Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Communications

AT&T Offering Day Pass For International Travelers (cnet.com) 8

Starting Friday, AT&T customers who travel abroad can sign up for a new International Day Pass plan. Instead of paying by the minute, message or megabyte, the plan lets you pay a $10-a-day flat free so you can talk and text "all you want" and also access your data plan as though you're in the states. From a report: AT&T said the new plan is available for customers traveling to more than 100 countries listed here. To use the new plan, customers just need to add it once and it will automatically kick in each time they travel to a supported country, until it's removed.
Transportation

When Their Shifts End, Uber Drivers Set Up Camp in Parking Lots Across the US (bloomberg.com) 287

A feature report on Bloomberg today illustrates the lives of several Uber drivers, who find shelter in car parking at nights when it's too pricey and tiring to go home. An excerpt from the story: In Chicago, Walter Laquian Howard sleeps most nights at the "Uber Terminal." "I left my job thinking this would work, and it's getting harder and harder," Howard said. "They have to understand that some of us have decided to make this a full-time career." Howard has been parking and sleeping at the 7-Eleven four to five nights a week since March 2015, when he began leasing a car from Uber and needed to work more hours to make his minimum payments. Now that it's gotten cold, he wakes up every three hours to turn on the heater. He's rarely alone. Most nights, two to three other ride-hailing drivers sleep in cars parked next to his. It's safe, he said, and the employees let the drivers use the restroom. Howard has gotten to know the convenience store's staff -- Daddy-O and Uncle Mike -- over the past two years while driving for this global ride-hailing gargantuan, valued at $69 billion. "These guys have become my extended family," said Howard, 53. "It's my second home. We have this joke that I'm the resident. I keep asking them: 'Hey, did my mail come in yet?'"
Oracle

Oracle Lays Off More Than 1,000 Employees (zdnet.com) 101

An anonymous reader writes: According to the Mercury News, Oracle is laying off approximately 450 employees in its Santa Clara hardware systems division. Reports at The Layoff, a discussion board for technology business firings, claim about 1,800 employees company-wide are being pink-slipped. Oracle claims the company isn't closing the Santa Clara facility with this reduction in force. Instead, "Oracle is refocusing its Hardware Systems business, and for that reason, has decided to lay off certain of its employees in the Hardware Systems Division."
Businesses

Sprint Purchases 33 Percent Stake in Tidal For $200 Million (billboard.com) 59

Sprint has acquired a 33 percent stake in Jay Z's music streaming service Tidal, the two companies announced today. From a report: A source familiar with the matter tells Billboard that the purchase was for $200 million and that Jay and each of the company's two dozen artist-owners will remain part owners. As part of the deal, Tidal will become available to Sprint's 45 million retail customers, while the companies will partner for exclusives from its artists, according to a press release.
Crime

Western Union Pays $586M Fine Over Wire Fraud Charges (reuters.com) 102

The head of the FTC says Western Union "facilitated scammers and rip-offs," while the company "looked the other way." An anonymous reader quotes Reuters: The world's biggest money-transfer company agreed to pay $586 million and admitted to turning a blind eye as criminals used its service for money laundering and fraud, U.S. authorities said on Thursday. Western Union, which has over half a million locations in more than 200 countries, admitted "to aiding and abetting wire fraud" by allowing scammers to process transactions, even when the company realized its agents were helping scammers avoid detection, the U.S. Department of Justice and the Federal Trade Commission said in statements...

Fraudsters offering fake prizes and job opportunities swindled tens of thousands of U.S. consumers, giving Western Union agents a cut in return for processing the payments, authorities said. Between 2004 and 2012, the Colorado-based company knew of fraudulent transactions but failed to take steps that would have resulted in disciplining of 2,000 agents, authorities said... Between 2004 and 2015 Western Union collected 550,928 complaints about fraud, with 80 percent of them coming from the United States where it has some 50,000 locations, the government complaint said. The average consumer complaint was for $1,148, the government said.

Reuters seemed to suggest that nearly one out of every thousand transactions was fraudulent, reporting that Western Union "said consumer fraud accounts for less than one-tenth of 1 percent of consumer-to-consumer transactions."
Electronic Frontier Foundation

Three States Propose DMCA-Countering 'Right To Repair' Laws (ifixit.org) 187

Automakers are using the Digital Millennium Copyright Act to shut down tools used by car mechanics -- but three states are trying to stop them. An anonymous reader quotes IFixIt.Org: in 2014, Ford sued Autel for making a tool that diagnoses car trouble and tells you what part fixes it. Autel decrypted a list of Ford car parts, which wound up in their diagnostic tool. Ford claimed that the parts list was protected under copyright (even though data isn't creative work) -- and cracking the encryption violated the DMCA. The case is still making its way through the courts. But this much is clear: Ford didn't like Autel's competing tool, and they don't mind wielding the DMCA to shut the company down...

Thankfully, voters are stepping up to protect American jobs. Just last week, at the behest of constituents, three states -- Nebraska, Minnesota, and New York -- introduced Right to Repair legislation (more states will follow). These 'Fair Repair' laws would require manufacturers to provide service information and sell repair parts to owners and independent repair shops.

Activist groups like the EFF and Repair.org want to "ensure that repair people aren't marked as criminals under the DMCA," according to the site, arguing that we're heading towards a future with many more gadgets to fix. "But we'll have to fix copyright law first."
Android

Do Android Users Still Use Custom Roms? (androidauthority.com) 202

"With all of the drama at CyanogenMod, Android Authority takes a look at the current state of custom ROM development," writes Slashdot reader Thelasko. From the article: The future of CyanogenMod appears uncertain, after the open source ROM was forced to fork under the name Lineage OS. Fortunately there are already other remixed versions of Android available, with some of the most popular being Paranoid Android, Resurrection Remix, and Dirty Unicorns... [But] with each new version of Android, the gap between Android and popular custom ROMs has shrunk, which begs an interesting question: Are custom ROMs even necessary anymore? To answer this, let's take a quick look at the state of custom ROM development as it exists today.
The article points out that mobile virtual reality is "on the verge of becoming mainstream and the wearable market has grown tremendously," asking whether custom firmware will also integrate these newer technologies. But the original submission also asks a question that's closer to home. What custom ROMs do Slashdot users have installed?
Education

The 32-Bit Dog Ate 16 Million Kids' CS Homework (code.org) 148

"Any student progress from 9:19 to 10:33 a.m. on Friday was not saved..." explained the embarrassed CTO of the educational non-profit Code.org, "and unfortunately cannot be recovered." Slashdot reader theodp writes: Code.org CTO Jeremy Stone gave the kids an impromptu lesson on the powers of two with his explanation of why The Cloud ate their homework. "The way we store student coding activity is in a table that until today had a 32-bit index... The database table could only store 4 billion rows of coding activity information [and] we didn't realize we were running up to the limit, and the table got full. We have now made a new student activity table that is storing progress by students. With the new table, we are switching to a 64-bit index which will hold up to 18 quintillion rows of information.
The issue also took the site offline, temporarily making the work of 16 million K-12 students who have used the nonprofit's Code Studio disappear. "On the plus side, this new table will be able to store student coding information for millions of years," explains the site's CTO. But besides Friday's missing saves, "On the down side, until we've moved everything over to the new table, some students' code from before today may temporarily not appear, so please be patient with us as we fix it."
Bug

Army Bug Bounty Researcher Compromises US Defense Department's Internal Network (threatpost.com) 41

Thursday the U.S. Army shared some surprising results from its first bug bounty program -- a three-week trial in which they invite 371 security researchers "trained in figuring out how to break into computer networks they're not supposed to." An anonymous reader quotes Threatpost: The Army said it received more than 400 bug reports, 118 of which were unique and actionable. Participants who found and reported unique bugs that were fixed were paid upwards of $100,000... The Army also shared high-level details on one issue that was uncovered through the bounty by a researcher who discovered that two vulnerabilities on the goarmy.com website could be chained together to access, without authentication, an internal Department of Defense website.

"They got there through an open proxy, meaning the routing wasn't shut down the way it should have been, and the researcher, without even knowing it, was able to get to this internal network, because there was a vulnerability with the proxy, and with the actual system," said a post published on HackerOne, which managed the two bounty programs on its platform. "On its own, neither vulnerability is particularly interesting, but when you pair them together, it's actually very serious."

United States

Is The Tech Industry Driving Families Out of San Francisco? (nytimes.com) 351

Why does San Francisco now have fewer children per capita than any of America's largest 100 cities? An anonymous reader writes: A move to the suburbs began in the 1970s, but "The tech boom now reinforces the notion that San Francisco is a place for the young, single and rich," according to the New York Times. "When we imagine having kids, we think of somewhere else," one software engineer tells the paper. The article describes "neighborhoods where employees of Google, Twitter and so many other technology companies live or work" where the sidewalks make it seem "as if life started at 22 and ended somewhere around 40."

Or is San Francisco just part of a larger trend? "California, which has one of the world's 10 largest economies, recently released data showing the lowest birthrate since the Great Depression. And the Los Angeles Times argues California's experience may just be following national trends. The drop "likely stems from the recession, a drop in teenage pregnancies and an increase in people attending college and taking longer to graduate, therefore putting off having children, said Walter Schwarm, a demographer at the Department of Finance."

So is this part of a larger trend -- or something unique about San Francisco? The New York Times also quotes Richard Florida, author of The Rise of the Creative Class, who believes technology workers are putting off families when they move to the Silicon Valley area because they anticipate long working hours. There's also complaints about San Francisco's public school system -- 30% of its children now attend private schools, the highest percentage of any large American city. But according to the article, Peter Thiel believes that San Francisco is just "structurally hostile to families."
Australia

Humans, Not Climate Change, Wiped Out Australian Megafauna (phys.org) 156

"New evidence involving the ancient poop of some of the huge and astonishing creatures that once roamed Australia indicates the primary cause of their extinction around 45,000 years ago was likely a result of humans, not climate change," reports Phys.org. schwit1 quotes their report on new analysis of a prehistoric sediment core from the Indian Ocean off the coast of Australia. The core contains chronological layers of material blown and washed into the ocean, including dust, pollen, ash and spores from a fungus called Sporormiella that thrived on the dung of plant-eating mammals, said CU Boulder Professor Gifford Miller, who participated in the study... Fungal spores from plant-eating mammal dung were abundant in the sediment core layers from 150,000 years ago to about 45,000 years ago, when they went into a nosedive, said Miller... "The abundance of these spores is good evidence for a lot of large mammals on the southwestern Australian landscape up until about 45,000 years ago," he said. "Then, in a window of time lasting just a few thousand years, the megafauna population collapsed."

The Australian collection of megafauna some 50,000 years ago included 1,000-pound kangaroos, 2-ton wombats, 25-foot-long lizards, 400-pound flightless birds, 300-pound marsupial lions and Volkswagen-sized tortoises. More than 85 percent of Australia's mammals, birds and reptiles weighing over 100 pounds went extinct shortly after the arrival of the first humans, said Miller... "There is no evidence of significant climate change during the time of the megafauna extinction."

The article adds that last year Miller also identified the first direct evidence that humans preyed on Australian megafauna -- burned eggshells from a 400-pound bird.
Crime

Geek Avenges Stolen Laptop By Remotely Accessing Thief's Facebook Account (hothardware.com) 331

An anonymous reader quotes Hot Hardware: Stu Gale, who just so happens to be a computer security expert, had the misfortune of having his laptop stolen from his car overnight. However, Gale did have remote software installed on the device which allowed him to track whenever it came online. So, he was quite delighted to see that a notification popped up on one of his other machines alerting him that his stolen laptop was active. Gale took the opportunity to remote into the laptop, only to find that the not-too-bright thief was using his laptop to login to her Facebook account.

The thief eventually left her Facebook account open and left the room, after which Gale had the opportunity to snoop through her profile and obtain all of her private information. "I went through and got her phone numbers, friends list and pictures..." Given that Gale was able to see her phone numbers listed on Facebook, he sent text messages to all of those numbers saying that he was going to report her to the police. He also posted her info to a number of Facebook groups, which spooked the thief enough to not only delete her Facebook account, but also her listed phone numbers.

In 2008 Slashdot ran a similar story, where it took several weeks of remote monitoring before a laptop thief revealed his identity. (The victim complained that "It was kind of frustrating because he was mostly using it to watch porn.") But in this case, Gale just remotely left a note on the laptop -- and called one of the thief's friends -- and eventually turned over all the information to the police, who believe an arrest will follow.

Gale seems less confident, and tells one Calgary newspaper "I'm realistic. I'm not going to see that computer again. But at least I got some comic relief."
Open Source

Free Software Foundation Shakes Up Its List of Priority Projects (networkworld.com) 92

alphadogg quotes Network World: The Free Software Foundation Tuesday announced a major rethinking of the software projects that it supports, putting top priority on a free mobile operating system, accessibility, and driver development, among other areas. The foundation has maintained the High Priority Projects list since 2005, when it contained just four free software projects. [That rose to 12 projects by 2008, though the changelog shows at least seven projects have since been removed.] Today's version mostly identifies priority areas, along with a few specific projects in key areas.
The new list shows the FSF will continue financially supporting Replicant, their free version of Android, and they're also still supporting projects to create a free software replacement for Skype with real-time voice and video capabilities. But they're now also prioritizing various projects to replace Siri, Google Now, Alexa, and Cortana with a free-software personal assistant, which they view as "crucial to preserving users' control over their technology and data while still giving them the benefits such software has for many."

And other priorities now include internationalization, accessibility, decentralization and self-hosting, and encouraging governments to adopt free software.
Programming

Knuth Previews New Math Section For 'The Art of Computer Programming' (stanford.edu) 162

In 1962, 24-year-old Donald Knuth began writing The Art of Computer Programming -- and 55 years later, he's still working on it. An anonymous reader quotes Knuth's web site at Stanford: Volume 4B will begin with a special section called 'Mathematical Preliminaries Redux', which extends the 'Mathematical Preliminaries' of Section 1.2 in Volume 1 to things that I didn't know about in the 1960s. Most of this new material deals with probabilities and expectations of random events; there's also an introduction to the theory of martingales.

You can have a sneak preview by looking at the current draft of pre-fascicle 5a (52 pages), last updated 18 January 2017. As usual, rewards will be given to whoever is first to find and report errors or to make valuable suggestions. I'm particularly interested in receiving feedback about the exercises (of which there are 125) and their answers (of which there are 125).

Over the years Knuth gave out over $20,000 in rewards, though most people didn't cash his highly-coveted "hexadecimal checks", and in 2008 Knuth switched to honorary "hexadecimal certificates". In 2014 Knuth complained about the "dumbing down" of computer science history, and his standards remain high. In his most-recent update, 79-year-old Knuth reminds readers that "There's stuff in here that isn't in Wikipedia yet!"
Power

New Wyoming Bill Penalizes Utilities Using Renewable Energy (csmonitor.com) 460

An anonymous reader quotes a Christian Science Monitor report on "a bill that would essentially ban large-scale renewable energy" in Wyoming. The new Wyoming bill would forbid utilities from using solar or wind sources for their electricity by 2019, according to Inside Climate News... The bill would require utilities to use "eligible resources" to meet 95 percent of Wyoming's electricity needs in 2018, and all of its electricity needs in 2019. Those "eligible resources" are defined solely as coal, hydroelectric, natural gas, nuclear, oil, and individual net metering... Utility-scale wind and solar farms are not included in the bill's list of "eligible resources," making it illegal for Wyoming utilities to use them in any way if the legislation passes. The bill calls for a fine of $10 per megawatt-hour of electricity from a renewable source to be slapped on Wyoming utilities that provide power from unapproved sources to in-state customers.
The bill also prohibits utilities from raising rates to cover the cost of those penalties, though utilities wouldn't be penalized if they exported that energy to other states. But one local activist described it as 'talking-point' legislation, and even the bill's sponsor gives it only a 50% chance of passing.
Firefox

The SHA-1 End Times Have Arrived (threatpost.com) 47

"Deadlines imposed by browser makers deprecating support for the weakened SHA-1 hashing algorithm have arrived," writes Slashdot reader msm1267. "And while many websites and organizations have progressed in their migrations toward SHA-2 and other safer hashing algorithms, pain points and potential headaches still remain." Threatpost reports: Starting on Jan. 24, Mozilla's Firefox browser will be the first major browser to display a warning to its users who run into a site that doesn't support TLS certificates signed by the SHA-2 hashing algorithm... "SHA-1 deprecation in the context of the browser has been an unmitigated success. But it's just the tip of the SHA-2 migration iceberg. Most people are not seeing the whole problem," said Kevin Bocek, VP of security strategy and threat intelligence for Venafi. "SHA-1 isn't just a problem to solve by February, there are thousands more private certificates that will also need migrating"...

Experts warn the move to SHA-2 comes with a wide range of side effects; from unsupported applications, new hardware headaches tied to misconfigured equipment and cases of crippled credit card processing gear unable to communicate with backend servers. They say the entire process has been confusing and unwieldy to businesses dependent on a growing number of digital certificates used for not only their websites, but data centers, cloud services, and mobile apps... According to Venafi's research team, 35 percent of the IPv4 websites it analyzed in November are still using insecure SHA-1 certificates. However, when researchers scanned Alexa's top 1 million most popular websites for SHA-2 compliance it found only 536 sites were not compliant.
The article describes how major tech companies are handling the move to SHA-2 compliance -- including Apple, Google, Microsoft, Facebook, Salesforce and Cloudflare
Open Source

Raspberry Pi Gets Competitors (hackaday.com) 113

Hackaday reports that Asus has "quietly released their Tinker board that follows the Pi form factor very closely, and packs a 1.8 GHz quad-core ARM Cortes A17 alongside an impressive spec At £55 (about $68) where this is being written it's more expensive than the Pi, but Asus go to great lengths to demonstrate that it is significantly faster."

And though the Raspberry Pi foundation upgraded their Compute Module, Pine64 has just unveiled their new SOPINE A64 64-bit computing module, a smaller version of the $15 Pine64 computer. An anonymous reader quotes ComputerWorld: At $29, the SOPINE A64 roughly matches the price of the Raspberry Pi Compute Module 3, which ranges from $25 to $30. The new SOPINE will ship in February, according to the website. The SOPINE A64 can't operate as a standalone computer like the Pine64. It needs to be plugged in as a memory slot inside a computer. But if you want a full-blown computer, Pine64 also sells the $15 SOPINE Baseboard Model-A, which "complements the SOPINE A64 Compute Module and turns it into a full single board computer," according to the company...

The original Pine64 was crowdsourced and also became popular for its high-end components like a 64-bit chip and DDR3 memory... It has 2GB RAM, which is twice that of Raspberry Pi's compute module. SOPINE also has faster DDR3 memory, superior to DDR2 memory in Raspberry Pi Compute Module 3 board.

Security

Pwn2Own 2017 Offers Big Bounties For Linux, Browser, and Apache Exploits (eweek.com) 51

Now that TrendMicro owns TippingPoint, there'll be "more targets and more prize money" according to eWeek, and something special for Pwn2Own's 10th anniversary in March. Slashdot reader darthcamaro writes: For the first time in its ten-year history, the annual Pwn2Own hacking competition is taking direct aim at Linux. Pwn2Own in the past has typically focused mostly on web browsers, running on Windows and macOS. There is a $15,000 reward for security researchers that are able to get a local user kernel exploit on Ubuntu 16.10. The bigger prize though is a massive $200,000 award for exploiting Apache Web Server running on Ubuntu.
"We are nine weeks away," TrendMicro posted Wednesday, pointing out that they're giving out over $1 million in bounties, including the following:
  • $100,000 for escaping a virtualization hypervisor
  • $80,000 for a Microsoft Edge or Google Chrome exploit
  • $50,000 for an exploit of Adobe Reader, Microsoft Word, Excel or PowerPoint
  • $50,000 for an Apple Safari exploit
  • $30,000 for a Firefox exploit
  • $30,000, $20,000 and $15,000 for privilege-escalating kernel vulnerabilities on Windows, macOS and Linux (respectively)
  • $200,000 for an Apache Web Server exploit

Mars

Scientists Enter Hawaii Dome In Eight-Month Mars Space Mission Study (reuters.com) 90

An anonymous reader quotes a report from Reuters: Six scientists have entered a dome perched atop a remote volcano in Hawaii where they will spend the next eight months in isolation to simulate life for astronauts traveling to Mars, the University of Hawaii said. The study is designed to help NASA better understand human behavior and performance during long space missions as the U.S. space agency explores plans for a manned mission to the Red Planet. The crew will perform geological field work and basic daily tasks in the 1,200-square-foot (365 m) dome, located in an abandoned quarry 8,000 feet (2.5 km) above sea level on the Mauna Loa volcano on Hawaii's Big Island. There is little vegetation and the scientists will have no contact with the outside world, said the university, which operates the dome. Communications with a mission control team will be time-delayed to match the 20-minute travel time of radio waves passing between Earth and Mars. "Daily routines include food preparation from only shelf-stable ingredients, exercise, research and fieldwork aligned with NASA's planetary exploration expectations," the university said. The project is intended to create guidelines for future missions to Mars, some 35 million miles (56 million km) away, a long-term goal of the U.S. human space program. The NASA-funded study, known as the Hawaii Space Exploration Analog and Simulation (Hi-SEAS), is the fifth of its kind.
NASA

NASA Is Planning Mission To An Asteroid Worth $10 Quintillion (usatoday.com) 300

New submitter kugo2006 writes: NASA announced a plan to research 16 Psyche, an asteroid potentially as large as Mars and primarily composed of Iron and Nickel. The rock is unique in that it has an exposed core, likely a result of a series of collisions, according to Lindy Elkins-Tanton, Psyche's principal investigator. The mission's spacecraft would launch in 2023 and arrive in 2030. According to Global News, Elkins-Tanton calculates that the iron in 16 Psyche would be worth $10,000 quadrillion ($10 quintillion).

Slashdot Top Deals