed News contacted Google about the email, Walker sent an update on Tuesday in the company's daily newsletter, clarifying that employees were typically only terminated when intentional violations resulted in data leaks, risks to user privacy, or harm to co-workers.

The Thursday email, titled "An important reminder on data classifications," referenced changes to Google's data security policy that were updated in October. Although the policy has been in place since 2007, and updates are visible internally, employees weren't notified by email at the time. The timing of the email announcement rattled employees who've been involved with organizing within the company's ranks and who told BuzzFeed News they saw it as a blow to internal accountability mechanisms. These employees said the "need to know" language in the data security policy leaves which particular documents are considered "need to know" up to Google's interpretation; "need to know" documents aren't necessarily labeled as such, and the punishment for accessing such documents without permission can vary, but include termination.

normal

By iggymanz • Score: 5, Insightful • Thread

bypassing access restrictions to information is termination offence in most corporations. also can get you imprisoned if you do that on systems belonging to military, police, etc.

Why is this news and why wouldn't google have such a rule since inception?

Re:normal

By laxguy • Score: 4, Insightful • Thread
even the summary says that the policy has been in place since 2007 -- its just more whiny brats at Google trying to get themselves in the news (read: fired)

For crying out loud

By Anonymous Coward • Score: 5, Insightful • Thread

Can we please STOP using BUZZFEED as a news source??

Re:normal

By Anubis IV • Score: 5, Interesting • Thread

Why is this news and why wouldn't google have such a rule since inception?

A policy against leaking need-to-know documents is fine, but what makes this interesting is the following from the summary:

"need to know" documents aren't necessarily labeled as such

In most jurisdictions, there's something akin to a "vagueness doctrine" that prevents people from being harmed by vaguely worded laws. After all, if we write rules that more or less say that what's against the rules is whatever an authority figure says is against the rules, why even bother with rules at all? They're utterly meaningless at that point.

In the case of Google, if they're saying that they can fire you for talking about need-to-know documents, but then they provide you with no indication of which documents meet that classification, what the rule actually amounts to is, "You can't talk about the details or existence of any document, not even to acknowledge that a product or service we've already publicly launched even exists, since we can claim that anything at all you've seen here that is written in a document somewhere is need-to-know and can then use it as a pretense to fire you." Of course, they might have a hard time arguing the validity of that rule in court, but how many people are actually willing to get into a protracted wrongful termination case against a megacorporation like Google in the first place?

Re: Don't Be Evil was retired a while ago

By sexconker • Score: 4, Informative • Thread

It's not. Bigotry is the rejection of ideas that are not your own without fair consideration because they are not your own. It's holding your beliefs above others because they are yours. The people who frequently scream about "bigotry" are often screaming about "hate" or "disagreement". They themselves are typically the actual bigots. The word is rooted in a religious definition.

San Francisco Could Be First US City To Ban Facial-Recognition Technology

Posted by msmashView on SlashDotShareable Link
San Francisco, long one of the most tech-friendly and tech-savvy cities in the world, is poised to prohibit its government from using facial-recognition technology. From a report: A proposed ban is part of a broader anti-surveillance ordinance that the city's Board of Supervisors is expected to approve on Tuesday. If passed -- a majority of the board's 11 supervisors have expressed support for it -- it will make San Francisco the first city in the United States to outlaw the use of such technology by the police and other government departments. The ordinance could also spur other local governments to take similar action. Facial-recognition systems are increasingly used everywhere from police departments to rock concerts to homes, stores and schools. They are designed to identify specific people from live video feeds, recorded video footage or still photos, often by comparing their features with a set of faces (such as mugshots).

Poop recognition technology

By registrations_suck • Score: 4, Funny • Thread

What they really need is some poop recognition technology, so they can fine all those fuckers shitting on the sidewalks.

Re: Poop recognition technology

By SirAstral • Score: 5, Informative • Thread

Ahem, well... the police have been see doing some shady stuff like tasering people for no reason, beating the shit out of them, making illegal arrests, abusing their power, raping people, choking people, murdering people, covering for each other along with their unions when "fellow" officers break the law, do wrong, or go bad.

I mean... they kinda asked for it because they could not figure out how to enforce the law without acting like tyrants.

If a cop that beats up a suspect for no reason is your "fellow" officer... that kinda tells me you are bad just like him!

I misread the headline

By syn3rg • Score: 3, Funny • Thread
Did anyone else read "fecal recognition technology"? I mean, it is San Francisco...

Re:Not really, cjjer knows nothing about it.

By DNS-and-BIND • Score: 5, Interesting • Thread

Widespread homelessness among the mentally ill can be traced back to the anti-psychiatry movement of the 1960s and 1970s and the influential works of writers such as Thomas Szasz, Erving Goffman, Ken Kesey, and R.D. Laing. These authors maintained that sufferers of mental illness were a kind of political prisoner to an unjust social structure and that they were "really just marching to a different drummer and should be free to do their marching in the streets," and so paved the way for the wholesale deinstitutionalization of mentally ill individuals in the U.S. When many of them ended up homeless and alone, posing a danger to themselves and sometimes to others, civil liberties activists âoesnuffed out any lingering possibility that the state hospitals and the community mental health centers might treat the vast majority of the seriously mentally illâ by reinterpreting their condition of homelessness as a state of emancipation.

It wasn't Ronald Reagan, but the mainstream media hated him so they made sure he ended up with the blame.

It was the ACLU who sued to shut down the asylums. How can you imprison people who committed no crime? Ever see "One Flew Over the Cuckoo's Nest"?

Europe Sticks a Knife Into Vegan Meat

Posted by msmashView on SlashDotShareable Link
The European Union is trying to put vegetables back in their box. From a report: The trading bloc's agriculture committee wants to ban vegan food products from using terms such as burger and sausage on their labels. The logic is that consumers expect their burgers to be made of pork or beef and will be duped by plant-based pretenders. More likely the region's livestock industry smells danger. Meat-alternative products made by companies like Beyond Meat and Impossible Foods appeal to a growing number of consumers that want to cut down on meat. A high-profile report from the EAT-Lancet Commission warned that red-meat consumption needs to halve by 2050 to avoid serious health and environmental problems. Whether or not consumers are fooled, vegan brands have found success in giving a meaty flavor to their marketing.

Re: Burger-Shaped should work

By Wycliffe • Score: 4, Insightful • Thread

These products should be sold to the diet market, not the vegan market. Consumers are interested in products that have the taste and mouthfeel of meat without the fat and calories.

Although the diet market is a lot larger than the vegan market, vegan meat doesnâ(TM)t make much sense for the diet market. Protein is pretty low calorie compared to the usually high carb fake vegan meats. Now if you mean the health market then vegan meats probably do have a place. The health market is also larger than the vegan market and vegetable based meats are arguably healthier but the health market and the diet market although they obviously overlap are not the same.

Re:Look...

By Pfhorrest • Score: 4, Insightful • Thread

Turn it around the the analogy is actually a pretty good explanation of gender as a social construct.

A veggie burger is a burger inasmuch as it fills the role of a burger. It's not the being made out of meat that makes it suitable for that role, so things not made of meat can still fill that role and so still be a burger.

Likewise, a transwoman is a woman inasmuch as she fills the role of a woman. It's not the chromosomes or whatever that make her suitable for that role, so people with different chromosomes etc can still fill that role and so still be women.

Re:What about Turkey Burgers

By lgw • Score: 4, Informative • Thread

I think the EU's point is that you have to call it a "veggie burger" and not just a "burger", because people assume the latter is beef. Since "impossible burger" isn't obviously not beef, I see their point: intentionally or not it's deceptive.

Re:Finally some common sense

By filesiteguy • Score: 4, Informative • Thread
Let's take a look at the ingredients. All of those have incomplete proteins. There is no plant-based protein that is "complete" in terms of the amino acids needed by our bodies. Also, most of these use cheap soy-based protein. Soy is a terrible "food" for many reasons. It contains high amounts of phyto-estrogen. Repeated studies show that these cause havoc with male hormone levels as well as are being linked to high cancer in females. The beyond burgers use the slightly less harmful pea protein isolate but still is missing methionine. Of course, instead of directly eating a plant's benefits via meat, one has to grow these plants (probably using petroleum based fertalizer in a monoculture setting), harvest the plants, send them to a factory, discard much of the plat material, then synthesize the plant material into something somewhat edible for humans.

Animals - including humans - have been walking (or swimming) around for awhile before having our heads chopped off and being eaten for the past several million years. That's the way nature works and the way our bodies are designed to function. We have short stomachs with a very high acidity factor, short intenstines, and canine teeth for a reason - we're predators. Yes, we can sustain on plant material but we only thrive eating meat.

Re: Burger-Shaped should work

By phyrz • Score: 4, Informative • Thread

No way Australia has 2 million vegans - that would be 10% of the population.

You cant claim that based on this:

"A 2000 Newspoll survey (commissioned by Sanitarium) shows 44% of Australians report eating at least one meat-free evening meal a week, while 18% said they prefer plant-based meals."

Intel CPUs Released in Last 8 Years Impacted by New Zombieload Side-Channel Attack

Posted by msmashView on SlashDotShareable Link
Academics have discovered a new class of vulnerabilities in Intel processors that can allow attackers to retrieve data being processed inside a CPU. From a report: The leading attack in this new vulnerability class is a security flaw named Zombieload, which is another side-channel attack in the same category as Meltdown, Spectre, and Foreshadow. Just like the first three, Zombieload is exploited by taking advantage of the speculative execution process, which is an optimization technique that Intel added to its CPUs to improve data processing speeds and performance. For more than a year, academics have been poking holes in various components of the speculative execution process, revealing ways to leak data from various CPU buffer zones and data processing operations. Meltdown, Spectre, and Foreshadow have shown how various CPU components leak data during the speculative execution process.

Today, an international team of academics -- including some of the people involved in the original Meltdown and Spectre research -- along with security researchers from Bitdefender have disclosed a new attack impacting the speculative execution process. This one is what researchers have named a Microarchitectural Data Sampling (MDS) attack, and targets a CPU's microarchitectural data structures, such as the load, store, and line fill buffers, which the CPU uses for fast reads/writes of data being processed inside the CPU. [...] In a research paper published today, academics say that all Intel CPUs released since 2011 are most likely vulnerable. Processors for desktops, laptops, and (cloud) servers are all impacted, researchers said on a special website they've set up with information about the Zombieload flaws.

Re:AMD cheerleading

By rahvin112 • Score: 4, Informative • Thread

AMD CPUs are architected differently than Intel. Though AMD and almost everyone else with a speculative execution engine were susceptible to several variants of the Spectre exploits there were several that were also Intel only, including possibly this variant.

Most of the Intel-only Spectre exploits were sloppy design that was meant to increase speed at the expense of security. Meltdown was a perfect example of this where AMD and ARM did the right thing at the expense of speed. To me the Spectre exploits have proved this without a doubt, Intel processors simply aren't safe until they change this design methodology and there is no evidence they have. They are doing what microsoft did in the 90's, trying to paper over the mistakes without changing the methodology of development.

Speed at any cost, including security is stupid when almost every computer in the world is running code (JS) off the internet. Most of the Spectre variants can be executed from within a browser javescript sesion and that should scare the crap out of everyone. Do you trust every Javascript your computer executes?

Re: Back to 6502s

By Waffle Iron • Score: 4, Informative • Thread

It's also subject to a trivial timing attack: Memory accesses to addresses below 0x100 are significantly faster than other addresses, and these faster addresses are usually the ones that hold important OS variables.

By searching for memory that loads faster, you can pinpoint the most important information in a 6502 system.

Potentially a major performance issue

By thereddaikon • Score: 4, Informative • Thread
Reading about this elsewhere it sounds like the software mitigation will involve clearing the buffers when the processor switches processes in most, but not all cases. This sounds familiar. Back in the early 2000's the major weakness of Netburst was that its pipeline was so long that if the branch predictor failed to see a branch coming then the entire 30+ stage pipeline would have to be drained which naturally would cause a massive performance hit. Its part of the reason why AMD's Hammer arch had higher IPC. While the technical reasons for this are massively different, we are talking about speculative execution buffers and not the branch predictor, I think the end result may be similar. Having to throw away a large chunk of in use data on a regular basis is going to hurt. The upside is unlike with the example this is predictable to a degree. The CPU knows when its going to context switch so hopefully something can be done to smooth the transition over a bit. The bad news is this is going to happen a lot, processors switch between processes nearly constantly.

Re:AMD FTW!

By jon3k • Score: 4, Insightful • Thread

I bought (and had to return!) an amd 1700 system due to a glaring bug that was a show stopper. any high load work (make -j16) would cause either silent corruption or seg faults during gcc.

I had the same bug and AMD replaced CPU for free. Got a brand new CPU shipped to me with advanced replacement and returned mine after installing it. No issues since.

Re:seems like it's Intel only,...

By gweihir • Score: 4, Informative • Thread

While I _have_ asked myself whether buying AMD gave me an overall worse result in the past, it is now amply clear where Intel got that extra performance: Really bad design trade-offs.

Looking forward to buying a zen-2 later this year!

OnePlus 7 Pro Boasts a 90Hz Screen, Three Cameras, and Costs $669

Posted by msmashView on SlashDotShareable Link
Chinese smartphone maker OnePlus has revealed two flagship smartphones: the OnePlus 7, and the OnePlus 7 Pro. From a report: The OnePlus 7 Pro's headlining features include a 6.67-inch AMOLED display (resolution: 3120 x 1440 pixels) with a 90Hz refresh rate, upgraded fast charging, and a telephoto lens -- and they don't come cheap. At $669, the 7 Pro's sticker price is far higher than that of previous OnePlus devices. The OnePlus 7 Pro's edge-to-edge waterproof design is very "of the moment," and that's not a knock against it. Much like the displays on Samsung's Galaxy S10 series and Huawei's P30 Pro, the OnePlus 7 Pro's is rounded at each corner along the contours of the frame and slightly tapered at either edge, slightly curving toward the rear cover. Other features of the OnePlus 7 Pro include a Snapdragon 855 SoC; 6GB or 8GB, or 12GB RAM; 128GB or 256GB UFS 3.0 storage; 4,000mAh battery; "Warp charge" fast charging (no wireless charging). For its camera system, the OnePlus 7 Pro has three different cameras on the back, with a 48-megapixel main sensor, a 16-megapixel ultra-wide camera, and an 8-megapixel telephoto camera. There is a 16-megapixel on front in a motorized module that pops up out of the top of the phone -- meaning the display has notch, or any other cut out. The phone runs Android 9 with OxygenOS skin. Now, about the OnePlus 7: So the OnePlus 7 won't hit U.S. stores. It makes do without a retractable selfie cam (it's got a notch instead) and it omits the 7 Pro's curved screen edges in favor of a thicker border between the display's left and right side and the frame. The ultra-wide angle sensor is missing in action, but as something of a consolation, the OnePlus 7 features a slightly larger battery -- 4,150mAh -- that's compatible with Warp Charge. The OnePlus 7's price has yet to be announced, but it's expected to be a good deal cheaper than the OnePlus 7 Pro.

"Chinese Government Monitoring" package optional?

By elrous0 • Score: 3 • Thread

There doesn't seem to be any way to check that off in the available options list.

"OnePlus 7"?

By Locke2005 • Score: 5, Funny • Thread
So, "8" for short?

Disney is Taking Full Control of Hulu

Posted by msmashView on SlashDotShareable Link
Disney's takeover of Hulu is just about complete. Comcast on Tuesday agreed to sell its ownership stake in the streaming video service to Disney. The sale won't happen for at least another five years, but Disney will take full operational control of Hulu right now. From a report: The deal is a sign of how much streaming video has changed in the last few years. Hulu was at one time a joint venture between several media titans: Disney (DIS), 21st Century Fox, Comcast's NBCUniversal and Time Warner (now WarnerMedia). None of those companies had majority control. Now Hulu is effectively a Disney product. The company became the majority stakeholder in the streaming video service after it closed a deal for most of Fox's assets in March. Last month, WarnerMedia -- now owned by AT&T -- agreed to sell its 9.5% interest back to Hulu. Comcast owns roughly a third of Hulu. Under the terms of the deal, Comcast will sell its interest to Disney for Hulu's fair market value no earlier than 2024. Disney has guaranteed that the sale price will reflect a minimum total equity value of $27.5 billion for Hulu at that time, according to a press release.

..and now they'll jack up the price.

By Rick Schumann • Score: 3 • Thread
Ha ha.

Re:So now I'm more confused

By EvilSS • Score: 4, Informative • Thread
They have stated they want to keep them separate, with Hulu being where the more adult shows end up, and Disney+ staying family oriented.

Re:So now I'm more confused

By Zontar_Thing_From_Ve • Score: 5, Insightful • Thread

Which is disney's goal... aren't they releasing their own streaming competitor to compete with hulu and netflix? Or are they planning to combine them?

Who knows? There's one company that sells like 20 brands of laundry detergent. I think their goal is to make money from you.

Hulu and Netflix don't really overlap that much already. The plan is to keep Disney+ more family friendly and put more "mature" content on Hulu, plus Hulu streams ABC shows and some of them don't really fit in well with the Disney+ idea. Since Fox uses Hulu for streaming and Disney owns a lot Fox now, this might be a way for Disney to make money off anybody who wants to stream Fox shows. I read that NBC is moving to their own streaming service but it won't be ready until next year, so for now Disney will make money off people who watch NBC shows on Hulu.

As you can see...

By Daetrin • Score: 5, Insightful • Thread
your FTC has failed. Now witness the monopoly power of this fully owned and operationally controlled streaming station!

Re:So now I'm more confused

By lgw • Score: 5, Insightful • Thread

Once you own your competition, you are a monopoly. You no longer care what people actually prefer since it is all your product. You laugh and laugh and heat your pools by burning money. People watch the Star Wars/Hannah Montana crossover because there is literally nothing better. You snap your fingers, and 50% of the world's movies go back in the vaults only to be re-released as "live action" versions. You already own the rights to any superheros that could stop you.

For all people talk about breaking up Google, or Facebook, or Amazon, the arguments there always seemed a bit weak. But Disney OTOH has been accumulating a monopoly on our culture, and that's very dangerous. People have been complaining for decades that fairy tales and half of the public domain stories were effectively copyright Disney, and now they've piled on that most of geek culture, and a fair amount of mainstream entertainment. At what point do we start talking about breaking up Disney?

Huawei Says It is Willing To Sign 'No-Spy' Agreements With Governments

Posted by msmashView on SlashDotShareable Link
Huawei is willing to sign no-spy agreements with governments, including Britain, the Chinese telecommunications company's chairman said on Tuesday as the United States pressures European countries to shun the firm over spying concerns. From a report: Washington has told allies not to use Huawei's technology to build new 5G telecommunications networks because of worries it could be a vehicle for Chinese spying, an accusation the firm has denied.

"No spy agreement" really means...

By QuietLagoon • Score: 3 • Thread
... "we won't get caught spying" agreement.

Re:That signature has got to be worth something...

By TWX • Score: 5, Interesting • Thread

How about inspecting all of the chips? Remember that Intel has some preboot and parallel crap that runs entirely independently of the operating system, baked into hardware, not removable, and apparently exploitable.

And the problem is, you can't just inspect the chips once, you have to repeatedly do it, randomly such that the vendor can't guarantee that a particular device won't end up inspected. And inspection of this magnitude would probably be destructive.

I doubt it's a corporate problem

By Sarten-X • Score: 4, Insightful • Thread

Despite all the political posturing, I really don't think Huawei's executives are speaking in bad faith here. Sure, they'll happily agree not to put backdoors in their products, and they'll likely try to even follow that, too.

I also don't think it'll make Huawei's products any more secure.

It just means whatever mid-level manager is getting bribed by the MSS to add backdoors will need to be bribed just a bit more.

It doesn't make sense to have top-level execs be involved in designing backdoors. They're a vulnerable target, with high visibility. It'd be much more effective to convince a lower-level worker to drop in an extra set of credentials, or to botch a particular bit of code. The country gets their backdoor, the company can claim ignorance, and the worker gets a nice extra paycheck. Everybody's happy.

Even if a new backdoor is found after the agreements are signed, Huawei's management can claim it's a rogue employee, issue a quick fix, and politely ask MSS to hide a little better. Then they disclose a Cisco vulnerability to change the news cycle, and business continues as usual.

Re:That signature has got to be worth something...

By AmiMoJo • Score: 4, Insightful • Thread

Sure, inspect the chips. An electron microscope works well, or you can even do it by de-capping.

But if you are going down that road, then you have to also accept that US hardware is just as bad because many of the chips and often the entire PCBs are made in China anyway. Dell, HP, Cisco, they all manufacture in China.

Even worse, we know for a fact that the NSA intercepts US hardware during shipping to install hardware backdoors. So your concerns are valid, just not a reason to be any more suspicious of Huawei than anyone else.

Re:That signature has got to be worth something...

By Kjella • Score: 4, Insightful • Thread

This reminds me of Neville Chamberlain and his piece of paper with a promise of peace from Adolf Hitler:

Which should be a reminder of the other aspect of this. One thing is the everyday spying that may lead to court cases, diplomatic incidents and a few people going to prison. But does Europe want critical infrastructure made by China in a potential WW3? Hitler didn't care about what Chamberlain or Britain felt about the bluff, because he planned to wage war and win. I mean it doesn't take that much to create an alt mode or a kill switch or whatever that you only activate if all hell is breaking loose and you cease to care about anything other than victory. It's a little early to declare world peace.

Who To Sue When a Robot Loses Your Fortune

Posted by msmashView on SlashDotShareable Link
An anonymous reader shares a report: It all started over lunch at a Dubai restaurant on March 19, 2017. It was the first time 45-year-old Li, met Costa, the 49-year-old Italian who's often known by peers in the industry as "Captain Magic." During their meal, Costa described a robot hedge fund his company London-based Tyndaris Investments would soon offer to manage money entirely using AI, or artificial intelligence. Developed by Austria-based AI company 42.cx, the supercomputer named K1 would comb through online sources like real-time news and social media to gauge investor sentiment and make predictions on US stock futures. It would then send instructions to a broker to execute trades, adjusting its strategy over time based on what it had learned.

The idea of a fully automated money manager inspired Li instantly. He met Costa for dinner three days later, saying in an email beforehand that the AI fund "is exactly my kind of thing." Over the following months, Costa shared simulations with Li showing K1 making double-digit returns, although the two now dispute the thoroughness of the back-testing. Li eventually let K1 manage $2.5bn -- $250m of his own cash and the rest leverage from Citigroup. The plan was to double that over time. But Li's affection for K1 waned almost as soon as the computer started trading in late 2017. By February 2018, it was regularly losing money, including over $20m in a single day -- Feb. 14 -- due to a stop-loss order Li's lawyers argue wouldn't have been triggered if K1 was as sophisticated as Costa led him to believe.

The red flag was obvious here

By tomhath • Score: 5, Insightful • Thread
If his AI was so good at providing double digit returns, why would he be marketing it to others instead of using it himself?

Re:It's obvious

By Opportunist • Score: 4, Insightful • Thread

You know someone who'd take my losses while I get to keep my profits? I mean, outside of corporations using governments as their fall guy?

Re:It's obvious

By Shaitan • Score: 5, Insightful • Thread

"For example the robot could have been used without the owners consent.
It could also be that the owner have been misled about the robots capabilities from the one he bought it from."

Consent only matters to the extent that the person deciding to invest had power of attorney and liability would rest with him if he abused that. There isn't necessarily weight to "well if I had known he was going to do THIS"

As for capabilities. Maybe a tech deficient judge will buy it, or an armchair technical judge get dazzled in buzzwords. Unless the bot objectively had some hard capability they explicitly said it had the answer is a solid no. An AI is not a simple rules based robot, it operates on a neural net and its behavior in response to not yet seen conditions can't be predicted, it's behavior "capabilities" can not ever be guaranteed except to the extent you impose hard limits on the impact of its output in the overall decisions.

Something like they are discussing with insufficient back testing certainly doesn't qualify... those are just reasons the bot sucked and the bot sucking is a reason they made a poor investment not a reason it was a scam. It's a given that in modeling he showed cherrypicked benchmark periods, etc. Everyone does that from Schwab to Lynch to guy trying to sell his vending machine company, to Intel trying to sell their latest graphics chip. It's called sales.

No sympathy here. If I make a bad investment I have to cover my own losses. Why shouldn't they? Both citigroup in trusting this man to invest their money and this man in trusting this AI peddler should have done better due diligence. As for the AI peddler, he certainly did nothing more wrong than a mortgage broker and is equally entitled to his commission.

Re:Everyone can be rich!

By Immerman • Score: 5, Informative • Thread

> but standards of living are, in general, going up for everyone
Except they're not really. In terms of how many hours of work it costs us to get various "toys" - cars, computers, etc. we're all getting wealthier rapidly, but when you look at the cost of the things we *need* - homes, nutritious food, medical care - most of the population is getting poore at least in the US.

Example:
1970: Median household income was $9,870 (https://www.census.gov/library/publications/1971/demo/p60-78.html)
Median cost of a new home: ~$24,000 =2.4 years income (https://www.census.gov/const/uspricemon.pdf)

2016: Median household income $58,000 (https://www.census.gov/search-results.html?q=median+income&page=1&stateGeo=none&searchtype=web&cssp=SERP&_charset_=UTF-8)
Median cost of a new home: ~$220,000 = 3.8 years income

Re:Sue yourself

By Actually, I do RTFA • Score: 4, Interesting • Thread

How about trying it out with 1% of your wealth for a few months, then scale up to 2% and so on, always... you know... hedging your bet.

Welcome to the world of the ultra-wealthy. They have so fucking much money you literally don't believe it. He did try it out small, investing less than 5% of the money he inherited from daddy. And he did promise to double his investment if it showed positive results after a year. And he did have his investment pulled out if it lost more than 0.5% of his total wealth (10% of what he invested.) And that's exactly what happened.

You have to remember that hedge funds that are primarily buying stocks, unlike those trading in derivatives or startups, are unlikely to go to zero. So an investment of this scale is unlikely to all get lost before you pull out your cash.

Adobe Warns Creative Cloud Users With Older Apps of Legal Problems

Posted by msmashView on SlashDotShareable Link
Adobe Creative Cloud subscribers who haven't updated their apps in a while may want to check their inboxes. The software company has sent out emails to customers warning them of being " at risk of potential claims of infringement by third parties" if they continue using outdated versions of CC apps, including Photoshop and Lightroom. From a report: These emails even list the old applications installed on the subscribers' systems, and in some cases, they mention what the newest available versions are. In a response to a customer complaint on Twitter, the AdobeCare account said users can only download the two most recent variants of CC apps going forward.

A spokesperson said in a statement, "Adobe recently discontinued certain older versions of Creative Cloud applications. Customers using those versions have been notified that they are no longer licensed to use them and were provided guidance on how to upgrade to the latest authorized versions." However, the spokesperson said Adobe can't comment on claims of third-party infringement, as it concerns ongoing litigation.

Competition

By Galaga88 • Score: 3 • Thread

And Adobe wonders why there's been a boom of third-party competitors to their design products, like Pixelmator, Affinity, etc. Reminder Adobe: There's no such thing as too big to fail.

Re:So you buy Photoshop, than can't use it anymore

By cayenne8 • Score: 4, Informative • Thread

hey are saying if you SUBSCRIBE to use Photoshop you need to use the latest version. Adobe tries to push everyone to their "Creative Cloud" subscription service. You pay the same subscription fee whether you use old or new versions. They are just basically saying they are dropping the subscription license of the older versions.

And, if you have older hardware that won't run the absolute latest version of their software, well...you are SOL and can't use it anymore, till you buy a new computer.

I read somewhere another article, that the 3rd party software might have been from Dolby labs.

Here is one article about it....

Re:SaaS strong arming? No, legit license issues

By cayenne8 • Score: 5, Informative • Thread

It is too bad GIMP still sucks (still doesn't render native layer effects from PS CS2 .psd properly) and are clueless about retaining a Photoshop keyboard shortcut compatibility option.

Take a look at Affinity Photo , available for both OSX and Windows.

Brand new engine, often I find it much faster than PS. It also has many of the same keyboard shortcuts, and you can customize all you want.

I'd say it hits about 98%-99% of anything you'd ever want to do in PS.

They have a free trial....and I think to buy is like about $50...and they do put out free upgrades.

They have desktop and iPad versions and the iPad version is amazingly powerful too.

Re:You have had 20+ years to contribute to the GIM

By Anonymous Coward • Score: 5, Interesting • Thread

How? I'm a photographer/artist, not a developer. The GIMP team had no interest in my input when I tried years ago, they kept doing things the way they wanted so I stopped trying. I have better things to do than wasting my time with software that doesn't do what I need it to.

Re:Software freedom helps you keep your freedom.

By StormReaver • Score: 4, Insightful • Thread

You can learn to program (just like every other programmer did, nobody is born knowing how to program a computer).

This is a very counter-productive attitude to have, and will do nothing but drive people away. Expecting non-programmers to learn to write complicated software is an unrealistic non-starter. As a software developer with over 30 years of experience, I totally agree with end-users who believe that a software developer's main objective is to create something that their users want. Otherwise, there is little point to releasing software to the public.

Making America Carbon Neutral Could Cost $1 Trillion a Year

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from Bloomberg: Democrats have introduced a host of plans designed to make the U.S. carbon neutral. Presidential candidate Beto O'Rourke outlined a $5 trillion scheme to reach that target by 2050, and other candidates are expected to follow suit. New York Representative Alexandria Ocasio-Cortez and other backers of the Green New Deal are calling for an even more aggressive timeline: net-zero emissions by 2030. Meanwhile, Washington Governor Jay Inslee, who's basing his run for the Democratic presidential nomination on fighting climate change, has released a "100% Clean Energy for America Plan." Any U.S. effort to cut net emissions to zero would "be a massive project over decades," says Alex Trembath, deputy director of the Breakthrough Institute, an Oakland, California-based environmental research group. The goal of 2050 is "a reach, but it's perfectly feasible in terms of technological innovation and scaling," Trembath adds, but 2030 "is functionally impossible."

It would also be costly. Cleaning up U.S. industries may require investments amounting to more than $1 trillion annually by 2050, according to the Deep Decarbonization Pathways Project, a global collaboration of energy research teams led by the Paris-based Institute for Sustainable Development & International Relations and the United Nations-backed Sustainable Development Solutions Network. That's in line with an estimate by BNEF that found achieving the Green New Deal's goals of de-carbonizing the U.S.'s energy, transport, and agriculture sectors would cost roughly $980 billion a year. Critics say the costs would be even higher, and would unfairly penalize the U.S. economy given that China, India, and other carbon dioxide-emitting countries in the world aren't doing their share.
The report goes on to note that doing nothing to mitigate the effects of climate change could cost companies $1.2 trillion during the next 15 years, "and if everyone does nothing, everyone's economy will be penalized."

Net exporter != no imports

By Somervillain • Score: 4, Insightful • Thread

We (the US) currently have no dependency on foreign oil, as we are a net exporter (which explains why OPEC doesn't have the clout that it used to have.)

Are you intentionally misleading people? Net exporter doesn't mean we don't import. It just means we sell more than we import. We get a lot of gasoline overseas. If we reduce that, it lowers our costs and lowers the cost of petroleum....which no matter how much green energy we produce we still need for manufacturing plastics, industrial lubricant, and many other industrial uses.

We're also only presently a net exporter. It hasn't always been that way and it is unwise to assume it will be 30 years down the road. This is still an investment and the end result is that we burn less fossil fuels through a mix of alternative energy (including nuclear) and reduced consumption.

The end result is reduced costs. It's so weird. Nothing could be more textbook conservative than reducing costs, yet conservatives are so eager to do anything but that.

If I install too many solar panels on my roof and generate a surplus of electricity on a sunny mild day, I don't open the windows and run the AC at the same time out of spite, I sell it back to the grid. It is still smart to insulate your home and turn off lights/TV when you're not using them...even if you're a net exporter of electricity.

Re:That'd be great for GDP

By LynnwoodRooster • Score: 4, Informative • Thread

That'd be nice but unfortunately only banks get to pull it out thin air. Go figure.

Explain please, because the Fed is the only institution that can create new bills - and it must be offset by a matching amount of US Federal Government Treasury bills that are authorized by Congress. The Fed can play with what is out there, but only to the limit as defined by Congress. No other bank can simply create mony out of thin air.

Re:Isn't the US a net carbon sink?

By Anon-Admin • Score: 5, Interesting • Thread

It seems unlikely: in order to pull carbon out of the atmosphere, you have to not merely grow vegetation, but kill it and stockpile the dead wood somewhere that it does not decay. Otherwise, you don't have a net loss of carbon, you are just cycling it through vegetation and returning it to the atmosphere.

(Im going to get voted down for this one but am posting it to show how it really works)

I see this posted a lot but it is not true. Plants take the C02 and break it down into carbon and Oxygen. It then bonds the carbon to into a variety of substances from C6H12O6 to (C6H10O5)n

Even if you burn the tree to ash, ash is CaCO3 removing some carbon. Heck in most cases burning, leaves charcoal which is carbon.

If the tree is left to decay, in most cases the bacteria and fungus breakdown the compounds in the tree and recombined them into new things. Most wood fungus breaks down the cellulose and turns it into chitin C8H13O5N

All in all it is not as simple as saying you have to keep the wood or trees for ever.

I could go into a lot more detail about what happens to trees. Out BY my ranch there is 5000 acres of trees are all destine to become paper, dimensional lumber, etc. Most of that carbon will be sequestered for decades or longer.

Personally, I keep my ranch as a carbon sink. I just maintain it as needed and let everything grow wild.

Re: 1 trillion per year... that is the Trump Defic

By XXongo • Score: 4, Informative • Thread

One trillion dollars per year is exactly the deficit under the Trump administration.

Obama spent even more money.

The original post said deficit. Trump's deficit is way above Obama's. It is, in fact, a trillion dollars a year.

Trump follows the Republican model: Deficits don't matter (* except when Democrats are in office). --> yes, "deficits don't matter" is a real quote, from Dick Cheney, GW Bush's vice president. The exact quote was "“You know, Paul, Reagan proved deficits don't matter. We won the midterms (congressional elections). This is our due".

...

So, turns out that this isn't a problem, it's just making America great.
Forbes: https://www.forbes.com/sites/c.... Or CBO ("The CBO also said in Thursday's report that the cumulative deficit over the next decade would add up to $9.9 trillion") https://thehill.com/policy/fin.... Or The Balance: https://www.thebalance.com/us-...

Re:Critics are wrong

By LynnwoodRooster • Score: 4, Interesting • Thread
I go to China 5-6 times a year (3 times this year already). It's about as modern as Eastern Europe. Far from a developing nation (which is what they always cry about), they are pretty much high-2nd/low-1st world. About like the Balkans and Poland. Do we need to ignore the CO2 output of Eastern Europe because "developing"?

NASA Says the Moon Is Shrinking and Experiencing 'Moonquakes'

Posted by BeauHDView on SlashDotShareable Link
The moon is getting smaller, which causes wrinkles in its surface and moonquakes, according to a new study sponsored by NASA. Time Magazine reports: As the moon's interior cools, it shrinks, which causes its hard surface to crack and form fault lines, according to research sponsored by NASA. The moon has gotten about 150 feet skinnier over the last few hundred million years. Astronauts have placed seismometers on the moon over a series of past missions. Scientists, who determined that the moonquakes are close enough to the fault lines to establish causality, published their analysis in a study in Nature Geoscience on Monday, according to NASA. The space agency has also recorded evidence of fault lines in a series of images. "Our analysis gives the first evidence that these faults are still active and likely producing moonquakes today as the Moon continues to gradually cool and shrink," said Thomas Watters, lead author of the study. Watters says that the quakes can register around a five on the Richter scale.

Mass still the same

By DigiShaman • Score: 3 • Thread

It's my understanding that the mass hasn't changed, rather the moon is compacting under it's own weight with each quake. Sort of like how you take a lose bucket of dirty, and if you shake it enough, it settles lower into the bucket. It still weighs the same.

Algorithmic Analysis Shows That Pop Music Is Sadder and Angrier Than Ever

Posted by BeauHDView on SlashDotShareable Link
dryriver writes: BBC Culture reports -- with some neat graphs in the article -- on two different scientific studies that both found that chart-topping pop music has been getting steadily sadder and angrier since the 1950s, and that both song lyrics and the musical tone in hit songs are sadder, more fearful, and angrier than ever before in history. Lior Shamir of Lawrence Technical University found the following trends in his algorithmic analysis of Billboard Hot 100 hit song lyrics: "Expressions of anger and disgust roughly doubled over those 65 years, for instance, while fear increased by more than 50%. Remarkably, today's songs are even more aggressive and fearful than in punk's heyday. One probable reason for this is the growing influence of rap music, which, like punk, has reflected social unrest and feelings of disenfranchisement. Sadness, meanwhile, remained stable until the 80s, then steadily increased until the early 2010s, while joy, confidence and openness all steadily declined."

In the second independent study, Natalia Komarova, a University of California Irvine mathematician who had been shocked by the negativity of her daughter's own music taste, found the following: "Looking through half a million songs released in the UK between 1985 and 2015, Komarova and colleagues found that the tone of the music had become less joyful since 1985 -- just as Lior Shamir's analysis of the lyrics had also suggested. Interestingly, Komarova found that the danceability -- as measured by features of the rhythm -- had increased alongside the negative feelings. So, despite the negative feelings they expressed, the songs were also more likely to get people moving. Just consider Robyn's hit Dancing on my Own -- the pulsing synths and percussion belying the lyrics of loneliness and isolation. In terms of albums, Komarova also points to Beyonce's Lemonade and Charlie XCX's Pop 2 mix-tape as being full of dark but danceable tracks."

You'd be sad and angry too if...

By magusxxx • Score: 3 • Thread

...your record company made you re-write your song multiple times to fit into a 3-4 minute block for people with a vocabulary of a twelve year old.

Victimology

By markdavis • Score: 3 • Thread

>"Remarkably, today's songs are even more aggressive and fearful than in punk's heyday. One probable reason for this is the growing influence of rap music, which, like punk, has reflected social unrest and feelings of disenfranchisement."

And this is what happens when we teach everyone that they are victims.

Re:Rap...

By HalAtWork • Score: 5, Insightful • Thread

Back in the day people used to rap about being sharp in the mind, not missing any opportunity, working hard, studying and getting smarter, avoiding tricks traps and pitfalls. It was music for people who were struggling, encouraging them to keep their heads up and keep trying hard.

Nowadays people are rapping about getting fucked up on codeine and cocaine and how much money they spend and how much they don't give a fuck. And a lot of people who aren't struggling in daily life listen to it for seductive superficial aspects and get obsessed with that lifestyle. It's trash talk and bullshit and it isn't the same.

There's some good stuff out there but it's buried. Rap got big and then pop stars and charmed life kids started rapping.

Re:Rap...

By DaveV1.0 • Score: 4, Insightful • Thread

Why do we take a look.

Pop music:

  • Whining
  • vapid
  • cloying

Rap:

  • rape women
  • deal drugs
  • force women into prostitution, take most of the proceeds to live well while beating them and getting them hooked on drugs to control them
  • rob people
  • break the law
  • kill people
  • All cops are racists who are just trying to hold you down and will kill you so kill them first.
  • fight dogs against each other
  • Demand respect while not giving any
  • It is never your fault and everything you do is OK even if it is illegal or hurts others because you.

It is so hard to tell which is worse.

Not THAT insightful, the way I see this?

By King_TJ • Score: 5, Insightful • Thread

People modded your comment all the way up to +5, but I'm not really getting why?

Alanis Morissette wasn't singing angry, bombastic stuff back in the 1990's and getting hits from it?

PJ Harvey got a hit song back then by singing about drowning children in a river ("Down By The Water")!

Or how about Veruca Salt, and songs like "Seether"?

Really, the entire grunge scene was a focus on singing depressing, dark or angry songs and it eclipsed pretty much anything else interesting going on in the pop/rock/metal music scenes at the time. (Courtney Love and "Hole" would be another female example here.)

  It seems to me like it just swings back and forth between the happy/sappy material and the darker, brooding stuff. People get collectively bored with the same themes or same type of music after so long and it changes direction.....