the unofficial Slashdot digest for 2020-Feb-12 today archive


  1. By 2050, the US Will Lose $83 Billion a Year Because of All the Nature We've Destroyed
  2. People Born Blind Are Mysteriously Protected From Schizophrenia
  3. AI Shortcuts Speed Up Science Simulations By Billions of Times
  4. California Introduces Law To Stop Delivery Apps Screwing Over Restaurants
  5. WHO Has Finally Named the New Coronavirus
  6. 15-Year-Old Fights the FAA's Anti-Model-Flying NPRM With Social Media
  7. Federal Workforce Too Reliant On College Degrees, Says Trump Administration
  8. Man Who Refused To Decrypt Hard Drives Is Free After Four Years In Jail
  9. Facebook Accidentally Blacked Out an Entire Language
  10. Tim Sweeney: Android is a Fake Open System, and iOS is Worse
  11. Average Tenure of a CISO is Just 26 Months Due To High Stress and Burnout
  12. Trade Fair Mobile World Congress Has Been Cancelled
  13. Andy Rubin's Essential is Shutting Down
  14. The Court Let T-Mobile Buy Sprint Because Sprint Completely Sucks
  15. Data Protection Authority Investigates Avast for Selling Users' Browsing History
  16. This App Automatically Cancels and Sues Robocallers
  17. Trump Signs Order To Test Vulnerabilities of US Infrastructure To GPS Outage
  18. Samsung Galaxy Book S is Thinner, Lighter, Faster Than MacBook Air
  19. WhatsApp Hits 2 Billion Users
  20. MWC Hangs by a Thread After Nokia, Vodafone, DT and Other Big Names Back Out
  21. The Price of a .Com Domain Is Set To Rise, and Some Sellers Aren't Happy
  22. One of the Most Destructive Botnets Can Now Spread To Nearby Wi-Fi Networks
  23. Coronavirus Crisis Disrupting Flow of Mail Into China

Alterslash picks up to the best 5 comments from each of the day’s Slashdot stories, and presents them on a single page for easy reading.

By 2050, the US Will Lose $83 Billion a Year Because of All the Nature We've Destroyed

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from Fast Company: The world economy depends on nature, from coral reefs that protect coastal cities from flooding to insects that pollinate crops. But by the middle of the century, the loss of key "ecosystem services" could cost the world $479 billion each year. The U.S. will lose more than any other country, with an $83 billion loss to the GDP per year by 2050. That's a conservative estimate. The projection comes from a report, called Global Futures, from World Wildlife Fund, which looked at only six of the services that nature provides and how those might change because of the impacts of climate breakdown, lost wildlife habitat, and other human-caused destruction of nature. (Many other services will also be impacted but can't currently be accurately modeled; the study also doesn't take into account the possibility of tipping points that lead to sudden, catastrophic losses of natural services.) By 2050, if the world continues on its current path, the global economy could lose $327 billion a year as we lose natural coastal protection from coral reefs, mangrove forests, and other natural systems. Another $128 billion could be lost annually from forests and peatlands that store carbon. Agriculture could lose $15 billion from lost pollinators and $19 billion from reduced water availability. Food costs are likely to go up, threatening food security in some regions. "In the U.S., the biggest losses will come from lost coastal protection and losses in marine fisheries," adds Fast Company. "Because of the size of the U.S. economy, it will lose most in absolute terms. But developing countries will be hit hardest in terms of the percentage of GDP lost; Madagascar tops that list, followed by Togo, Vietnam, and Mozambique."

If the world is able to radically change course and protect areas most critical for biodiversity and ecosystem services, the global annual GDP could, instead, grow $11 billion by 2050.

Re:Well then, let's spend!

By hairyfeet • Score: 4, Interesting • Thread

That would be fine...if a certain party didn't try to stick 5 billion riders in there dealing with everything from gender equality to tearing down the border. This is why we can't have nice things, because neither side will just focus on the topic at hand, its the classic "give an inch and they take a mile" problem.

I mean look at the border problem, Coronavirus should have ended that debate right then and there, if you don't have a border you can lock down if a plague breaks out in South America and you have a panic? You're fucked, millions of exposed will rush to try to escape, your medical system breaks down, you're fucked. But sadly we simply cannot have a logical debate about such things because one side starts throwing the race card like fricking Gambit at everyone that dares to speak. Actually care about not spreading pathogens and risking the lives of millions? "thats raciss!". Does it make any fucking sense? Of course not, its completely batshit,but that is tribal politics for ya, common sense has no place there.

Go read the original "Green New Deal" and see how much of it had fuck and all to do with actually saving the environment. You had safe spaces, changes to gender laws, reparations for slavery, guaranteed federal job for everybody, now riddle me this....what the fuck does ANY of that have to do with the environment? The answer is obvious, not a damn thing, but if they could wrap it up in a green flag they thought they could get everything on their wish list so they crammed it all in there and made it a fucking joke. Its the classic "I want it ALL or I want NOTHING because I deserve EVERYTHING" and what does that attitude get you? Nothing, because if the choice is giving you the moon or giving you the finger? Fuck you here's the finger.

Ecosystem services

By t4eXanadu • Score: 3 • Thread

The fact that we're still talking about the ecosystem as a series of services is part of the problem.

Re:Well then, let's spend!

By necro81 • Score: 4, Insightful • Thread

Even on the low end, the Green New Deal runs $20 TRILLION.

You say that like the plan is to take that money into a field and burn it - that there is and never will be a return on that investment. Furthermore, you're making an implicit assumption that continuing business as usual has zero cost, which it does not.

Consider this microeconomic analog: a homeowner that is considering a solar installation. The cost may be tens of thousands of dollars up front. That's a fair bit of capital, but it's not the end of the story. The installation will have a rated life of at least 25 years, and will produce something of value - electricity. (There are plenty of secondary and ancillary benefits, but let's stick just to kWh for now.) Meanwhile, if the homeowner doesn't pull the trigger and make this investment, he or she will absolutely end up paying someone else for electricity over that same 25-yr project life. Furthermore, the cost of the electricity produced by the PV array is quite predictable, while the future costs of grid-supplied electricity are not. What is the cost of that uncertainty? What is the value in reducing that uncertainty.

One cannot make an informed economic choice only by tallying the costs, but also considering the benefits, risks, and opportunity costs of alternatives (like doing nothing).

By 2050 we will have fixed all this..

By Z80a • Score: 3 • Thread

But those fixes will cause a bunch of new problems, maybe even worse than the ones being predicted.

Re:China is doing far worse but US is the problem?

By twocows • Score: 4 • Thread
I think part of it is that people see China as a somewhat lost cause, at least for now. Our efforts there are more concentrated on getting them to be slightly less horrible. I think people think that advocating in the US or Europe etc. may actually produce results.

People Born Blind Are Mysteriously Protected From Schizophrenia

Posted by BeauHDView on SlashDotShareable Link
Motherboard reports on the possible explanations for why people born blind are protected from schizophrenia: Over the past 60-some years, scientists around the world have been writing about this mystery. They've analyzed past studies, combed the wards of psychiatric hospitals, and looked through agencies that treat blind people, trying to find a case. As time goes on, larger data sets have emerged: In 2018, a study led by a researcher named Vera Morgan at the University of Western Australia looked at nearly half a million children born between 1980 and 2001 and strengthened this negative association. Pollak, a psychiatrist and researcher at King's College London, remembered checking in the mental health facility where he works after learning about it; he too was unable to find a single patient with congenital blindness who had schizophrenia. These findings suggest that something about congenital blindness may protect a person from schizophrenia. This is especially surprising, since congenital blindness often results from infections, brain trauma, or genetic mutation -- all factors that are independently associated with greater risk of psychotic disorders.

More strangely, vision loss at other periods of life is associated with higher risks of schizophrenia and psychotic symptoms. Even in healthy people, blocking vision for just a few days can bring about hallucinations. And the connections between vision abnormalities and schizophrenia have become more deeply established in recent years -- visual abnormalities are being found before a person has any psychotic symptoms, sometimes predicting who will develop schizophrenia. But the whispered-about fact persists: Being born blind, and perhaps specific types of congenital blindness, shield from the very disorders vision loss can encourage later in life. A myriad of theories exist as to why -- from the blind brain's neuroplasticity to how vision plays an important role in building our model of the world (and what happens when that process goes wrong). Select researchers believe that the ties between vision and psychotic symptoms indicate there's something new to learn here. Could it be that within this narrowly-defined phenomenon there are clues for what causes schizophrenia, how to predict who will develop it, and potentially how to treat it?

Congenital blindness dreaming

By Dan East • Score: 3 • Thread

I'm sure studies have been done on this, but I wonder what people blind from birth dream? Dreams are a very visual thing, so if you have no memories or experiences visually, I don't suppose you would "see" things in your dreams either. Do they dream of sounds and other sensations then?

A similar thing that boggles my mind is what do people that grew up without language think? When I think, it tends to be verbal in nature. Kind of talking in my mind. If you have no vocabulary, it would have to affect your very thought process, correct? Similar kinda thing.

Re:Congenital blindness dreaming

By Edward Nardella • Score: 5, Interesting • Thread

Well I don't know about blind people but I do know about aphantasia, the lack of a visual imagination. I know about it because it applies to me. When I dream, I am aware of everything happening without seeing it, almost as if I had ESP. I don't perceive shapes or colors though, more like abstract ideas. There is a tree in front of me, I know it is a tree, I know where it is, I know how big it is, I am aware that it is green, but that's about it. Oddly, that is more than enough information for the experience to feel real.

I do 3D design work as a hobby. I can design complex shapes and mechanisms in my head, all without visualization. I also don't think in words or numbers. But my brain can formulate a set of instructions to create the item without those abilities. Really weird.
Thanks slashdot for showing this at the bottom where I would see it after using mod points.

Hearing voices

By mwvdlee • Score: 3 • Thread

So are blind people also less susceptible to "hearing voices"? And how about deaf people? Is there a similar effect?

Deaf not Blind?

By aberglas • Score: 4, Interesting • Thread

Schizophrenics normally just hear voices. Only a few really bad ones also have hallucinations. So one might expect a correlation with deafness?

And they really do hear them, which is why they often play loud music to drown them out. Self talk is a bit like that too -- it seems that we almost need to produce imaginary sounds in order to keep our brain coordinated. The brain looks like a rough piece of software that has just been hacked together over a long period of time with no overall plan...

I wonder how the deaf think? Do they have self talk?

Re:Deaf not Blind?

By CubicleZombie • Score: 4, Interesting • Thread

I wonder how the deaf think? Do they have self talk?

From what I've read, they self talk in sign language. Which boggles my mind.

But then again, our "voice" self talk isn't really voice. Or even sound.

Something I wonder.. When I'm alone, I talk to myself out loud. Does a deaf person sign to themselves?

AI Shortcuts Speed Up Science Simulations By Billions of Times

Posted by BeauHDView on SlashDotShareable Link
sciencehabit shares a report from Science Magazine: Modeling immensely complex natural phenomena such as how subatomic particles interact or how atmospheric haze affects climate can take thousands of hours on even the fastest supercomputers. Emulators, algorithms that quickly approximate these detailed simulations, offer a shortcut. Now, work posted online shows how artificial intelligence can produce accurate emulators that can accelerate simulations across all of science by billions of times. The new system automatically creates emulators that work better and faster than those designed and trained by hand. And they could be used to improve the models they mimic and help scientists make the most of their time at experimental facilities.

Re:AI or GPU Speed-up?

By Anonymous Coward • Score: 4, Insightful • Thread

I _highly_ doubt such massive speed-ups are possible for most typical use cases

Scientists at Stanford, Lawrence Livermore, etc come up with promising new technique, guy on slashdot says it won't work. You guys are comical.

Re:I'll believe that when I see it.

By cusco • Score: 4, Interesting • Thread

historically they haven't done very well at all.

Where? They work fine modeling climate on Earth, Venus, Mars, and Titan, where have you tried them?

You're confusing "weather" with "climate" again. The cells don't have to be small to simulate the climate of the Northern Hemisphere or the South Atlantic, just if you are trying to predict weather.

Re:I'll believe that when I see it.

By Brett Buck • Score: 4, Insightful • Thread

So, it's wrong, but wrong *much faster*

This stuff actually works quite well

By Ambassador Kosh • Score: 3 • Thread

Using neural networks for classification is the new cool thing to do but that is not what they were first used for. Neural networks are good piecewise polynomial approximations to an unknown function.

Most science models are a complex mix of algebraic, differential and partial differential equations that are very time consuming to solve. However from math there MUST exist a polynomial approximation to that same set of equations that can return the same results to arbitrary accuracy on some bounded interval. This is the ENTIRE basis for using neural networks to approximate complex simulators.

I have been doing the same thing for my work. Sometimes we need to run a simulator millions of times and it can take a minute to run each time. However a good network needs about 10K samples and can predict the rest but it can predict them accurately running on a normal GPU at about 100K/s which takes simulations that would take a month down to one that takes less than a day in total.

I am still working on a better network design for my problem but already the results are quite promising and almost good enough. I take the same inputs I would give to the simulator and predict the time series the simulator would create.

California Introduces Law To Stop Delivery Apps Screwing Over Restaurants

Posted by BeauHDView on SlashDotShareable Link
On Tuesday, California State Assemblywoman Lorena Gonzalez (D-San Diego) introduced legislation to protect restaurants from being exploited by food delivery platforms that add restaurants without permission and withhold customer data. Motherboard reports: For years now, companies such as DoorDash, GrubHub, Postmates, and Uber Eats have engaged in shady practices to add more restaurants to their platforms, extract more fees from restaurants and customers, and defeat rival platforms. One consequence of this arrangement is that delivery apps do not share information with restaurants about where customers are located or how to get their feedback. According to a press release about the proposed legislation, this means restaurants have little control over the customer experience and the data may even be used by platforms to drive customers to so-called "host kitchens" that they operate.

Assembly Bill 2149 (the Fair Food Delivery Act) would require platforms to not only share customer information with restaurants but reach an agreement with restaurants before adding them onto the food delivery app. The hope with AB 2149 is that by giving restaurants the ability to opt-out of being added to the platforms (or get the customer data if they opt-in), there will be less of this exploitative extraction directed at restaurants. As for protecting workers from exploitation, Gonzalez also introduced bill AB 5, which went into effect this year and promises to reclassify gig workers (including delivery drivers) as employees owed a minimum wage, benefits, and dignity that these platforms deny them.

Re:paying someone to pick up food for you?

By DogDude • Score: 4, Insightful • Thread
Not if your restaurant had a good reputation, you wouldn't. One shitty delivery can lose a customer forever. Since the restaurant in these cases has no control over the delivery, their reputation can be quickly destroyed.

Re:Clown World

By DogDude • Score: 4, Insightful • Thread
I concede that's a potential problem and one that the app companies have a moral responsibility, if not a legal one, to remedy.

It's not a potential problem. It's a very real problem that restaurants are dealing with right now.

If restaurants want to do delivery, then it's up to them who they want to make deliveries for them. A small business lives and dies on reputations, and every bad delivery is a lost customer.

I work in a retail business and we do our business and do not allow other companies to do delivery for us for this exact reason. Our delivery service is awesome. Somebody else's....?

Can I charge money for GrubHub orders?

By Somervillain • Score: 5, Insightful • Thread

My point is that they are trying to outlaw a transaction between two 3rd parties that involves someone coming to their restaurant, buying food and leaving presumably without causing any harm what-so-ever. Is that not a crummy thing to do?

Here's a part you're missing. If you own a restaurant, GrubHub is representing you, without your consent. They are advertising your menu and your prices. Want to raise your prices?...well...GrubHub wasn't aware and now everyone ordering there is PISSED that they think they're getting a meal for last year's prices and finding out at the last minute, they have to pay more or cancel. As someone else pointed out, you work hard to perfect your pizza recipe, but the delivery driver delivers it 30 minutes late, drops it on the floor, and it tastes like amateur garbage. You have no power to reprimand the driver.

The customer, on the other hand, is eating at your food for the first time and thinks you sell garbage pizza. They're going to blame you, not the driver or GrubHub. Want to change your hours? Well...I hope GrubHub knows....because otherwise, you decide to close an hour earlier on Sunday and now people are pissed at you because GrubHub was taking orders and they were getting canceled. Was it you fault? No....but who is the customer going to blame? the small time pizzeria they've never heard of or their beloved content-scraping app? It's very reasonable to grant a business the right to opt out of any service that chooses to represent them to their customers without their consent.

Let's put it a different way. Can I make a website that proxies to GrubHub, but charges and extra 20% on the price? Can I put GrubHub's logo all over the page? Can I specify GrubHub's hours, terms and conditions, and options? Would they be as kind as you are advocating the restaurants be and just be happy with the business they're getting from my app?

As a side note, these companies are cancer. Many of them pay a fixed fee per delivery and use your tip to pay the fixed fee. If someone is getting $3 from DoorDash to deliver your pizza. You tip $2.50, the delivery person gets $3, not $5.50. They get the same fee if you tip or if you don't ( They are terrible people and the world would be a better place if they were shut down. It's not directly relevant to this issue, but something everyone should know if they give them business.

Re:Not a law

By Xenx • Score: 4, Insightful • Thread
In all fairness to the AC, it sounds like GrubHub scrapped them and was taking orders on behalf of the restaurant. It doesn't sound like the restaurant was an official partner. As a business, they may not have been ready to see the influx of orders GrubHub brought. That means either turning away orders, or orders taking much longer to fill. Either way, it doesn't make a good impression on customers.

Re:Not a law

By Waffle Iron • Score: 4, Insightful • Thread

If only there were some kind of refrigeration device that enables you to keep extra stock handy, just in case, without it going bad. Who knows, maybe one day that technology will be invented.

You want the food to actually not go bad? That's called a freezer.

You know, the device that ruins the texture of most foods. Not something a quality restaurant can use for the majority of their ingredients.

WHO Has Finally Named the New Coronavirus

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from ScienceAlert: The UN health agency on Tuesday announced that "COVID-19" will be the official name of the deadly virus from China, saying the disease represented a "very grave threat" for the world but there was a "realistic chance" of stopping it. "We now have a name for the disease and it's COVID-19," World Health Organization chief Tedros Adhanom Ghebreyesus told reporters in Geneva. Tedros said that "co" stands for "corona", "vi" for "virus" and "d" for "disease", while "19" was for the year, as the outbreak was first identified on 31 December.

Tedros said the name had been chosen to avoid references to a specific geographical location, animal species or group of people in line with international recommendations for naming aimed at preventing stigmatization. WHO had earlier given the virus the temporary name of "2019-nCoV acute respiratory disease" and China's National Health Commission this week said it was temporarily calling it "novel coronavirus pneumonia" or NCP. Under a set of guidelines issued in 2015, WHO advises against using place names such as Ebola and Zika -- where those diseases were first identified and which are now inevitably linked to them in the public mind. More general names such as "Middle East Respiratory Syndrome" or "Spanish flu" are also now avoided as they can stigmatize entire regions or ethnic groups. WHO also notes that using animal species in the name can create confusion, such as in 2009 when H1N1 was popularly referred to as "swine flu." This had a major impact on the pork industry even though the disease was being spread by people rather than pigs.

Re:So many names...

By TeknoHog • Score: 5, Funny • Thread
CoVFeFe: Coronavirus federal felony.

Beer brewers rejoice

By MrKaos • Score: 5, Funny • Thread

It is now safe to drink Corona Beer.

Re:Politicians, not doctors.

By ceoyoyo • Score: 5, Insightful • Thread

Good. The WHO is an international health organization. Their job is to deal with difficult nations (which is most of them) to accomplish a health related goal. If getting access and cooperation requires diplomacy and fluffing some national egos, good on them for not letting stupid ideals get in the way.

An affront to royal headgear everywhere!

By flatulus • Score: 4, Insightful • Thread
What about "corona"? aka crown. Pretty insensitive to nobility everywhere if you ask me.

You have to be VERY careful when you endeavor to offend nobody. Reminds me of the kerfufffle over the Washington Redskins. Nobody seemed to notice that we have a state named INDIANA! How can people be so insensitive?

Re:Politicians, not doctors.

By tlhIngan • Score: 4, Interesting • Thread

200+ new deaths in the last 24 hours.

And how many deaths from other kinds of flu in China? (China is a lot of people)

How many deaths from other kinds of flu in in the USA?

And exactly what do YOU think the WHO could do better than quote the advice of the best available doctors from the rest of the world?

Think - if/when it happens in the USA, exactly what will Trump say when the WHO tells him what doctors tell them is the best thing to do?

Here''s reason for the name.

First, "novel Coronavirus 2019" or "nCoV-2019" is a mouthful. COVID-2019 is much easier.

Second, coronavirus is common. Besides Covid-2019, we have SARS and the common cold. (Rhinovirus is another type of common cold as well, so just because you have a cold, doesn't meant it's from just a coronavirus). Thus, you can pretty much truthfully say millions of Americans have the coronavirus, because they do.

So that's why we have nice names because we want to identify which strain we're talking about. Imagine if you got a cold and your doctor said you have a coronavirus. In this current time, that's not a very nice diagnosis now, is it? Especially since you probably have a cold.

Influenza right now is running rampant. The CDC is estimating (because not everyone with the flu sees a doctor) around 20-30 million Americans have or had influenza. And somewhere between 10-30,000 people have died. These are numbers based on reports, so the actual number is likely higher - not everyone sick with flu went to the doctor so the CDC doesn't get numbers, and not everyone who dies could be reliably traced to the flu.

Remember China has over 4 times the population of the US. so the numbers for influenza should be much higher.


Humans prize novelty. It's why 9/11 is a disaster despite more people dying in traffic daily, or why Covid-2019 is scary despite influenza having killed way more people the past few months 200 people probably died from the flu today in the US alone, and 200 more will die tomorrow and so on.

15-Year-Old Fights the FAA's Anti-Model-Flying NPRM With Social Media

Posted by BeauHDView on SlashDotShareable Link
NewtonsLaw writes: The FAA has issued an NPRM (Notice of Proposed Rule Making) that would effectively see the end of the traditional hobby of flying RC planes, helicopters and drones. As well as mandating remote ID on store-bought products it would effectively (over time) outlaw scratch-built craft as well. This stands to have a hugely negative impact on those STEM/STEAM programs that have in the past used drones and RC planes as a teaching tool and a way of getting kids into electronics, engineering, and aerospace-related subjects. Although many older folk have tried to rally public support for some pushback on these outrageous proposed new rules, a 15-year-old named Jack Thornton has outclassed everyone with his four-and-a-half-minute YouTube video. Not only does he explain what's going on but he makes a fantastic case for the continuation of the hobby and even uses some of the tech to create the video. I am seriously impressed by what this guy has done!

Oh please FAA can't even require transponders

By WillAffleckUW • Score: 5, Insightful • Thread

This is bogus.

The FAA doesn't even require transponders on the seaplanes flying out of Seattle, a port city, and at least half of them have none, so how can they enforce this against model planes?


Enforce the regs you have before you tell us about going after hobbyists.

Re:Flashy video does NOT mean outclassing.

By auzy • Score: 5, Informative • Thread

It's not a few drone owners, it seems to be the majority to be honest (unfortunately).

People break the laws in cars, but those who do can be held accountable via their license plate (in fact, an ex-boyfriend of an ex-tinder date tried to hit my car from the side the other day, and because they had a license plate and I had a dashcam, we know who did it now, and I plan to go to the police this weekend). This ALLOWS drone owners to be accountable.

I've skimmed the FPV response (it's long), but some of it's point's are basically "it's useless having a law because some people won't comply", and financial related. I do agree the weight limit is a bit low and should be increased though (although, any drone with a camera SHOULD require a transponder). People can disagree with a law and be in the wrong (it happens regularly). People hate any type of regulation. That doesn't make the regulation bad.

I also disagree about not having transponders for uncontrolled airspace. Lots of urban areas are uncontrolled, and if a drone hit's someone's car, without any means of identifying it, no drone owner will fess up. This law also means companies such as DJI will start adding such functionality to their drones (so, you need to look at all affected parties). It's not only about safety, it's about accountability. It also won't kill the hobbyist RC market (people are exaggerating).

Also, my aerobatics instructor actually got in a midair collision with another plane. Mandatory transponders (which will likely be introduced for planes) would have saved the other pilot (my aero instructor got REALLY lucky, as his elevator was jammed, and he only had some control of rudder). This was in uncontrolled airspace. The technology DOES work.

You must remember, the good thing about the aviation industry is that its about improving safety not other factors. This proposal greatly improves safety (especially as those who regularly don't follow the rules or put others in danger can be held accountable). It should NEVER be a political thing, and never has been.

Most of these things are not toys, and the vast majority have few redundancies in place to ensure they won't randomly fall out the sky (and I've heard of 2 instances where that has occurred now, one of which was in an area they shouldn't have been flying anyway).

Yes, some drone owners are responsible, but the only disadvantage of this is increased cost, but the advantages are huge.

Re:Spreading half truths, huh?

By jcr • Score: 4, Insightful • Thread

4 out of 4 drone owners I know have knowingly broken the rules.

So fucking what? That's not a reason to punish anyone else.

If their RC aircraft hits your car whilst driving, I promise you won't find the owner.

And you won't find a kid who tosses a rock at you while you're driving, either. What's your point?


Re:Flashy video does NOT mean outclassing.

By thesupraman • Score: 5, Insightful • Thread

You make a good point here.

REAL AIRCRAFT dont have manditory transponders, and the fuss you are making is about much less dangerous items.

Do you support pushbikes, skateboards, and scooters (these horrific new electric things) having mandatory remote transponders? they can cause all sorts of carnage... we better make that a requirement also, along with registering each one, with a license to operate, etc.

The people in NO WAY improved safety - it imposes control, but that doesnt magically give safety. You are trying to wave a 'safety' flag around for something that as yet has not caused one actual direct injury (at least with respect to aircraft). Pushbikes have caused tens of thousands of injuries - perhaps you should look at your priorities?

And this is NOT just about drones - you need to actually research a bit, they are threatening the whole hobby of remote control aircraft. As far as I can google there has NEVER been an aircraft accident caused by a remote control (model.. lets not try and pull in military items, etc..) aircraft, and these have been quite common, even MORE common, for a good 60-70 YEARS.

you sir are exaggerating - there is no evidence of an actual issue here, just one group wanting to impose regulations on another 'just in case'.

And yes, I am also a private pilot, and I have no issues with this hobby co-existing.

Re:Spreading half truths, huh?

By laird • Score: 5 • Thread

He was making the opposite argument, that demanding 100% accountability in all situations is an unreasonable demand that outlaws the entire hobby. And if it were applied to, in his example kids throwing rocks at cars, would require outlawing all rocks, which is of course absurd.

Federal Workforce Too Reliant On College Degrees, Says Trump Administration

Posted by BeauHDView on SlashDotShareable Link
dcblogs writes: In the federal government, approximately 30% of the 2.1 million civilian employees have a master's degree or above. That's compared to about 15% at large firms in the private sector, according to the White House's 2021 budget. The federal workforce is also older than the private sector. The average age of federal workers is 46, versus 42 for all others. The age gap is most acute for the youngest workers, with only 7.3% of the federal workforce younger than age 30 compared to 23% of private sector workers. "Over-reliance on degrees can be a barrier to entry" to federal jobs, the White House argued. Others disagree and say that many government jobs, such as economists and attorneys, require advanced degrees.

Yeah, we need more dumb people in government

By JustAnotherOldGuy • Score: 5, Insightful • Thread

Yeah, we need more dumb people in government fer sure. Look how well it's worked so far. Senior advisors who can't pass a security check, cabinet members with literally ZERO experience in the departments they've been chosen to run, etc etc etc. Yeah, hiring morons has been a huge success.

And, for the record, I speak as someone who doesn't have a college degree, but but who recognizes that requiring a certain supposed level of education for a given job isn't an unreasonable standard in some (possibly a lot) of situations.

With that said, a degree is by no means any indicator of knowledge, skill, or competence, but it does set a not-unreasonable bar for applicants.

Build in a sensible exception clause or waiver process for people who have the skills but not the degree and I'd be fine with it.

Re:Won't argue that...

By spun • Score: 4, Insightful • Thread

Wait, so your answer to out of control capitalism pillaging the middle class is... more out of control capitalism?

I've got news for you bud, government is just... us. Just citizens. Sure, we can outsource the functions to others. We can even forget we are the masters and let others master us. But in a democracy, especially a constitutional republic like ours, government is what we choose to make it. If you choose not to decide, you still have made a choice.

The people who hate government are the ones who would profit from its demise. They do not have your best interests at heart. They want to exploit you, but we, the people use our powerful creation, the US government, to stop them. Because we have empathy and they are remorseless, we normal, non sociopaths need to act in unison to stop them from harming us.

The fact that we can do so means we are strong, and they are weak. We, the normal non sociopaths that make up 85% of the world, are better than the sociopaths because we can cooperate, while they can only exploit. Cooperation beats exploitation every time.

What should the numbers be?

By larryjoe • Score: 3 • Thread

The age gap is most acute for the youngest workers, with only 7.3% of the federal workforce younger than age 30 compared to 23% of private sector workers.

Should we be comparing to Google with a median age of 29 or IBM with a median age of 38? If not either, why would the average be a relevant target?

"Over-reliance on degrees can be a barrier to entry" to federal jobs, the White House argued.

This statement is a contentless truism. Over-* on anything is bad, but the key part is deciding where the threshold for over-* is. Requiring graduate degrees may be an unnecessary overkill for some jobs. But the onus is on the person claiming over-* to justify the proposed lower threshold.

Others disagree and say that many government jobs, such as economists and attorneys, require advanced degrees.

<sarcasm> In an administration that discounts scientific expertise in favor of sycophantism, it's obvious that college degrees are irrelevant. </sarcasm> But, seriously, would this be an issue if the President's base weren't centered in the non-college educated demographic?

Re: Yeah, we need more dumb people in government

By JustAnotherOldGuy • Score: 5, Insightful • Thread

Are you talking about the Obama administration?

Oh yeah, I forgot that Obama hired his kids and in-laws as Senior Advisors even though they couldn't pass a background check.

And silly me- I forgot all about Obama appointing nitwits like Betsy DeVoss and Ben Carson to positions they couldn't pronounce, let alone administer. Thanks for reminding me!

Oh wait, that was Trump. Never mind, carry on, Comrade!


By bradley13 • Score: 3 • Thread

It would be great, if degrees actually meant something. From some schools, they do. Others...not so much. I've known some really smart people who didn't have any sort of degree, and people with PhDs who were truly dumb.

Requiring degrees is just an attempt to filter out the truly unqualified. But it's easy enough to find a diploma mill and basically buy yourself a degree.

Man Who Refused To Decrypt Hard Drives Is Free After Four Years In Jail

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from Ars Technica: A Philadelphia man has been freed after a federal appeals court ruled that his continued detention was violating federal law. Francis Rawls, a former police officer, had been in jail since 2015, when a federal judge held him in contempt for failing to decrypt two hard drives taken from his home. The government believes they contain child pornography.

After losing that appeal, Rawls raised another challenge: the federal statute that allows judges to hold witnesses in contempt for refusing to testify, passed in 1970, states that "in no event shall such confinement exceed eighteen months." The government argued that this provision didn't apply to Rawls because he was a suspect, not a witness. Also, the rule applies to a "proceeding before or ancillary to any court or grand jury." But because the government hadn't formally charged Rawls with a crime, the government argued, there was no court proceeding under way. Last week, a three-judge panel of the 3rd Circuit rejected this argument in a 2-1 vote. The court's two-judge majority held that Congress had intended for the 18-month limitation to apply broadly to any legal proceeding, not just a formal trial. And while Rawls was a suspect in the case, he was also a witness. The practical result is that, at least in federal court, someone can only be imprisoned for 18 months for refusing to open an encrypted device.
The government says it has other evidence suggesting that Rawls possessed child pornography, "so prosecutors may be able to piece together enough evidence to convict him, even without access to his encrypted hard drives," the report adds. "One of the two judges who formed the 3rd Circuit's majority urged the trial court judge to consider the four years of imprisonment Rawls has already served if he eventually has to sentence Rawls after a child pornography conviction."

Re:Witnesses against themselves

By fafalone • Score: 5, Insightful • Thread
Don't forget drugs. Several rights were pretty thoroughly gutted in the name of drugs before terrorism came along to finish the job.

And in a lot of places, it's *any* amount of cash. They've seized $50 in some cases.
But of course, people don't carry much cash anymore, so what's a cop to do? Along comes the ERAD, which will 'forfeit' money right off your cards at the side of the road.

Re:Wait, what?

By JaredOfEuropa • Score: 5, Insightful • Thread
That's rather silly of the judge. Clearly, the cop's testimony as to the contents of the laptop is admissible evidence, but it will have to stand on its own as it cannot be corroborated by the actual contents of the hard drive. Unlocking the hard drive will provide additional (and much stronger) evidence, which means that the suspect is effectively coerced to aid in their own conviction, which is unlawful (or should be): they will have to secure a conviction on the strength of the cop's testimony alone. A cop witnessing what he thinks is child porn is not a "foregone conclusion", it is probable cause at best, and not sufficient to allow coercion.

Name one.

By raymorris • Score: 5, Informative • Thread

The US is very clear that you can't be compelled to TESTIFY against yourself. You absolutely have to comply with subpoenas duces tecum to produce THINGS that you have in your possession, and other discovery. That is, you DO have to cooperate - just not testify against yourself.

When you produce records pursuant to a subpoena, you aren't allowed to first dump black paint on them, or otherwise obscure them. If you get a subpoena for your business records you have in a spreadsheet and you store your spreadsheet (or classified emails) on an encrypted drive you still have to deliver the records pursuant to the subpoena, not deliver an encrypted drive.

Please name ANY country anywhere in the world that doesn't have subpoenas and suspects don't have to cooperate with legal process. I don't think you'll find one.

The issue in cases like this one is when is it a THING to be delivered and when is it testimony - speaking evidence which in the person's mind?

Courts have ruled that if there is a drive and it's not proven who the drive belongs to, for Joe to state the password is evidence that it is his drive. That's evidence from his mind, testimony, and therefore protected by the 5th amendment. If Joe admits that it is his drive, and he is capable of producing the spreadsheets and other things that are on the drive, he can be ordered to produce them. That's evidence that is on the drive, not evidence that os in his mind, the court has ruled. Only evidence in one's mind is testimony and therefore protected.

Re:Maximize prison time

By SirAstral • Score: 5, Insightful • Thread

nope, because no matter how much people bitch about corruption in politics they vote for it every single fucking damn time without hesitation or moral quandary. both sides, all sides... there is a very real, if my side does it... it is because it is good or a necessary evil. It's only actually evil when the other side does it... no matter who it actually helps.

Re:Name one.

By fafalone • Score: 5, Interesting • Thread
There's conflicting rulings because this has never been thoroughly addressed by SCOTUS. One ruling explained that you while you can be ordered to produce a key to your safe, you couldn't be ordered to produce the combination to one, even if you knew it, because that's using the contents of your mind to assist in your own prosecution.
That's why in this case, they're arguing under the foregone conclusion doctrine. But showing it's your drive isn't enough. They have to know exactly what is there. Specifically. The issue at hand, the precedent was created for when a cop themselves saw CP; does the doctrine apply when a civilian witness says they saw what 'appears' to be CP displayed on the computer. Unless they successfully argue that meets the burden of a foregone conclusion, they shouldn't be able to compel the decrypted contents, even if ownership isn't in doubt.
Further complicating the issue is that after some time not using the drive, Rawls claims to no longer remembering the password. If it's clearly your drive, can you be imprisoned for contempt if you cannot remember the password just on the basis the judge (not a jury) doesn't buy it? I'd argue no.

Facebook Accidentally Blacked Out an Entire Language

Posted by msmashView on SlashDotShareable Link
On January 16th, Facebook users received an error message when posting in Jinghpaw, a language spoken by Myanmar's ethnic Kachin and written with a Roman alphabet. From a report: "We couldn't post this. Tap for more info," the message said. When clicking, a second appeared: "Your request couldn't be processed. There was a problem with this request. We're working on getting it fixed as soon as we can." A Facebook representative told The Verge that the issue was caused by "a bug in our language infrastructure," and coincided with the launch, the same day, of an updated language identification model supporting ten new languages, including Jinghpaw. The representative said Facebook fixed the issue within hours of receiving reports on January 17th. But while the disabling of Jinghpaw was not an active move of censorship, it alerted many Kachin people that Facebook had the capability to identify their language, an alarming thought for the embattled minority group. That realization has evoked a visceral reaction from the Kachin, and brought forth new calls for the company to be more transparent about its technology and the ways it will be used.


By RightSaidFred99 • Score: 3 • Thread

I find this baffling. And...?

So Facebook had a bug, which happens. And people are mad because computers can identify text now? Wtf am I reading here?

Re:Is the OP idiot?

By ItsJustAPseudonym • Score: 4, Insightful • Thread
Kachin people that are posting on Facebook? If they are alarmed about their privacy, then they are already in trouble.

What's the problem?

By Murdoch5 • Score: 3 • Thread
They want Facebook to be transparent in the fact it uses AI and automated systems to scan and process their posts?

A company of Facebook's size, with the complexity and data ingest that would come naturally, would have to automate most of the operations to stand the slightest chance of making anything work. This isn't a case of transparency, it's a case where the user has to apply a microsecond of thought to the scale of the problem, realizing that language processing is a very small part of the entire platform, and an absolute necessity. If you don't want the ideas you make public to be scanned, analyzed and in some case monitored, then don't make them public, and especially don't hand them over to one of the biggest social companies on the planet.

Tim Sweeney: Android is a Fake Open System, and iOS is Worse

Posted by msmashView on SlashDotShareable Link
Epic Games CEO Tim Sweeney opened a game event in Las Vegas today with a call to make the industry more open and liberate it from the monopolistic practices of platform owners such as Google and Apple. From a report: In a talk about his vision for games in the next decade, Sweeney alternated between criticizing all of the big players in the game industry to criticizing specific players with examples of how their behavior isn't good for consumers or for competition. [...] Sweeney called Android a "fake open system" for putting up barriers in front of users when Epic Games wanted to enable players to sideload Fortnite directly from the Epic Games site, rather than through the Google Play store. Sweeney said that Google put up "scary" pop-ups in front of users about the risks of sideloading (viruses, malware) and other steps that users had to engage in order to get Fortnite on Android. Epic also had in "tough discussions" with Sony, Microsoft, and Nintendo to make Fortnite available as a crossplay title (meaning you can play against people on other systems, and your progress, items, and so on are available regardless of device) across the platforms.

One of the principles that Sweeney argued for was that "gamers should be free to engage in any game with their friends anyplace they want without any unnecessary friction." He said that the platforms have been too balkanized, and Microsoft lost a whole decade of progress as it tried and failed to make its Windows marketplace more like Apple's closed system. Microsoft has since backed off on that. Gamers and game vendors should be "free of lockdown." He drew a comparison to Visa and Mastercard and the global credit card payment system, where vendors charge 2.5% to 3.5% fees for transactions, while store vendors such as Steam, Apple, and Google charge 30%. He said the global payments industry is proof that highly profitable companies can arise from just taking the 2.5% to 3.5% cut.

Dismiss valid points, forget his own issues

By Cley Faye • Score: 3 • Thread

There are real issues with allowing sideloading apps easily on mobile. Stores (Play Store/AppStore) are no silver bullet against malware, but make it way harder. If any site could tell you "touch this button" to install anything, the situation would be much worse. Dismissing that and complaining that warning users about real security risk is bad.

What's worse is that Epic's the one thing trying to coerce whole userbase into their own platform nowadays. Saying with a straight face "Games should be free of lockdown" can't be anything else than a joke in his position.

Re:Uh huh

By DamnOregonian • Score: 4, Insightful • Thread
No shit. Not only is his argument about Android a fucking farce, which can basically be summarized as: Binaries with unverifiable signatures should be treated the same as binaries with verified signatures; but the fact that Epic's entire store business model is to lock down software to *just* them as a remediation for other lockdowns. If he had one single fucking drop of intellectual honesty, he'd be running Epic like GOG. Sweeney is a pile of shit.


By waspleg • Score: 4, Insightful • Thread

Visa and Mastercard do vastly more transactions than any gaming company/platform does in sales. He's right about Android being a fake open system and iOS is worse. He's also a massive fucking hypocrite with Epic being among the biggest turds in the current AAA gaming company cesspool. Are there actually people with an interest who don't see through this shit? It's not even disguised a little.

Disclaimer: I have yet to make an Epic game store account; nor will I. If you check out you can see them trying to buy customers every day.

What companies are making a profit taking....

By mark-t • Score: 3 • Thread

... only a 2.5 to 3.5 percent cut, exactly?

Serious question, because it sure as hell isn't the credit card companies.

That might be what they charge the retailer, but that's not remotely the only profit that they make.


By thegarbz • Score: 4, Funny • Thread

You know what, I hadn't pirated a game in approximately 8 years. Then Metro: Exodus was announced as an Epic exclusive. It was quite a good game that I enjoyed. It remains on my Steam wishlist.

Average Tenure of a CISO is Just 26 Months Due To High Stress and Burnout

Posted by msmashView on SlashDotShareable Link
Chief Information Security Officers (CISOs, or CSOs) across the industry are reporting high levels of stress. From a report: Many say the heightened stress levels has led to mental and physical health issues, relationship problems, medication and alcohol abuse, and in some cases, an eventual burnout, resulting in an average 26-month tenure before CISOs find new employment. The numbers, reported by Nominet, represent a growing issue that's been commonly acknowledged, but mostly ignored across the information security (infosec) community, but one that is slowly starting to rear its ugly head as once-ignored infosec roles are becoming more prominent inside today's companies. [...] The survey's results paint a gloomy picture about one of today's most in-demand jobs. According to the numbers: 88% of CISOs reported being "moderately or tremendously stressed." 48% of CISOs said work stress has had a detrimental impact on their mental health. 40% of CISOs said that their stress levels had affected their relationships with their partners or children. 32% said that their job stress levels had repercussions on their marriage or romantic relationships.

One difference between plebs and CISOs

By bobstreo • Score: 4, Informative • Thread

"The base salary for Chief Information Security Officer ranges from $197,716 to $261,204 with the average base salary of $226,265."

I could put up with a whole pile of BS for 200K a year.

As long as when I advised the board on needed changes, they would sign off on their decisions on paper.

In my previous jobs, managers became very indecisive when I asked for their decisions in writing.


By bugs2squash • Score: 3 • Thread
They are C-level execs so they may well have a sweet exit deal. Maybe they're so stressed that they quit, collect and then start their next CISO gig.

or lack of listeners

By RainyOffice • Score: 3, Insightful • Thread
I would say that after 26 months they are just giving up on the CEO listening to them. And then crossing fingers next company will be different.

Re:Alternate headline: CISO quit after getting

By Tom • Score: 4, Interesting • Thread

You're doing that wrong.

The correct answer is "yes, it will bring us profit. By reducing our losses to incidents, and by allowing us to manage our risks better, which means we can reduce the reserves we put aside for handling them and free up cash for profitable investments."

Also, don't pick Equifax as the example. In my country, an industry leader was down for two weeks - factories stopped, no production, losses in the double-digit millions. It's not a high-profile case because industry and not consumer and journalists didn't jump on it, but it's a brilliant example (can't drop the name, we were involved in the cleanup process).

Pick your fights better, and understand that communicating to management is a major part of your job, so train it, refine it, and do it right. You'll save yourselves tons of headaches.

Because most CISO are clueless

By LordWabbit2 • Score: 3 • Thread
Because most of them are clueless, after 26 months of pretending to know how to do their job they make a run for it before the shit hits the fan.

Andy Rubin's Essential is Shutting Down

Posted by msmashView on SlashDotShareable Link
Essential, Android creator Andy Rubin's high-profile phone startup, is shutting down. From a report: As a result of the shutdown, Essential says it will no longer support the Essential Phone with further security updates or customer support. Additionally, Newton Mail, which Essential acquired when it purchased developer CloudMagic in 2018, will stop working on May 1st. On its blog, Essential cites Project Gem, the tallish concept phone the company teased late last year, and its inability to find a "clear path" to get the device to consumers as the main reason for the shutdown. The startup had raised about $330 million.

Re:Name never matched the product

By squiggleslash • Score: 5, Insightful • Thread

In fairness that seems to be a fetish among expensive phone makers.

For $200 you get a decent screen, two SIM card slots, a removable battery, a bezel, and a headphone jack.

For $300, you get a decent screen, a bezel, and a headphone jack.

For $600, you get a decent screen with a bezel.

For $1000 you get a screen.

They should have made an Essential PH-2...

By Faw • Score: 3 • Thread

.. not that weird abomination they tried for their second attempt. The PH-1 is beautiful, Make it as big as the S10+, add a better camera (I found id good enough). I would have bought it. I bought the first one and loved it, I guess I have a collectors edition now.

Newton mail

By 93 Escort Wagon • Score: 3, Interesting • Thread

Gotta love email middleware. Oh, and given that Newton was consolidating your email onto their own servers, your email messages and various email passwords will probably end up with whichever entity buys the husk of Essential.

$330 million

By OneHundredAndTen • Score: 3 • Thread
So much for the purported savvy of venture capitalists. OK, boomers.

Re:$330 million

By kamapuaa • Score: 4, Insightful • Thread

Venture Capital is intended for companies like Essential that are probably not going to work out, but also might work extremely well. It's an important function in a healthy economy, giving financing to riskier project. Also, every single investor in Essential was aware of the possibility that failure was more likely than not.

So I'm not sure how this proves anything, except that it proves SirAstral has no idea what he's talking about, but still talks about it for some reason.

The Court Let T-Mobile Buy Sprint Because Sprint Completely Sucks

Posted by msmashView on SlashDotShareable Link
Nilay Patel, a lawyer and editor-in-chief of The Verge, on court's approval of T-Mobile and Sprint merger: The decision itself is extremely surprising: Judge Victor Marrero of the United States District Court for the Southern District of New York basically decided that the various data and experts put forward by the 10 state attorneys general who sued to stop the merger weren't worth taking seriously and that he would decide for himself whether T-Mobile and Dish seemed like cool companies worth trusting. And... it turns out that Judge Marrero thinks CEO John Legere and the rest of T-Mobile's executives are extremely cool and smart and that Dish Network is definitely trustworthy and that everything is going to work out great. Also, the judge thinks that Sprint sucks. Really, if there's one major takeaway here, it's that Victor Marrero, a federal judge selected by Bill Clinton for a lifetime appointment on the federal judiciary, thinks that Sprint is a bad company with a crap network run by dummies. This is the law now. Let's go through the decision.

The article title is 100% accurate.

By Anonymous Dotter • Score: 3, Insightful • Thread
I used to work for Sprint and that network has more issues than Time Magazine and Sports Illustrated combined.

Re:Now more competition, not less.

By Gavagai80 • Score: 5, Insightful • Thread

T-Mobile was doing just fine before, I like their current offering as do 77 million other customers. To claim that a service provider 77 million people have chosen is not viable without a merger just because Verizon has 118 million is absurd. The whole point of the acquisition is to enable T-Mobile to raise prices by ensuring they don't have any competition on the low end.

I mean...

By twilightzero • Score: 3 • Thread

"Sprint is a bad company with a crap network run by dummies"

As someone who's been on Sprint since around 2002, I can attest that they're not wrong in the least. Worst coverage, weakest signal, tech run by idiots, crap customer service...I hate to say it but it can only improve with the merger.

Re: All of this is correct

By ArmoredDragon • Score: 4, Informative • Thread

Well you really can't fault the judge's opinion of Sprint though. The only way I can see this going well is if all of Sprint's leadership is fired, including low level managers. Probably fire most regular Sprint rank and file as well. Sprint is valued by its shareholders at less than what its net assets are worth. SoftBank refuses to invest another dime on Sprint, so it's not likely that the company would even survive in some form even after it has been liquidated.

Believe me, having been a T-Mobile customer since 2013 after having run screaming away from Sprint after I was a customer of theirs for 10 years prior, I hate the idea of this merger. But the arguments about Sprint likely failing if this merger doesn't happen are probably true. I know first hand just how dogshit of a company Sprint really is.

On the other hand, there are some serious problems that could spring from this without even looking at the impact to the consumer:

- Dish probably won't succeed as a wireless carrier, either they're going to fail and just turn into a spectrum holdings troll, or they'll be bought out by some asshole cable company like Charter or Comcast, and will only serve areas within their cable footprint as an extension to their half-baked service that depends on WiFi provided by cable customers.

- Sprint has a crapload of debt from years of mismanagement that T-Mobile will now have to shoulder. Not only that, but removing the legacy CDMA2000 network is going to make that ill-fated Sprint-Nextel merger look cheap in comparison, and for the exact same reason (though admittedly, the bigger reasons why that merger was terrible was because most of the Nextel customers that Sprint acquired defected very quickly after realizing that a big pile of shit took over their mobile service.) I can almost guarantee that the combination of these two factors will result in reduced infrastructure investment.

TMobile just swallowed a fatberg, and that can't be good for it.

WTF is this shit?

By 0xdeadbeef • Score: 3 • Thread

It's a good thing Nilay Patel stuck with tech blogging^H^H^H journalism instead of law, because I doubt judges would tolerate that prissy snark from him in court.

You can't even read editorial opinion anymore, much less actual news, because Twitterization has turned everyone who writes for a living into an obnoxious attention whoring twat.

Data Protection Authority Investigates Avast for Selling Users' Browsing History

Posted by msmashView on SlashDotShareable Link
The Czech data protection authority has announced an investigation into antivirus company Avast, which was harvesting the browsing history of over 100 million users and then selling products based on that data to a slew of different companies including Google, Microsoft, and Home Depot. From a report: "On the basis of the information revealed describing the practices of Avast Software s.r.o., which was supposed to sell data on the activities of anti-virus users through its 'Jumpshot division' the Office initiated a preliminary investigation of the case," a statement from the Czech national data protection authority on its website reads. Under the European General Protection Regulation (GDPR) and national laws, the Czech Republic, like other EU states, has a data protection authority to enforce things like mishandling of personal data. With GDPR, companies can be fined for data abuses. "At the moment we are collecting information on the whole case. There is a suspicion of a serious and extensive breach of the protection of users' personal data. Based on the findings, further steps will be taken and general public will be informed in due time," added Ms Ivana Janu, President of the Czech Office for Personal Data Protection, in the statement. Avast is a Czech company.

Not Unexpected

By SuperKendall • Score: 3 • Thread

Honestly if a company is called "Avast" I am thinking they are pirating something of mine, happy to find out it's just data.

I've said it before

By thegarbz • Score: 3 • Thread

And I'll say it again. The only companies that have any vested interest in keeping your data secure is those companies that provide analytics from your data as a core part of their business. Advertisement companies sell "access" to you. Companies which don't have this primary income stream will instead just sell you and your information wholesale.

This App Automatically Cancels and Sues Robocallers

Posted by msmashView on SlashDotShareable Link
DoNotPay, the family of consumer advocacy services meant to protect people from corporate exploitation, is launching a new app aimed at helping end our long national nightmare surrounding robocalls by giving you a burner credit card to get their contact details then giving you a chatbot lawyer to automatically sue them. From a report: DoNotPay Founder and CEO Joshua Browder's Robo Revenge app is unique from every other app looking to protect you from robocalls in that it can get you cash while stopping them completely. "All of the big companies like AT&T and Apple have failed to protect consumers," Browder told Motherboard over the phone. "Consumers have to protect themselves. The only way the problem will end is if the robocallers start losing money every time they call someone."

In the past, DoNot Pay has offered various apps to help consumers fight back. DoNotPay's Free Trial Card creates a virtual, one-time-use credit card to protect you from getting charged by "industrialized scams" like free trials. DoNotPay's original offering was a chatbot lawyer program that automatically disputed parking tickets in small claims court. Robo Revenge combines both features to automatically add you to the Do Not Call Registry, generate a virtual DoNotPay burner credit card to provide scammers when they illegally call you anyways, use the transaction information to get the scammer's contact information, then walk you through how to sue them for as much as $3,000 per call under the Telephone Consumer Protection Act (TCPA), a law already on the books meant to protect consumers from calls that violate the Do Not Call Registry. The app also streamlines the litigation paperwork by automatically generating demand letters and court filing documents.

Re:I dunno... I see a legal defense by them being.

By MobyDisk • Score: 5, Insightful • Thread

The anti-spam act (what is it CAN-SPAM?) is supposed to stop unwanted calls.

It only stops them if someone sues the company for violating it. Passing a law doesn't make the behavior magically stop. It requires enforcement.


By Rick Schumann • Score: 4, Funny • Thread
What we really need is an app that sends a lethal EMP back through the Internet to fry every last piece of internet-connected equipment robocallers are using for their operation. A few times of having to replace the smoking ruins and they'll go find honest work.

(Note to pedantic, humorless, too-literal Slashdotters: I am KIDDING, okay? I know you can't send an EMP through the Internet. Ease up already.)

Structural vs tactical defenses

By shilly • Score: 4, Interesting • Thread

Seems like an interesting tactical defense. But I'm based in the UK, and get maybe 1 robocall every couple of months, max. Robocall complaints are really not a thing here (and we complain about a lot, from the weather to bus services to rude staff in shops). So I am curious about the structural differences: why should this be an issue in the US and not the UK?

What I really want at least for my landline

By rikkards • Score: 3 • Thread

is a call blocker like the CPR brand callblockers but if you don't meet the white list then you get prompted to press a random key or leave a message. That would at least block the robocalls and allow legit callers a way to bypass.

Re:App that generates money instead of costing som

By Aighearach • Score: 4, Insightful • Thread

It isn't actually legal to give out "burner" credit cards, so as shady as it would be to give them your banking details, it would be even shadier if they said you didn't have to.

Banks are required to know their customer.

Trump Signs Order To Test Vulnerabilities of US Infrastructure To GPS Outage

Posted by msmashView on SlashDotShareable Link
U.S. President Donald Trump on Wednesday signed an executive order directing U.S. agencies to test the vulnerabilities of critical infrastructure systems in the event of a disruption or manipulation of global positioning system services (GPS). From a report: GPS is critical to a variety of purposes ranging from electrical power grids, weather forecasting, traffic signals, smartphone applications and vehicle navigation systems. The order said "disruption or manipulation of these services has the potential to adversely affect the national and economic security of the United States."


By Gilgaron • Score: 4, Funny • Thread
You can just spin it based on whatever the cover sheet used to get him to sign it said. He probably thinks they're making Romney's car lose GPS functionality.

Re:credit where credit is due

By jellomizer • Score: 5, Insightful • Thread

The House is able to handle multiple things at the same time. During the investigations and impeachment, they have actually voted on and sent to the Senate a record number of bills.

Trump has talked about infrastructure, the democrats are willing to work on infrastructure. But he hasn't offered any decent plans for infrastructure, that can explain on how it can be paid for. He even passed lowering the tax rates which have been increasing our budget deficit a lot during a period of economic boom, so we are having increased use of our infrastructure with less money to pay for it. The weekly proposed ideas put a lot of undue burden on the local and state governments in which they cannot afford.

Not following your logic

By Somervillain • Score: 4, Insightful • Thread
How? How has he been "trying to do infrastructure?"

I'm not arguing...sincerely asking. I am sure there are relevant positive facts about him that I am unware of.

However, he had a Republican House and Senate for the first 2 years of his administration...before the Mueller I don't see the relevance of his impeachment in his ability to get popular legislation passed. I saw a lot of news about the wall, but little else that one could call infrastructure. What are some of his non-wall, non-GPS infrastructure accomplishments or at least serious attempts we should be aware of?

What if GPS "fails" the test?

By blindseer • Score: 4, Interesting • Thread

It seems like concerns on the failure of GPS comes up every so often, ever since we started to use it. Or, rather once we started dismantling the older systems we used before GPS. These would be things like Loran, VORTAC, inertial navigation, and the equipment and training for celestial navigation.

Loran was worldwide, not all that accurate, and is no longer functional.

VORTAC is still functional but with range limited to about 200 miles it's only useful near developed coastlines and on paths over land.

Inertial navigation will work without outside radio signals but it can drift over long periods/distances and so needs something to re-align itself once in a while.

I remember reading about how the US Navy stopped requiring all officers the the navy academy to take celestial navigation. They still required some enlisted ratings to learn how to navigate by the stars and as I recall officers still had to have a very basic introduction to celestial navigation, mostly to know that it was possible, that others would know how to use it, and as something of a history lesson. They reversed this policy and again required all officers to learn celestial navigation after some scares on GPS failure. Every Navy ship and aircraft over a certain size will have the necessary charts and equipment for celestial navigation. I'm no sailor but it sounds like many recreational and commercial sailors will learn celestial navigation, because getting lost at sea is bad.

Here's what I expect to be the future of navigation, automated celestial navigation. If the sky is visible then the sun, moon, and stars, can be used to find one's location. Add in things like a magnetic compass, barometric altimeter, and accelerometers for inertial navigation, and the system should be quite accurate. There's software to do this for common smart phones. Give the device better optics than a common iPhone and it can "see" the sun through the clouds and find stars even under a bright noon sun. This kind of navigation cannot be jammed, and given how inexpensive and powerful computers are today this should be quite affordable and easy to use.

Celestial navigation, even with computer aid, is not likely to be as accurate as GPS is now but it should be more than enough as a backup for people to use for navigation over the sea, and maybe even enough to find one's location in a car if one can safely assume the car is on a road and has accurate maps to use. Once an aircraft is over land, or a ship close to shore, then systems like VORTAC, and just plain looking out the window to find landmarks, should get a person where they need to be. I remember someone posting on Slashdot not too long ago how people would navigate while flying over the mountains if their primary navigation failed. The plan was to find a mountain peak, look for flowing water, follow the stream as it flowed down the mountain, eventually the stream will lead to a city or settlement which will have a strip to land. Following water flowing to the sea might not be ideal but it's better than many alternatives.

We can test how robust GPS is but there needs to be a discussion on a backup. I believe this will be a combination of celestial navigation and inertial navigation, something a $500 smart phone is able to do with very high accuracy.

Side note: I do wish people would separate the US GPS from other similar systems by using it's original name, Navstar. Navstar is just one GPS among many. Loran is a GPS, as is Russia's GLONASS, and the European Union's Galileo. I realize this is likely a lost battle, it still bothers me though.

Re:He must be worried

By anoncoward69 • Score: 4, Interesting • Thread
Modern cell phones dont just need this for the date/time. Cell towers and possibly the phones themselves use GPS disciplined radio (google it) Basically they use the precise GPS signal to keep their radio oscillators disciplined to the correct frequency, loose GPS and these radios drift off their intended frequencies, either causing loss of connectivity because the radios are no longer transmitting where they are expected to be, or you have adjacent channels/frequencies overlaping over each other. This is one thing that can make emulating or implementing cellular base stations on SDR tricky to accomplish. Without GPS disciplined radio cell phones may not even see the base stations as being valid signals. Sure this could be solved by replacing the GPS at cell towers with atomic clocks at a significant expense.

Samsung Galaxy Book S is Thinner, Lighter, Faster Than MacBook Air

Posted by msmashView on SlashDotShareable Link
An anonymous reader shares a report: The Intel Core i5-8210Y delivers a multi-core score of 1544 which compares poorly with the Qualcomm Snapdragon 8cx multi-core score of 2745. Yet, despite fitting the MacBook Air with a 49.9 Wh battery, Apple claims it will deliver just 13 hours of continuous video playback. However, because of the superior performance-per-watt of the Snapdragon 8cx when paired with the smaller 42 Wh battery in the Galaxy Book S, it delivers up to 25 hours (claimed) of continuous video playback. You can probably also argue that Microsoft has done an excellent job of optimizing Windows on ARM so that it works so harmoniously in this WinARM union. The MacBook Air weighs 1.25 kg (2.75 pounds) and is 15.6 mm (0.61-inches) at its thickest point. This compares with the Galaxy Book S which weighs 0.96 kg (2.11 pounds) and measures 11.8 mm (0.46-inches). Given that buyers of the slightly more expensive MacBook Air (US$1,099) are also only going to be doing relatively light-weight tasks on it like internet browsing and running Microsoft's Office suite on it, why would anyone choose the MacBook Air over the Galaxy Book S (US$999)? Like the MacBook Air, the Galaxy Book S runs its operating system, pre-installed apps and the Office suite natively while also giving users the option to use 32-bit x86 apps for those occasions where you might want to use other apps.

Browsing and Office?

By Dan East • Score: 5, Informative • Thread

Given that buyers of the slightly more expensive MacBook Air (US$1,099) are also only going to be doing relatively light-weight tasks on it like internet browsing and running Microsoft's Office suite on it, why would anyone choose the MacBook Air over the Galaxy Book S (US$999)?

Who makes statements like that? I do all my iOS development in XCode on a MacBook Air I bought used for $400 and it does perfectly fine. I wouldn't consider that a "light weight" task. I also run IntelliJ and other tools as well.

Apple doesn't usually inflate battery runtime

By Lothsahn • Score: 3 • Thread
Nearly all manufacturers inflate battery runtime numbers. Apple doesn't seem to do this. In many cases, reviewers have exceeded Apple's claimed numbers, something that almost never happens with other manufacturers. I bet the reality is a lot closer than 13 vs 25.


By twocows • Score: 5, Interesting • Thread
You got modded funny, but you have a point. I really can't stand Apple (for so many reasons) and I think their devices are ridiculously overpriced... but OS X is a fine OS. It's a proper Unix environment but it's also extremely well-designed and "just works" for almost any situation your typical user's going to throw at it. There are things you'd need to drop into terminal for, but they're almost never the kind of things your normal user is going to be doing. It's a fine operating system and if it wasn't tied to overpriced hardware and a company I can't stand, I'd probably be using it at home.

The biggest reason desktop and laptop companies don't compete with Apple is because no matter how nice a device you make, it's still not going to run OS X, which is a big part of what many people looking at Apple laptops and desktops want.


By NoMoreACs • Score: 4, Informative • Thread

By the way Malwarebytes says that Macs now get more malware than Windows.

But you disingenuously "forgot" to include the next paragraph:

"Macs differ drastically from Windows in terms of the types of threats seen," the report reads. "Where we found several different categories and families in our top detections of Windows threats that classify as traditional malware , especially those aimed at businesses, most Mac threats, and certainly the most prevalent ones of 2019, are families of adware and potentially unwanted programs (PUPs)."

So, while Mac Malware might cause some banner ads; Windows Malware is much more likely to sell your computer into BotNet slavery, or be the prelude to a nice, satisfying RYUK Ransomware attack.

Which would you prefer?

Stupid article

By u19925 • Score: 3 • Thread

The whole argument is based on premise that "apple users use MS Office and other lightweight apps", so they can switch to Samsung right away. The author has no idea who all uses Macbook Air and why, so the rest of the article is pure junk. Here are few more things:

-- Branding: You can get Seiko watch at a fraction of price to Rolex watch.
-- Eco system: If your family members are using Macbook (not just Air), you are likely to use Macbook.
-- Familiarity
-- Better OS. I do value shopping but I wouldn't buy a Windows machine which is half the price of Mac for the same performance. None of my professional requirements. What do you think my personal machine would be?
-- honesty: Samsung has been caught with pants down in the past for many of their claims whether it is battery performance or benchmark
-- Current macbook air is 16 months old. Comparing it to latest Samsung is useless
-- Reliability and dependebility: Apple provides direct upgrade to OS for many many years. With Samsung it is hit or miss.

Keeping this in mind, re-read the article and you will see why Samsung has an uphill battle against Macbook Air.

WhatsApp Hits 2 Billion Users

Posted by msmashView on SlashDotShareable Link
WhatsApp, the most popular messaging service, revealed today just how big it has become. From a report: The Facebook-owned app said it has amassed two billion users, up from 1.5 billion it revealed two years ago. The announcement today makes WhatsApp the only second app from Facebook to join the two-billion-users club. (Facebook's marquee app has 2.5 billion users.) In an earnings call late January, Facebook also noted that that there were 2.26 billion users that opened either Facebook, Messenger, Instagram, or WhatsApp each day, up from 2.2 billion last quarter. The family of apps sees 2.89 billion total monthly users, up 9% year-over-year. WhatsApp, founded 11 years ago and sold to Facebook for $19 billion six years ago, took the opportunity today to reiterate how committed it is to providing end-to-end encryption to its customers all over the globe -- a crucial feature lauded by security experts everywhere but something that many governments are increasingly trying to contest. "Strong encryption acts like an unbreakable digital lock that keeps the information you send over WhatsApp secure, helping protect you from hackers and criminals. Messages are only kept on your phone, and no one in between can read your messages or listen to your calls, not even us. Your private conversations stay between you," WhatsApp wrote in a blog post.

MWC Hangs by a Thread After Nokia, Vodafone, DT and Other Big Names Back Out

Posted by msmashView on SlashDotShareable Link
More big names are stepping away from the world's biggest phone and telecom trade fair, they announced today, prompting the organizers to urgently decide what they wish to do going forward. From a report: Nokia, one of the omnipresent firms at major tech trade conferences, won't be attending this year's Mobile World Congress, it said Wednesday citing health and safety concerns over coronavirus outbreak. Electronics giant HMD, which sells smartphones under Nokia brand, cited similar reasoning for its withdrawal, too. The iconic Finnish firm, one of the cornerstone companies at MWC, and HMD have become the latest to back out of the trade fair. In recent days, scores of firms including Ericsson, Amazon, Vivo, LG, Facebook, and Sony have withdrawn their participation from the world's biggest smartphones-focused trade show.

German telecommunications giant Deutsche Telekom, London-headquartered telecoms giant Vodafone, and BT, Britain's biggest telecommunications group, have also backed out citing coronavirus outbreak, they announced on Wednesday. MWC attracts over 100,000 attendees, thousands of companies and high-profile executives who use this global platform to broker deals and unveil their upcoming gadgets and innovations to the world. The trade fair also contributes to the bottom line of Barcelona city. This year, the four-day trade show was scheduled to take place from February 27.

The Price of a .Com Domain Is Set To Rise, and Some Sellers Aren't Happy

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from Engadget: If you're the sort who buys domains for fun, or to inspire you to start a future project, your hobby's about to get a little pricier. ICANN is just days away from ending a consultation into the future of the .com top-level domain that'll put an end to Obama-era price freezes. If successful, it'll see the cost of a .com address rise by two bucks by the end of 2026, and potentially more thereafter. Verisign has the exclusive right to sell .com domains, and since 2012 the price of a .com has been frozen at $7.85. ICANN and Verisign are planning to reverse the freeze, allowing the company to increase its price four out of every six years, potentially in perpetuity. The other part of the deal will offer Verisign the right to operate its own registrar for other domains it offers, allowing it to compete with other DNS businesses.

Price-wise, Verisign will be able to increase the wholesale price of a .com name by up to seven percent for four of the next six years. That means that, potentially, the cost of one such domain would rise to $10.26 by the end of 2026, although existing owners will have advance notice of any change to lock in existing prices for up to 10 years at a time. The cause of this is a desire to roll back an Obama-era initiative, something that the Department of Commerce has been open about. In 2018, the National Telecommunications and Information Administration, part of the Department of Commerce pretty much said so. "In line with policy priorities of the Trump administration," it explained in a release, "the amendment repeals Obama-era price controls." The other issue is a change to the rules about vertical integration, specifically about what Verisign can and can't do with the domains it sells. ICANN wants to bring Verisign's rights broadly in line with other registrars, allowing the company to operate a TLD and act as registrar. Whereas before, the documentation said that Verisign couldn't compete at all, now the rule is to be shrunk to only apply to .com, and not .net or any other domains it offers.
Richard Kirkendall, CEO of rival domain registrar Namecheap, is accusing ICANN and Verisign of a stitch-up, saying the body has a "history of making similar deals behind closed doors" -- even though the announcement has been public for nearly two years.

The Internet Commerce Association, a body representing domain registrars like GoDaddy, is also objecting the deal. "It says that, because Verisign is the only company that can offer .com names, it has 'an effective monopoly,'" reports Engadget. "And that because it costs less than $3 to actually process a DNS registration, the company could have room to operate uncompetitively."

Public announcement !- public process

By DRJlaw • Score: 5, Insightful • Thread

Richard Kirkendall, CEO of rival domain registrar Namecheap, is accusing ICANN and Verisign of a stitch-up, saying the body has a "history of making similar deals behind closed doors" -- even though the announcement has been public for nearly two years.

Making the deal "behind closed doors" and then publicly announcing it does not make it a public process with public input, no matter how many years have elapsed since the public announcment.

It's as if the "anonymous reader" has never heard of a fait accompli.

Re: Much ado about nothing?

By lactose99 • Score: 4, Informative • Thread

You did see where ICANN is about to do the same thing to .org domains right?

Domain squatters?

By bradley13 • Score: 3 • Thread

What mystifies me are the domain squatters. Pick any short domain, or any domain that's actually a word or a name - if it's not pointing to a site, then it's owned by some squatter. This applies to nearly all of the original TLDs, as well as a lot of national domains. Go ahead, try it: have your cat step on your keyboard, add ".com" and see what comes up.

How does this make any financial sense? The squatters must be sitting on 10s of thousands, 100s of thousands, maybe millions of random domains. Yet I don't know anyone who has ever bought a domain from a squatter.

If they are really paying annual registration fees, this cannot make financial sense. Do squatters get some sort of quantity discount?

Re:Domain squatters?

By kobaz • Score: 4, Interesting • Thread

I once had an attorney for a business matter that quit being a lawyer after our case was over and got into 'domaining'. Albeit this was back in the early 2000's but in order for squatting to be more profitable than charging $300 an hour it has to be pretty fscking lucrative and I kind of wish I jumped on the bandwagon back then.

Although back then, 'domaining' involved buying typos like gogle and goole and then putting a search bar on it and showing ads. People were making 6 figures a month doing this sort of garbage.

Another aspect of it was buying up expiring domains (back before auto-renew) and then charging 100x the market rate back to the original owner to buy it back. My business partner talked me into buying a domain that expired from an ex-customer and selling it back to him. I couldn't do it. I transferred it back to the guy at what it cost me to register it.

Isn't it always disheartening that the sociopaths and narcissists tend to get rich more easily than the hard working?

The Real Problem

By Retired ICS • Score: 3 • Thread

I have a .com domain. It is pre-paid for the next 10 years. I do not give a flying fuck if someone decides to change the price, it ain't my problem (read the contract, fucktard).

On the other hand, the way to "fix" the scam-domain registration problem is to INCREASE the initial registration price to $1,000.00 for one year only, and to NOT process the registration until the payment irreversibly clears. Wanna register 1,000 spammer domains? Fine. After your payment for $1,000,000.00 clears and cannot be reversed I will be happy to register your domain name.

All problems solved. Simple, straight-forward, and no muss, fuss, or bother.

One of the Most Destructive Botnets Can Now Spread To Nearby Wi-Fi Networks

Posted by BeauHDView on SlashDotShareable Link
The sophistication of the Emotet malware's code base and its regularly evolving methods for tricking targets into clicking on malicious links has allowed it to spread widely. "Now, Emotet is adopting yet another way to spread: using already compromised devices to infect devices connected to nearby Wi-Fi networks," reports Ars Technica. From the report: Last month, Emotet operators were caught using an updated version that uses infected devices to enumerate all nearby Wi-Fi networks. It uses a programming interface called wlanAPI to profile the SSID, signal strength, and use of WPA or other encryption methods for password-protecting access. Then, the malware uses one of two password lists to guess commonly used default username and password combinations. After successfully gaining access to a new Wi-Fi network, the infected device enumerates all non-hidden devices that are connected to it. Using a second password list, the malware then tries to guess credentials for each user connected to the drive. In the event that no connected users are infected, the malware tries to guess the password for the administrator of the shared resource.

"With this newly discovered loader-type used by Emotet, a new threat vector is introduced to Emotet's capabilities," researchers from security firm Binary Defense wrote in a recently published post. "Previously thought to only spread through malspam and infected networks, Emotet can use this loader-type to spread through nearby wireless networks if the networks use insecure passwords." The Binary Defense post said the new Wi-Fi spreader has a timestamp of April 2018 and was first submitted to the VirusTotal malware search engine a month later. While the module was created almost two years ago, Binary Defense didn't observe it being used in the wild until last month.

Re:It is destructive

By Zocalo • Score: 5, Interesting • Thread
There was an interview with someone who did password recovery and pen testing for a living that I read a few years ago that was quite enlightening. Basically, for computer systems, they would tailor dictionary attacks to the target to account for local language, jargon etc., and ideally using a previously acquired password file off-line to get around retry timeouts, starting with the basic alphanumerics, then adding in additional complexity until they were into diminishing returns. Quite often they only needed a few successes in order to successfully exploit a local priviledge escalation vulnerability to get root/admin. Basic "Correct Horse Battery Staple" style passwords were also seen as easy pickings because users are lazy; taking the 2000-5000 most popular words of 8 characters or less in the main local language and just trying every combination of 3-5 words would almost always get hits on a reasonably sized password file leak.

Routers/APs tend to be all or nothing though; it's "admin or bust" as there are not generally multiple user accounts that you can use to do a privilege escalation attack on to get root. MACs obviously don't travel beyond their local subnet in normal operation (but may still be acquired; some protocols can encapsulate them in the payload, and if you're able to sniff the AP traffic then you can obviously just grab them from the air), but sign-on banners are typically unique to a given vendor, or even hardware model, and if you know the vendor/model then you've got half the MAC because you know their OID (or OIDs if a larger vendor), and quite likely have reversed engineered any MAC-to-default-password scheme. Congrats your search space just went down by a factor of 2^24, and because most vendors are just as lazy as their users that's also pretty much game over given enough time to retry.

As a data point on that; for grins last Christmas I setup a honey pot - an "SSH server" on a non-standard and officially unassigned port that returned an imitation of genuine router signon banner on connect, but would refuse all login attempts - to get a feel for typical botnet size and operation. I got a port scan hit after a couple of days (on Dec 24th) and started seeing login attempts using common username/password pairs from multiple IPs almost immediately, so I shutdown the server and starting dropping the traffic to study the "afterglow". As of today (Feb 12th) the same botnet (consisting of at least 6,000 hosts, so far) is still attempting to connect to the dead port at the rate of about 200 connection attempts a day (the same rate I was seeing in December), and doesn't appear to be tailing off at all. Unless your router/AP's login timeout code takes into account multiple IPs working in concert, bad actors are going to get a *lot* of attempts in, are quite prepared to spend a lot of time using somebody else's resources to try and get it if they think they have a live one, and (apparently) don't check too often to see whether this fish is actually still on the hook.

So - no surprise to anyone that keeps up with best practice - but complex passwords absolutely need to gain entropy by virtue of being *truly* random; sticking a few "special characters" in there and/or transposing letters for numbers simply isn't going to do it any more if you get confronted with an off-line dictionary attack. If you really must do a memorable password, then mix up some languages or put some jargon in there that isn't likely to be in a "most common words" dictionary file *or* related to the industry (assume the attacker knows who they are hitting), and (duh!) limit access to your router/AP to the smallest subset of IPs possible on your internal LAN only, or better yet, restrict it to the local console port if that's an option.

Coronavirus Crisis Disrupting Flow of Mail Into China

Posted by BeauHDView on SlashDotShareable Link
According to The Associated Press, the U.S. Postal Service said on Tuesday that it is "experiencing significant difficulties" in dispatching letters, parcels and express mail to China, including Hong Kong and Macau, "because most of its supplier airlines have suspended their flights" to those destinations. As a consequence and "starting immediately," USPS said it can no longer accept items destined for China, Hong Kong and Macao "until sufficient transport capacity becomes available." CBS News reports: Likewise, in another, separate note seen by the AP, Singapore Post told its global counterparts that it is no longer accepting letters, parcels and express mail items destined for China, "until sufficient transport capacity becomes available." The notes were shared with postal services around the world via the Universal Postal Union, a U.N. agency headquartered in Switzerland that is a main forum for postal cooperation between its 192 member countries.

In a statement to the AP, the UPU said that the suspension of flights because of the virus "is going to impact the delivery of mail for the foreseeable future." "But it is hopefully temporary. The Universal Postal Union is carefully monitoring the operational situation, and is in constant contact with postal operators to ensure any backlog is cleared in the shortest possible time," it said. The Chinese mail service, China Post, said it is disinfecting postal offices, processing centers, and vehicles to ensure the virus doesn't travel via the mail and to protect postal staff. The virus does "not survive for long on objects. It is therefore safe to receive postal items from China," said a China Post noted transmitted via the UPU. Letters, parcels and express mail that do still make it to China will be delivered "via non-face-to-face methods," the note said.

DRY mail...

By Ungrounded Lightning • Score: 4, Informative • Thread

The virus does "not survive for long on objects. It is therefore safe to receive postal items from China," said a China Post noted transmitted via the UPU.

If it's like other coronaviruses (and it seems to be), it can be expected to survive about three hours on a dry surface.

(This is why I haven't been too concerned about our company's current production hardware and prototypes, which are manufactured in Shenzhen and normally pass through Hong Cong. Any virus that got onto them in China should be dead by the time they get to our site. Even if a crewman was infected and shedding virus they'll still have several hours of ground travel before arriving at our site.)

But if it gets into something wet, and stays wet, it should be good for at least a week. (And I bet for a lot longer if it's refrigerated. If it doesn't get killed by freezing it should be good for years on ice, too.) So food and drink from China won't be on my menu (or anywhere I have to handle it.)

Cliff Clayvin

By nospam007 • Score: 4 • Thread

"Neither snow nor rain nor heat nor gloom of night stays these couriers from the swift completion of their appointed rounds"

INTO China???

By mobby_6kl • Score: 4, Funny • Thread

What about OUT of China?

I've been waiting for my crap to ship from AliExpress for weeks now. C'mon, where else am I going to get my Navel Paste Affixed To The South Division Moxibustion Sticks Longan Ai Ye Pepper Ai Ai Paste Warm Palace Paste???