SlashDot

Subscribe to SlashDot feed SlashDot
News for nerds, stuff that matters
Updated: 1 hour 16 min ago

Oracle Issues Emergency Update To Patch Actively Exploited WebLogic Law

1 hour 43 min ago
An anonymous reader quotes a report from Ars Technica: Oracle on Tuesday published an out-of-band update patching a critical code-execution vulnerability in its WebLogic server after researchers warned that the flaw was being actively exploited in the wild. The vulnerability, tracked as CVE-2019-2729, allows an attacker to run malicious code on the WebLogic server without any need for authentication. That capability earned the vulnerability a Common Vulnerability Scoring System score of 9.8 out of 10. The vulnerability is a deserialization attack targeting two Web applications that WebLogic appears to expose to the Internet by default -- wls9_async_response and wls-wsat.war. The flaw in Oracle's WebLogic Java application servers came to light as a zero-day four days ago when it was reported by security firm KnownSec404.

Read more of this story at Slashdot.

Fortnite Makers Grilled By UK Politicians Over Game Safety

2 hours 23 min ago
The makers of Fortnite, one of the most popular video games ever, have been quizzed by member of parliaments in the UK over what measures are taken to protect players of the game. From a report: Epic Games representatives were asked how it ensured users did not spend too much time or money on the game. Legal counsel Canon Pence said this was not something the company currently tracked. This was "extraordinary", said Damian Collins, who chairs the Digital, Culture Media and Sport Committee. "You're the one who has responsibility," he said. The committee hearing was called to examine immersive and addictive technologies. Among the concerns raised by MPs were whether Epic Games did enough to verify the age of players or encourage users to take breaks after long periods of gameplay.

Read more of this story at Slashdot.

Facebook Content Moderators Break NDAs To Expose Shocking Working Conditions

3 hours 3 min ago
Three former Facebook content moderators agreed to put themselves in legal jeopardy to expose the appalling working conditions they experienced while employed by a vendor for the tech giant, according to a new report by The Verge. From a report: Workers reported a dirty office environment where they often find pubic hair and bodily waste around their desks. Conditions at the Tampa site are so strenuous that workers regularly put their health in danger, several people told The Verge. One worker kept a trash can by her desk to throw up while she was sick since she had already used all her allotted bathroom breaks. Cognizant is not required to offer sick leave in Florida. One man had a heart attack at his desk and died shortly after, The Verge reported, and the site has not yet gotten a defibrillator. Following an earlier report that uncovered shocking working conditions at the vendor's Phoenix facility, The Verge spoke with 12 current and former Cognizant content moderators in Tampa, Florida. Three of those former workers agreed to break their nondisclosure agreements signed as a condition of employment. The Tampa site is Cognizant's lowest-performing site under the Facebook contract in North America with an accuracy score of 92 compared with Facebook's stated target of 98.

Read more of this story at Slashdot.

How Secure Are Zip Files? Senator Wyden Asks NIST To Develop Standards For Safely Sending and Receiving Files

3 hours 39 min ago
Federal workers and the public in general might be mistaken about the security of .zip files, Sen. Ron Wyden said on Wednesday [PDF], and he's asking the National Institute of Standards and Technology to issue guidance on the best way to send sensitive files over the internet. Wyden wrote: Government agencies routinely share and receive sensitive data through insecure methods -- such as emailing .zip files -- because employees are not provided the tools and training to do so safely. As you know, it is a routine practice in the government, and indeed the private sector, to send by email-protected .zip files containing sensitive documents. Many people incorrectly believe that password-protected .zip files can protect sensitive data. Indeed, many password-protected .zip files can be easily broken with off-the-shelf hacking tools. This is because many of the software programs that create .zip files use a weak encryption algorithm by default. While secure methods to protect and share data exist and are freely available, many people do not know which software they should use. Given the ongoing threat of cyber attacks by foreign state actors and high-profile data breaches, this is a potentially catastrophic national security problem that needs to be fixed. The government must ensure that federal workers have the tools and training they need to safetly share sensitive data. To address this problem, I ask that NIST create and publish an easy-to-understand guide describing the best way for individuals and organizations to securely share sensitive data over the internet.

Read more of this story at Slashdot.

'Avengers: Endgame' Is Returning To Theaters With New Footage

4 hours 23 min ago
Perhaps 'Avengers: Endgame' might be able to beat Avatar's massive box office record after all. From a report: Marvel has apparently decided to just re-release the damn thing. An extended version of the damn thing, to be exact. Speaking to Comicbook.com at a press junket for 'Spider-Man: Far From Home', Marvel Studios head honcho Kevin Feige confirmed that 'Endgame' will be getting a renewed push at the box office -- and it's gonna be really soon. To boot, to entice audiences back for another three-hour stint in a movie theater seat, the re-release will include an unknown amount of new footage not seen in the original theatrical cut: "We are doing that. I don't know if it's been announced. And I don't know how much... Yeah, we're doing it next weekend. Screenrant has a few more details from their own interview with Feige: "Not an extended cut, but there will be a version going into theaters with a bit of a marketing push with a few new things at the end of the movie. If you stay and watch the movie, after the credits, there'll be a deleted scene, a little tribute, and a few surprises. Which will be next weekend."

Read more of this story at Slashdot.

YouTube Under Federal Investigation Over Allegations it Violates Children's Privacy

5 hours 3 min ago
The U.S. government is in the late stages of an investigation into YouTube for its handling of children's videos, The Washington Post reported on Wednesday, citing four people familiar with the matter, a probe that threatens the company with a potential fine and already has prompted the tech giant to reevaluate some of its business practices. From the report: The Federal Trade Commission launched the investigation after numerous complaints from consumer groups and privacy advocates, according to the four people, who requested anonymity because such probes are supposed to be confidential. The complaints contended that YouTube, which is owned by Google, failed to protect kids who used the streaming-video service and improperly collected their data. As the investigation has progressed, YouTube executives in recent months have accelerated internal discussions about broad changes to how the platform handles children's videos, according to a person familiar with the company's plans. That includes potential changes to its algorithm for recommending and queuing up videos for users, including kids, part of an ongoing effort at YouTube over the past year and a half to overhaul its software and policies to prevent abuse.

Read more of this story at Slashdot.

Calibra Wallet Won't Launch in India, Facebook's Biggest Market

5 hours 43 min ago
An anonymous reader shares a report: Facebook unveiled its audacious Libra cryptocurrency and Calibra digital wallet on Tuesday through which it plans to transform financial services across the globe. The social juggernaut made clear of its ambitions when it said that it wishes to empower more than 1.7 billion people around the world who currently do not have a bank account. But potentially an equally large group of people would not be able to use Facebook's new digital payments service when it begins rollout next year. Responding to queries from TechCrunch, a Calibra spokesperson said that the digital wallet will not be rolling out to a number of markets that have taken a stand against cryptocurrency, or are sanctioned by the United States. "The Libra Blockchain will be global, but it will be up to custodial wallet providers to determine where they will and will not operate. Calibra won't be available in US-sanctioned countries or countries that ban cryptocurrencies," the spokesperson told TechCrunch. TechCrunch understands that India, Facebook's biggest market, is among the list of countries where Calibra does not intend to launch. Additionally, Calibra isn't going to be available in China, North Korea, and Iran, too, where Facebook does not currently have a presence. Further reading: Proposed Law in India Would Imprison Anyone Who Uses Cryptocurrency.

Read more of this story at Slashdot.

Google's Private Join and Compute Gives Companies Data Insights While Preserving Privacy

6 hours 23 min ago
An anonymous reader shares a report: Over 70 million records were stolen or leaked from poorly configured databases last year, making privacy a top concern. That's no doubt one motivation behind Google's open-sourcing this morning of Private Join and Compute, a new secure multi-party computation (MPC) tool designed to help organizations work together with confidential data sets. "We continually invest in new research to advance innovations that preserve individual privacy while enabling valuable insights from data," wrote engineering director Sarvar Patel and research scientist Moti Yung in a blog post. "Many important research, business, and social questions can be answered by combining data sets from independent parties, where each party holds their own information about a set of shared identifiers, some of which are common." At its core, Private Join and Compute lets organizations gain aggregated insights about the other party's data. They're able to encrypt identifiers and associated data, join them, and then perform calculations on the overlapping corpora to draw useful information. All identifiers and their associated data remain fully encrypted and unreadable throughout the process. While neither party is forced to reveal their raw data, they can answer questions at hand using outputs of the computation -- for instance, counts, sums, and averages. Private Join and Compute achieves this with two cryptographic privacy methods devised to protect sensitive data: Private set intersection and homomorphic encryption.

Read more of this story at Slashdot.

Apple's First Four iOS Apps For Mac Are Getting an Upgrade

7 hours 3 min ago
Apple is counting on apps built for the iPad and the iPhone being converted to the Mac as a way to infuse new energy -- and a lot of new software -- into the granddaddy of its devices. From a report: The party started last year at WWDC 2018 when Apple announced a "sneak peek" at four of its own apps that it converted from iOS to MacOS. Those four were News, Voice Memos, Home and Stocks. But when the apps showed up in MacOS Mojave, they weren't greeted with much enthusiasm from Mac users because all four were rudimentary at best and didn't take advantage of the Mac's extra capabilities. Good news. Apple is fixing them. At WWDC 2019 earlier this month, Apple announced Project Catalyst, which streamlines the process for all software makers to bring their own iOS apps to Mac. In an interview with CNET at WWDC, Apple software chief Craig Federighi confirmed that the four iOS apps for Mac released last year will get major updates based on the new technology in Project Catalyst. But he also revealed that the apps will get new designs to make them more Mac-like. "They're getting improvements," Federighi said. "The underlying technology has matured...Some of that is super low-level stuff. Some people have dissected those apps and realized that they were sort of two halves: an AppKit half and a UIKit half, literally running in different processes. That's all unified now. This has become much more of a native Mac framework...So automatically, the apps we built last year are upgraded."

Read more of this story at Slashdot.

Cloudflare Announces an Ethereum Gateway

7 hours 43 min ago
Internet security provider Cloudflare is introducing the Ethereum Gateway to its Distributed Web Gateway toolbox enabling users to interact with the Ethereum network without installing any software. From a report: This is part of Cloudflare's Distributed Web Gateway project to expand the decentralized web ecosystem and enhance its reliability, speed, and ease of use. Instead of downloading and cryptographically verifying hundreds of gigabytes of data -- an impossible task for low-power devices and those with low technical barriers to entry -- the gateway enables any device with web access to interact with the Ethereum network. This setup will make it possible to explore the blockchain and add interactive elements to sites powered by Ethereum smart contracts. In fact, the gateway gives people the ability to put new contracts on Ethereum with having to run a node, because Cloudflare will take a signed transaction and push it to the network thereby allowing miners to cryprographicaly add it. Despite the value Cloudflare brings to gateway clients, the service is completely free. Nick Sullivan, Cloudflare's Head of Cryptography, explains that the program "leverages the existing Cloudflare network, which already provides a number of free services."

Read more of this story at Slashdot.

YouTube and UMG Partner To Remaster Over 1,000 Iconic Music Videos From SD To Full-HD

8 hours 28 min ago
YouTube and Universal Music Group have teamed up to revamp more than 1,000 videos from artists including Lady Gaga, Tom Petty, Billy Idol and the Spice Girls. From a report: The goal is to "ensure current and future generations will get to enjoy these timeless classics as they've never before been experienced." At launch, 100 music videos have already been remastered and are available "in the highest available video and audio quality." This includes: Billy Idol, Beastie Boys, Boyz II Men, George Strait, Janet Jackson, Kiss, Lady Antebellum, Lady Gaga, Lionel Richie, Maroon 5, Meat Loaf, No Doubt/Gwen Stefani, Smokey Robinson, The Killers, Kiss, and Tom Petty.

Read more of this story at Slashdot.

YouTube, Under Fire, Considers Major Changes To Kids' Content

9 hours 6 min ago
YouTube is considering far-reaching changes to its platform in the wake of a string of incidents that put the video-streaming powerhouse on the defensive. From a report: Executives at the Google unit are debating moving all children's content into a separate product, the stand-alone YouTube Kids app, to better protect young viewers from objectionable videos, say people briefed on the discussions. That would be a seismic and risky switch, as children's videos are among the most popular on the platform and carry millions of dollars in advertising. Some YouTube employees are pushing for another major modification. They are encouraging the company to switch off for children's programming a feature that automatically plays a new video after one has been completed, according to the people briefed. While that default setting -- known as YouTube's recommendation system -- has helped boost audience hours to new heights, it has also opened the company up to criticism that kids and parents can select innocuous videos only to be automatically transitioned into inappropriate fare. [...] The possible changes, though still under discussion and not considered imminent, would be among the biggest ever for the platform, not least because they would require alterations to YouTube's infrastructure and significant negotiations over the boundaries of children's content.

Read more of this story at Slashdot.

He Says He Invented Bitcoin and Is Suing Those Who Doubt Him

9 hours 47 min ago
At a convention on digital currency, rarely does an audience Q&A session include a question as incendiary as, "Why is this fraud allowed to speak at this conference?" But that's how a discussion about Bitcoin ended up last year in Seoul. From a report: The supposed fraud is Craig Wright, an Australian-born technologist who gained notoriety three years ago when he declared himself the inventor of Bitcoin. The provocateur is Vitalik Buterin, a baby-faced Russian-Canadian programmer who helped create another popular digital currency called Ether. No one disputes Buterin's role in Ether; many reject Wright's claim to be Satoshi Nakamoto, the mysterious genius behind Bitcoin. Wright is a comic-book supervillain for some in the world of cryptocurrency. Buterin's rant was applauded by a handful of people at the conference, including one of the panelists and a man on the sidelines wearing a vest and metallic fiber shirt. It had the feel of an impromptu live performance of a Twitter flame war. The whole thing lasted 90 seconds. Footage recorded from the crowd provided an amusing YouTube video and sparked a fresh round of tweets mocking Wright. That appeared to be that, until a year later when Buterin received a letter from Wright's attorney. The legal notice, dated April 12, said Wright intends to sue Buterin in the U.K. for defamation. Less than a week later, Wright filed suit with similar claims against a podcaster named Peter McCormack, seeking 100,000 pounds ($129,000) in damages. And on May 2, Wright's lawyers served Roger Ver, an early Bitcoin investor, at a cryptocurrency meet-up in London.

Read more of this story at Slashdot.

World's Population Is Projected To Nearly Stop Growing By the End of the Century

10 hours 53 min ago
schwit1 writes: The world's population is projected to nearly stop growing by the end of the century due in large part to falling global fertility rates, according to a Pew Research Center analysis of new data from the United Nations. By 2100, the world's population is projected to reach approximately 10.9 billion, with annual growth of less than 0.1% -- a steep decline from current levels. Between 1950 and today, the world's population grew between 1% and 2% each year, with the number of people rising from 2.5 billion to more than 7.7 billion. The report also found the world's population is getting older, with people over the age of 65 being the fastest-growing age group. "One in four people living in Europe and Northern America could be 65 years or older by 2050," reports USA Today. "And the number of people age 80 or over is projected to triple globally, from 143 million in 2019 to 426 million in 2050." As for the global fertility rate, it fell from 3.2 births per woman in 1990 to 2.5 in 2019 and is projected to decline even further to 2.2 in 2050.

Read more of this story at Slashdot.

Amazon Expands Air Cargo Fleet With 15 More Planes, Will Have 70 Planes By 2021

13 hours 53 min ago
Amazon announced this morning the expansion of its own air delivery network, Amazon Air. "The retailer says it's leasing an additional 15 Boeing 737-800 cargo aircraft from partner GE Capital Aviation Services (GECAS)," reports TechCrunch. "These will join the five Boeing 737-800's already leased from GECAS, announced earlier this year. The aircraft will fly out of more than 20 U.S. air gateways in the Amazon Air network." From the report: In addition, Amazon says it will open more air facilities in 2019, including at Fort Worth Alliance Airport, Wilmington Air Park and Chicago Rockford International Airport. Meanwhile, the main Air Hub at the Cincinnati/Northern Kentucky International Airport will open in 2021. The Amazon Air network, then called Prime Air, was first launched in 2016, with the goal of speeding up Amazon's e-commerce deliveries, particularly for its Prime members. But over the years, the competition with partners-slash-rivals like FedEx have heated up -- and not only on air cargo, but also in newer areas like ground delivery robots and drones. At the end of last year, Amazon announced more aircraft additions for Amazon Air, bumping the network from 40 planes to 50. Today, it says it's on track to reach 70 planes by 2021, thanks to this new expansion. The company also claims to have created thousands of U.S. jobs thanks to Amazon's investment of millions into its air network.

Read more of this story at Slashdot.

Two Potentially Life-Friendly Planets Found Orbiting a Nearby Star

16 hours 53 min ago
A tiny, old star just 12 light-years away might host two temperate, rocky planets, astronomers announced today. If they're confirmed, both of the newly spotted worlds are nearly identical to Earth in mass, and both planets are in orbits that could allow liquid water to trickle and puddle on their surfaces. National Geographic reports: Scientists estimate that the stellar host, known as Teegarden's star, is at least eight billion years old, or nearly twice the sun's age. That means any planets orbiting it are presumably as ancient, so life as we know it has had more than enough time to evolve. And for now, the star is remarkably quiet, with few indications of the tumultuous stellar quakes and flares that tend to erupt from such objects. The two worlds orbit a star so faint that it wasn't even spotted until 2003, when NASA astrophysicist Bonnard Teegarden was mining astronomical data sets and looking for dim, nearby dwarf stars that had so far evaded detection. Teegarden's star is a stellar runt that's barely 9 percent of the sun's mass. It's known as an ultra-cool M dwarf, and it emits most of its light in the infrared -- just like the star TRAPPIST-1, which hosts seven known rocky planets. But Teegarden's star is just a third as far from Earth as the TRAPPIST-1 system, which makes it ideal for further characterization. The team of astronomers reported their findings in the journal Astronomy & Astrophysics.

Read more of this story at Slashdot.

Ireland To Ban New Petrol, Diesel Vehicles By 2030

Tue, 06/18/2019 - 11:30pm
An anonymous reader quotes a report from the BBC: The Irish government plans to ban the sale of new petrol and diesel vehicles by 2030, as part of a major strategy to protect the environment. The aim is to ensure that all new cars and vans on Irish roads in 11 years' time are electric vehicles. The proposed legislation was among 180 measures in the government's Climate Action Plan, published on Monday. The document also includes a target to implement an EU-wide ban on non-recyclable plastic by 2030. Unveiling the plan on Monday, the Environment Minister Richard Bruton said Ireland was "currently 85% dependent on fossil fuels." Mr Bruton said the plan was a roadmap to achieving existing 2030 emissions targets and would put Ireland "on a trajectory to achieve net zero carbon emissions by 2050." The hope is that by the time the petrol and diesel vehicle ban is introduced in 2030 there will be 950,000 electric vehicles on Irish roads. The government is set to invest in a "nationwide" charging network to power the new vehicles. By 2025, at least one recharging point will be required at new non-residential buildings with more than 10 parking spaces. The government also said it would stop granting National Car Test (NCT) certificates to fossil fuel cars by 2045. "The compulsory inspection program is carried out every year on vehicles that are more than 10 years old," reports the BBC.

Read more of this story at Slashdot.

Bernie Sanders Supports Video Game Workers Unions

Tue, 06/18/2019 - 10:02pm
U.S. Senator and presidential candidate Bernie Sanders has taken to Twitter to announce his support for video game workers unions. "In his message, Sanders gives shout-outs to IATSE (the International Alliance of Theatrical Stage Employees) and Game Workers Unite, two organizations that have been working to help game creators organize," reports VentureBeat. "He also links to a June 11 Time story about the epidemic of worker burn out occurring in the industry." From the report: Video games make a ton of money, including $43 billion in revenue in 2018 in the U.S. (as Sanders also points out). But the people making games are often overworked and suspect to "crunch," mandatory (and sometimes unpaid) overtime. Recently, stories of unhealthy crunch cultures have surrounded giant game makers like Rockstar and Electronic Arts. Other employees suffer mass layoffs, like at Activision Blizzard earlier this year, even when their companies are big or even record profits. Some studios shut down completely.

Read more of this story at Slashdot.

Secretive Magic Leap Says Ex-Engineer Copied Headset For China

Tue, 06/18/2019 - 9:25pm
Magic Leap, a secretive U.S. startup that makes a $2,295 augmented-reality headset, filed a lawsuit Monday accusing one of its former engineers of stealing its technology to create his own AR device for China. Bloomberg reports: In a lawsuit filed Monday, Magic Leap alleges that Chi Xu, who left in 2016, exploited its confidential information to "quickly develop a prototype of lightweight, ergonomically designed, mixed reality glasses for use with smart phones and other devices that are strikingly similar" to the Florida-based startup's designs. The lawsuit marks the latest accusation from an American firm of intellectual property theft by Chinese companies, a perennial sore point that's helped escalate tensions between the world's two largest economies. With more than $2 billion in financing, Magic Leap is one of the better-funded startups delving into so-called augmented or mixed reality, a technology that gives users the illusion that fantastical, three-dimensional digital objects exist in the physical world. Xu, who founded Beijing-based Hangzhou Tairuo Technology Co., also known as Nreal, unveiled his own augmented reality glasses at a major Las Vegas trade show in January, touting them as lighter than the Magic Leap One, Forbes has reported. Magic Leap released its headset last August after seven years of secretive work and more than $2 billion of investment. The startup alleges that Xu plotted during his roughly 13 months working there to launch his own competing company in China and "neglected his work duties" to acquire proprietary information. Xu is accused in the suit of breach of contract, fraud and unfair competition.

Read more of this story at Slashdot.

Facebook's Calibra Is a Secret Weapon For Monetizing Its New Cryptocurrency

Tue, 06/18/2019 - 8:45pm
Earlier today, Facebook announced its cryptocurrency "Libra" and the nonprofit association that will oversee it. "But behind Facebook's ambitions to create a quasi-nation state ruled by mostly corporate interests is a secret weapon, one the company hopes it can use to create another platform used by billions of people -- and generate enormous new revenue streams along the way," reports The Verge. "It's called Calibra, and it's a new subsidiary of Facebook the company is launching to build financial services and software on top of the Libra blockchain." From the report: At first blush, Calibra resembles a fairly standard payments company -- but its tight integration with Facebook's enormous user base could give it a significant advantage over any rivals. Thanks to its proximity to the technical development of Libra, and its ability to leverage WhatsApp, Messenger, and Instagram, Calibra could very well become Facebook's next big thing. Calibra's immediate goal is to develop and launch its own digital cryptocurrency wallet, and integrate that wallet into other Facebook products. The company will become a member of the nonprofit Libra Association and have equal voting power the other partners as Facebook's official representative, which include Uber, Lyft, eBay, and PayPal, along with several other tech companies, financial service providers, venture capitalists, and fellow nonprofits. That way, Facebook can say it does not solely control the currency or the network by itself. It also gets the benefit of having twice the representation as other companies, at least for now. Libra is the technology that underpins the network. But when it launches, Calibra will likely be how most people interact with the currency until competing wallets arise. In fact, it will likely be the first cryptocurrency wallet that hundreds of millions of people will have access to, by nature of being bundled with Facebook's massive ecosystem. With billions of users potentially interacting with Calibra, it will instantaneously have many hundreds of times the user base of the world's most popular existing wallets from Coinbase and others. Kevin Weil, vice president of product at Calibra, says the primary business model isn't to make money off ads targeted using your purchase history or to charge people for using the Calibra app. The real goal, Weil says, is to boost adoption to the point where Libra can have a vibrant financial services economy built on top of it, not just by Facebook but by any other company in the world. Weil says Libra becoming successful will have all sorts of positive ripple effects for all participants. "You suddenly have billions of new consumers for any online service. Businesses today that operate in cash only, if they have access to a digital currency they have access to advertising platforms, including Facebook," he says. "There are meaningful side effects on Facebook's business if Libra is successful."

Read more of this story at Slashdot.

Pages