Government

Eric Holder Says DoJ Could Strike Deal With Snowden; Current AG Takes Hard Line 139 139

cold fjord writes with the report at Yahoo that Former Attorney General Eric Holder said today that a "possibility exists" for the Justice Department to cut a deal with ... Edward Snowden that would allow him to return to the United States ... Holder said "we are in a different place as a result of the Snowden disclosures" and that "his actions spurred a necessary debate" that prompted President Obama and Congress to change policies ... "I certainly think there could be a basis for a resolution that everybody could ultimately be satisfied with. I think the possibility exists." A representative of current Attorney General Loretta Lynch, though, said that there has been no change in the government's position ("This is an ongoing case so I am not going to get into specific details but I can say our position regarding bringing Edward Snowden back to the United States to face charges has not changed."), Holder's musings aside. As the article points out, too, "any suggestion of leniency toward Snowden would likely run into strong political opposition in Congress as well as fierce resistance from hard-liners in the intelligence community."
Yahoo!

The Next Java Update Could Make Yahoo Your Default Search Provider 328 328

itwbennett writes: At the company's shareholder meeting on Wednesday, Yahoo CEO Marissa Mayer announced a partnership with Oracle that could result in Yahoo becoming your default search provider in your browser. Starting this month, when users are prompted to update to the next version of Java, they'll be asked to make Yahoo their default search engine on Chrome (and Internet Explorer, for what it's worth). And, according to a Wall Street Journal report, the button will be checked by default, so if you aren't looking out for it, you might unwittingly find yourself a Yahoo user.
Apple

Woz To Be Immortalized In Wax 72 72

mikejuk writes: Having already made wax figures of Steve Jobs and Mark Zuckerberg, the Madame Tussauds museum recently put out a call for nominations for who should be next, with the stipulation that the nominees have a connection with the Bay Area. The shortlist was then whittled down to ten, including Google co-founder Larry Page, Tesla's Elon Musk, Marc Benioff of Salesforce, Facebook's Sheryl Sandberg and Marissa Mayer of Yahoo. Any of them would look great as wax figures, but outcome of the public vote was a clear winner — Steve Wozniak. Once his statue is complete Woz will be on display next to Steve Jobs in San Francisco and an ideal setting for a selfie.
Yahoo!

Yahoo Killing Maps, Pipes & More 176 176

alphadogg writes: Yahoo is shutting down its mapping service, Pipes and reducing the availability of Yahoo TV and Yahoo Music. The company has decided instead to focus on three major parts of its business: search, communications, and digital content. "We made this decision to better align resources to Yahoo's priorities as our business has evolved since we first launched Yahoo Maps eight years ago," says the company.
Communications

PayPal Will Be Able To Robo-Text/Call Users With No Opt-out Starting July 1 116 116

OutOnARock notes that as PayPal separates from eBay in the coming months, new terms of service are set to take effect on July 1st. Most of the changes unexciting, but one provision has consumer rights groups up in arms: PayPal is granting itself the ability to use automated systems to call and text users. These robocalls could happen for something as serious as debt collection or as frivolous as advertisements. What's more, the company grants the same rights to its affiliates. Activists are questioning the legality of these changes. "Given that both the Telephone Consumer Protection Act (which created the Do Not Call list) and the Fair Debt Collection Practices Act ban most robocalling and texting, this seemed in direct opposition to consumer protections granted Americans by Congress." PayPal says it will comply with all laws, but their actions may spark a legal debate about whether terms of service can qualify as "written consent."
EU

Greece Is Running Out of Money, Cannot Make June IMF Repayment 743 743

jones_supa writes: Greece, the country which has been in extreme financial trouble and high debt for years, cannot make debt repayments to the International Monetary Fund (IMF) next month, unless it achieves a deal with creditors. 'The four installments for the IMF in June are €1.6 billion ($1.8 billion). This money will not be given and is not there to be given,' Interior Minister Nikos Voutsis told Greek Mega TV's weekend show. Shut out of bond markets and with bailout aid locked, cash-strapped Athens has been scraping state coffers to meet debt obligations and to pay wages and pensions. With its future as a member of the 19-nation eurozone potentially at stake, a second government minister accused its international lenders of subjecting it to slow and calculated torture.
Biotech

DNA On Pizza Crust Leads To Quadruple Murder Suspect 184 184

HughPickens.com writes: In a case straight out of CSI, CNN reports that police are searching for the man suspected in the gruesome slayings of the Savopoulos family and their housekeeper, after his DNA was purportedly found on a pizza crust at the scene of the quadruple murders. They discovered his DNA on the crust of a Domino's pizza — one of two delivered to the Savopoulos home May 14 as the family was held hostage inside — a source familiar with the investigation said. The pizza apparently was paid for with cash left in an envelope on the porch. The next morning, Savvas Savopoulos's personal assistant dropped off a package containing $40,000 in cash at the home, according to the officials and police documents.

The bodies of Savopoulos, along with his wife, Amy, their 10-year-old son Philip and the family's housekeeper, Veralicia Figueroa, were discovered the afternoon of May 14 after firefighters responded to reports of a fire. D.C. Police Chief Cathy Lanier says the killings are likely not a random crime and police have issued an arrest warrant for the 34-year-old Daron Dylon Wint, who is described as 5'7 and 155 lbs and might also go by the name "Steffon." Wint apparently used to work at American Iron Works, where Savvas Savopoulos was CEO and president. The neighborhood is home to numerous embassies and diplomatic mansions as well as the official residence of Vice President Joe Biden and his wife. "Right now you have just about every law enforcement officer across the country aware of his open warrant and are looking for him," says Lanier. "I think even his family has made pleas for him to turn himself in."
The Internet

Rand Paul Moves To Block New "Net Neutrality" Rules 438 438

SonicSpike writes with news about another bump in the road for net neutrality. U.S. Senator Rand Paul, a Republican presidential hopeful, on Wednesday introduced a resolution to block new regulations on Internet service providers, saying they would 'wrap the Internet in red tape.' The 'net neutrality' rules, which are slated to take effect in June, are backed by the Obama administration and were passed by the Democratic majority of the Federal Communications Commission in February. AT&T Inc and wireless and cable trade associations are challenging them in court. Paul's resolution, if adopted, would allow the Senate to fast-track a vote to establish that Congress disapproves of the FCC's new rules and moves to nullify them.
Cellphones

Turning a Smartphone Display Into a Biometric Scanner 16 16

New submitter jan_jes writes: Recent mobile phones integrate fingerprint scanners to authenticate users biometrically and replace passwords, making authentication more convenient. Researchers at Yahoo Labs have created a new technology called "Bodyprint," which turns your smartphone's touchscreen display into a biometric scanner. It allows the touch sensor to scan users' body parts (PDF) such as ears, fingers, fists, and palms by pressing them against the display. Bodyprint implements the four-eye principle for locking sensitive documents — accessing the document can require the presence of two or more people involved with the project. Another application is authenticating a user to answer a call by scanning their ear pressed against the phone.
Yahoo!

Yahoo Called Its Layoffs a "Remix." Don't Do That. 194 194

Nerval's Lobster writes: Yahoo CEO Marissa Mayer, in a conference call with reporters and analysts, referred to the net layoffs of 1,100 employees in the first quarter of 2015 as part of a 'remixing' of the company. A 'remix' is a term most often applied to songs, although it's also appropriate to use in the context of photographs, films, and artwork. CEOs rarely use it to describe something as momentous as a major enterprise's transition, especially if said transition involves layoffs of longtime employees, because it could potentially appear flippant to observers. If you run your own shop (no matter how large), it always pays to choose words as carefully as possible when referring to anything that affects your employees' lives and careers. Despite a renewed focus on mobile and an influx of skilled developers and engineers, Yahoo still struggles to define its place on the modern tech scene; that struggle is no more evident than in the company's most recent quarterly results, which included rising costs, reduced net income, and layoffs.
The Almighty Buck

George Lucas Building Low-Income Housing Next Door To Millionaires 540 540

BarbaraHudson writes His neighbors wouldn't let him build a film studio on his land, so George Lucas is retaliating in a way that only the cream of Hollywood could — by building the largest affordable housing development in the area — and footing the entire $200 million bill, no government subsidies or grants. The complex of affordable housing, funded and designed by Lucas, would sit on 52 acres of land and provide homes to 224 low-income families, and there's very little his fellow Bay Area residents can do about it, because the land is zoned residential.
The Almighty Buck

William Shatner Proposes $30 Billion Water Pipeline To California 678 678

Taco Cowboy writes The 84-year-old Star Trek star wants to build a water pipeline to California. All it'll cost, according to Mr. Shatner, is $30 billion, and he wants to KickStarter the funding campaign. According to Mr. Shatner, if the KickStarter campaign doesn't raise enough money then he will donate whatever that has been collected to a politician who promise to build that water pipe. Where does he wants to get the water? Seattle, "A place where there's a lot of water. There's too much water," says Mr. Shatner.
Space

NASA's Chief Scientist Predicts Evidence For Life Beyond Earth By 2025 160 160

An anonymous reader writes: Ellen Stofan, chief scientist at NASA, predicts we're not far off from finding evidence for alien life. At a panel discussion yesterday, she said, "I think we're going to have strong indications of life beyond Earth within a decade, and I think we're going to have definitive evidence within 20 to 30 years." She added, "We know where to look. We know how to look. In most cases we have the technology, and we're on a path to implementing it." Stofan thinks putting astronauts on Mars will be a big part of that goal. As efficient as robot missions are, she thinks it'll take humans digging and cracking rocks to find definitive evidence for life on other worlds.
Encryption

The Problem With Using End-to-End Web Crypto as a Cure-All 89 89

fsterman writes: Since the Snowden revelations, end-to-end web encryption has become trendy. There are browser add-ons that bolt a PGP client onto webmail and both Yahoo and Google are planning to support PGP directly. They attempt to prevent UI spoofing with icons similar to the site-authentication banks use to combat phishing.

The problem is that a decade of research shows that users habituate to these icons and come to ignore them. An attacker can pull off UI spoofing with a 90%+ success rate.
Internet Explorer

Microsoft To Stop Enabling 'Do Not Track' By Default 64 64

An anonymous reader writes: The history of the do-not-track setting for web browsers has been rife with debate. It took a long time for web experts to come to anything resembling a consensus on how it should be implemented, and the process isn't over yet. Microsoft took criticism for enabling the do-not-track setting by default in Internet Explorer. While it sounds good in theory, many worried it would just spur websites to completely disregard the setting (and some, like Yahoo, did just that). Now, Microsoft has reversed their stance. The do-not-track setting will not be enabled by default in the company's future browsers. They say, "Put simply, we are updating our approach to DNT to eliminate any misunderstanding about whether our chosen implementation will comply with the W3C standard. ... As a result, DNT will not be the default state in Windows Express Settings moving forward, but we will provide customers with clear information on how to turn this feature on in the browser settings should they wish to do so."
Google

Google 'Makes People Think They Are Smarter Than They Are' 227 227

HughPickens.com writes Karen Knapton reports at The Telegraph that according to a study at Yale University, because they have the world's knowledge at their fingertips, search engines like Google or Yahoo make people think they are smarter than they actually are giving people a 'widely inaccurate' view of their own intelligence that can lead to over-confidence when making decisions. In a series of experiments, participants who had searched for information on the internet believed they were far more knowledgeable about a subject that those who had learned by normal routes, such as reading a book or talking to a tutor. Internet users also believed their brains were sharper. "The Internet is such a powerful environment, where you can enter any question, and you basically have access to the world's knowledge at your fingertips," says lead researcher Matthew Fisher. "It becomes easier to confuse your own knowledge with this external source. When people are truly on their own, they may be wildly inaccurate about how much they know and how dependent they are on the Internet." In the tests searching for answers online leads to an illusion such that externally accessible information is conflated with knowledge "in the head" (PDF). This holds true even when controlling for time, content, and search autonomy during the task. "The Internet is an enormous benefit in countless ways, but there may be some trade-offs that aren't immediately obvious and this may be one of them," concludes Fisher. "Accurate personal knowledge is difficult to achieve, and the Internet may be making that task even harder."
Advertising

How Malvertising Abuses Real-Time Bidding On Ad Networks 113 113

msm1267 writes Dark corners of the Internet harbor trouble. They're supposed to. But what about when Yahoo, CNN.com, TMZ and other busy destination sites heave disaster upon visitors? That's the challenge posed by malvertising, the latest hacker Golden Goose used in cybercrime operations and even in some targeted attacks. Hackers are thriving in this arena because they have found an unwittingly complicit partner in the sundry ad networks to move malicious ads through legitimate processes. Adding gasoline to the raging fire is the abuse of real-time ad bidding, a revolution in the way online ads are sold. RTB enables better ad targeting for advertisers and less unsold inventory for publishers. Hackers can also hitch a ride with RTB and target malicious ads on any site they wish, much the way a legitimate advertiser would use the same system.
Security

Many Password Strength Meters Are Downright Weak, Researchers Say 159 159

alphadogg writes "Website password strength meters often tell you only what you want to hear rather than what you need to hear. That's the finding from researchers at Concordia University in Montreal, who examined the usefulness of those ubiquitous red-yellow-green password strength testers on websites run by big names such as Google, Yahoo, Twitter and Microsoft/Skype. The researchers used algorithms to send millions of 'not-so-good' passwords through these meters, as well as through the meters of password management services such as LastPass and 1Password, and were largely underwhelmed by what they termed wildly inconsistent results. Inconsistent can go both directions: I've seen password-strength meters that balked at absolutely everything (accepting weak passwords as good, after calling wildly long and random ones poor).
Security

Flash-Based Vulnerability Lingers On Many Websites, Three Years Later 42 42

itwbennett writes: The vulnerability known as CVE-2011-2461 was unusual because fixing it didn't just require the Adobe Flex Software Development Kit (SDK) to be updated, but also patching all the individual Flash applications (SWF files) that had been created with vulnerable versions of the SDK. The company released a tool that allowed developers to easily fix existing SWF files, but many of them didn't. Last year, Web application security engineers Luca Carettoni from LinkedIn and Mauro Gentile from Minded Security came across the old flaw while investigating Flash-based techniques for bypassing the Same-Origin Policy (SOP) mechanism found in browsers. They found SWF files that were still vulnerable on Google, Yahoo, Salesforce, Adobe, Yandex, Qiwi and many other sites. After notifying the affected websites, they presented their findings last week at the Troopers 2015 security conference in Germany.