EU

Company Gets 45,000 Bad Facebook Reviews After Teenaged Hacker's Unjust Arrest (bleepingcomputer.com) 122

An anonymous reader quotes BleepingComputer: Over 45,000 users have left one-star reviews on a company's Facebook page after the business reported a security researcher to police and had him arrested in the middle of the night instead of fixing a reported bug. The arrest took place this week in Hungary after an 18-year-old found a flaw in the online ticket-selling system of Budapesti Közlekedési Központ, Budapest's public transportation authority. The young man discovered that he could access BKK's website, press F12 to enter the browser's developer tools mode, and modify the page's source code to alter a ticket's price. Because there was no client or server-side validation put in place, the BKK system accepted the operation and issued a ticket at a smaller price...

The teenager -- who didn't want his name revealed -- reported the issue to BKK, but the organization chose to contact the police and file a complaint, accusing the young man of hacking their systems... BKK management made a fatal mistake when they brazenly boasted in a press conference about catching the hacker and declaring their systems "secure." Since then, other security flaws in BKK's system have surfaced on Twitter. As details of the case emerged, public outrage grew against BKK and its manager Kálmán Dabóczi, especially after it was revealed that BKK was paying around $1 million per year for maintenance of its IT systems, hacked in such a ludicrously simple manner.

Debian

Debian 'Stretch' Updated With 9.1 Release (debian.org) 26

An anonymous reader quotes Debian.org: The Debian project is pleased to announce the first update of its stable distribution Debian 9 (codename "stretch"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems... Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old "stretch" media... Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release.
United Kingdom

UK To Require Drone Registration And Safety Exams (bloomberg.com) 65

An anonymous reader quotes Bloomberg: Drones will have to be registered and their users required to pass safety tests under new rules to be announced by the U.K.'s Department for Transport... Registration will be mandated for owners of drones 250 grams (8.8 ounces) or larger after research found that drones as small as 400 grams (14 ounces) could damage the windscreens of helicopters. Other security measures like "geo-fencing" -- GPS-based technology programmed into drones to prevent them from flying into sensitive areas such as prisons and airports -- are also under consideration, according to a statement from the department.
The BBC points out that "There is no time frame or firm plans as to how the new rules will be enforced and the Department of Transport admitted that 'the nuts and bolts still have to be ironed out.'"

"The UK government says 22 incidents involving commercial airliners and drones were investigated between January and April of this year," adds TechRadar, "with police unable to trace the owners of the drones -- one of the reasons for the new legislation."
Businesses

Disastrous 'Pokemon Go' Event Leads To Mass Refunds (techcrunch.com) 145

thegarbz writes: A Pokemon Go Fest hosted in Chicago and attended by between 15-20,000 people has ended in disaster. The event was plagued by logistical issues resulting in 3+ hour long delays getting into Chicago's Grant Park... Those people who were lucky enough to get into the paid event were greeted with a completely overloaded cell network unable to cope with the number of people trying to get online at the same time. The occasional person who was able to connect experienced a never ending string of game-breaking bugs when attempting to catch the rare Pokemon created specifically for this event.
Gaming company Niantic finally just gave a rare Pokemon Go character to everyone who attended -- though one attendee still called it a "horrible, terrible day." The Kansas City Star reported some people had paid as much as $400 for their tickets -- which had sold out within minutes -- and that some attendees had even started lining up for the event at 6 a.m.
The Military

The US Army Wants Distributed Bot Swarms And An 'Internet of Battlefield Things' (defenseone.com) 71

turkeydance shares a new report about the U.S. Army Research Lab: In the coming months, the Lab will fund new programs related to highly (but not fully) autonomous drones and robots that can withstand adversary electronic warfare operations... A second program called the Internet of Battlefield Things seeks to put to military use "the research that's going on in the commercial space" on distributed sensors and Internet-connected devices... One thrust will be equipping drones and other autonomous systems with bigger brains and better networking so that they can function even when an enemy jams their ability to radio back to a human controller for direction... "When you don't have bandwidth, when you're under cyber attack, when you're being jammed. That's the problem we're trying to address."
The lab's director also says they want "as much processing as possible on the node" so it can continue functioning in "contested environments."
Businesses

Are Nondisparagement Agreements Silencing Employee Complaints? (cnbc.com) 151

cdreimer writes, "According to a report in the New York Times, 'nondisparagement agreements are increasingly included in employment contracts and legal settlements' to hide abuses that would otherwise be made public." The Times reports: Employment lawyers say nondisparagement agreements have helped enable a culture of secrecy. In particular, the tech start-up world has been roiled by accounts of workplace sexual harassment, and nondisparagement clauses have played a significant role in keeping those accusations secret... Nondisparagement clauses are not limited to legal settlements. They are increasingly found in standard employment contracts in many industries, sometimes in a simple offer letter that helps to create a blanket of silence around a company. Their use has become particularly widespread in tech employment contracts, from venture investment firms and start-ups to the biggest companies in Silicon Valley, including Google... Employees increasingly "have to give up their constitutional right to speak freely about their experiences if they want to be part of the work force," said Nancy E. Smith, a partner at the law firm Smith Mullin.
Three different tech industry employees told the Times "they are not allowed to acknowledge that the agreements even exist." And Google "declined to comment" for the article.
Communications

Ask Slashdot: Someone Else Is Using My Email Address 483

periklisv writes: I daily receive emails from adult dating sites, loan services, government agencies, online retailers etc, all of them either asking me to verify my account, or, even worse, having signed me up to their service (especially dating sites), which makes me really uncomfortable, my being a married man with children... I was one of the early lucky people that registered a gmail address using my lastname@gmail.com. This has proven pretty convenient over the years, as it's simple and short, which makes it easy to communicate over the phone, write down on applications etc. However, over the past six months, some dude in Australia (I live in the EU) who happens to have the same last name as myself is using it to sign up to all sorts of services...

I tried to locate the person on Facebook, Twitter etc and contacted a few that seemed to match, but I never got a response. So the question is, how do you cope with such a case, especially nowadays that sites seem to ignore the email verification for signups?

Leave your best answers in the comments. What would you do if someone else started giving out your email address?
AI

Mozilla's New Open Source Voice-Recognition Project Wants Your Voice (mashable.com) 54

An anonymous reader quotes Mashable: Mozilla is building a massive repository of voice recordings for the voice apps of the future -- and it wants you to add yours to the collection. The organization behind the Firefox browser is launching Common Voice, a project to crowdsource audio samples from the public. The goal is to collect about 10,000 hours of audio in various accents and make it publicly available for everyone... Mozilla hopes to hand over the public dataset to independent developers so they can harness the crowdsourced audio to build the next generation of voice-powered apps and speech-to-text programs... You can also help train the speech-to-text capabilities by validating the recordings already submitted to the project. Just listen to a short clip, and report back if text on the screen matches what you heard... Mozilla says it aims is to expand the tech beyond just a standard voice recognition experience, including multiple accents, demographics and eventually languages for more accessible programs. Past open source voice-recognition projects have included Sphinx 4 and VoxForge, but unfortunately most of today's systems are still "locked up behind proprietary code at various companies, such as Amazon, Apple, and Microsoft."
Bug

Debian, Gnome Patched 'Bad Taste' VBScript-Injection Vulnerabilities (neowin.net) 71

Slashdot reader KiloByte warned us about new exploit for .MSI files named "bad taste". Neowin reports: A now-patched vulnerability in the "GNOME Files" file manager was recently discovered which allowed hackers to create dodgy MSI files which would run malicious VBScript code on Linux... Once Nils Dagsson Moskopp discovered the bug, he reported it to the Debian Project which fixed it very rapidly. The GNOME Project also patched the gnome-exe-thumbnailer file which is responsible for parsing MSI and EXE files inside the GNOME Files app... If you run a Linux distribution with the GNOME desktop it's advisable to run the update manager and check for updates as soon as possible before you become affected by this critical vulnerability.
The Military

The US And Australia Are Testing Hypersonic Missiles (engadget.com) 92

schwit1 quotes Engadget: Both the U.S. and Australia have confirmed that they recently completed a series of mysterious hypersonic missile tests. All the countries will say is that the flights were successful, and that they represented "significant milestones" in testing everything from the design assembly to the control mechanisms. They won't even say which vehicles were used or how quickly they traveled, although past tests have usually relied on Terrier Orion rockets and have reached speeds as high as Mach 8.

The tests are part of the long-running HIFiRE (Hypersonic International Flight Research Experimentation) program, whose first launch took place way back in 2009. They should help bring hypersonic flight to a "range of applications," according to HIFiRE partner BAE. That could easily include ultra-fast aircraft, but it's widely believed the focus here is on missiles and similar unmanned weapons. A hypersonic missile would fulfill the US military's goal of building a conventional weapon that can strike anywhere within an hour, and it would be virtually impossible to stop using existing missile defenses. In theory, enemy nations wouldn't dare attack if they knew they'd face certain retaliation within minutes.

Originally NASA was involved in the project, which has been ongoing for more than eight years. But it's timeline may have shortened after reports that foreign powers including Russia and China are already building their own hypersonic missiles.
Google

Linus Torvalds Now Reviews Gadgets On Google+ (zdnet.com) 50

An anonymous reader quotes ZDNet: If you know anything about Linus Torvalds, you know he's the mastermind and overlord of Linux. If you know him at all well, you know he's also an enthusiastic scuba diver and author of SubSurface, a do-it-all dive log program. And, if you know him really well, you'd know, like many other developers, he loves gadgets. Now, he's starting his own gadget review site on Google+: Working Gadgets...

"[W]hile waiting for my current build to finish, I decided to write a note about some of the gadgets I got that turned out to work, rather than all the crazy crap that didn't. Because while 90% of the cool toys I buy aren't all that great, there's still the ones that actually do live up to expectations. So the rule is: no rants. Just good stuff. Because this is about happy gadgets."

So far Linus has reviewed an automatic cat litter box, a scuba diving pressure regulator, and a Ubiquiti UniFi Wi-Fi access point that complements his Google WiFi mesh network.

Linus will be great at this. Just last week I saw him recommending a text editor.
Facebook

Facebook Petitioned To Change License For ReactJS (github.com) 41

mpol writes: The Apache Software Foundation issued a notice last weekend indicating that it has added Facebook's BSD+Patents [ROCKSDB] license to its Category X list of disallowed licenses for Apache Project Management Committee members. This is the license that Facebook uses for most of its open source projects. The RocksDB software project from Facebook already changed its license to a dual Apache 2 and GPL 2. Users are now petitioning on GitHub to have Facebook change the license of React.JS as well.

React.JS is a well-known and often used JavaScript Framework for frontend development. It is licensed as BSD + Patents. If you use React.JS and agreed to its license, and you decide to sue Facebook for patent issues, you are no longer allowed to use React.JS or any Facebook software released under this license.

Businesses

Nolan's Cinematic Vision in 'Dunkirk' is Hollywood's Best Defense Against Netflix (marketwatch.com) 179

There's nothing quite like filming a movie on film, according to the director Christopher Nolan. His new WWII film, Dunkirk, was shot entirely on epic 65mm, as opposed to digital. And it's receiving the widest release of that film format in recent history. But Nolan's views on doing things the way "they're meant to be done," isn't limited to just making a film. He also wants you watch the movie in the theatre, and not on streaming service Netflix, which he says he rarely uses. From a report: "Dunkirk," director Christopher Nolan's big budget war epic, is a filmmaker's film and a movie buff's dream with its wide, high-resolution 70mm format. It's like an expressionist painting, said ComScore media analyst Paul Dergarabedian. The Hollywood Reporter even said "Dunkirk" could launch a 70mm film renaissance. "I would always prefer and really recommend that everyone see it on Imax 70mm," Dergarabedian said. "People talk about 'they don't make movies like that anymore.' Well, this is that movie." Dunkirk, which opens across the U.S. this weekend, is a film that everyone will tell you has to be seen on the big screen. And that has rekindled the debate about the pros and cons of films opening in a theater versus being streamed by Netflix. In an interview with Indiewire ahead of the film's premiere, Nolan criticized Netflix for its "bizarre aversion to supporting theatrical films." Netflix, despite doubling down on its film business and looking to make inroads in the industry, has continued its controversial stance against Hollywood's theatrical window model. To the film industry's dismay, Netflix is still adopting a day and date release model -- dropping a movie on the streaming service the same day it hits theaters. Hollywood relies on the money moviegoers spend at the box office, and the industry is reluctant to give up the exclusive window of time that films are only in theaters, fearing it would cripple that income stream. "Dunkirk" is an impressive $150 million argument on behalf of cinema.
IT

For Seattle Women Called Alexa, Frustrating To Share Name With Amazon Device (seattletimes.com) 77

Reader reifman writes: Since Amazon introduced the Alexa-enabled Echo device in 2014, the jokes have become so omnipresent that Alexa Philbeck, 29, briefly considered changing, or at least obscuring, her name. The Seattle Times speaks to four women unfortunately called Alexa in a town that may soon be known as Seamazon.
Operating Systems

Slackware, Oldest Linux Distro Still In Active Development, Turns 24 63

sombragris writes: July 17 marked the 24th anniversary of Slackware Linux, the oldest GNU/Linux still in active development, being created in 1993 by Patrick Volkerding, who still serves as its BDFL. Version 14.2 was launched last year, and the development version (Slackware-current) currently offers kernel 4.9.38, gcc 7.1, glibc 2.25, mesa 17.1.5, and KDE and Xfce as official desktops, with many others available as 3rd party packages. Slackware is also among the Linux distributions which have not adopted systemd as its init system; instead, it uses a modified BSD init which is quite simple and effective. Slackware is known to be a solid, stable and fast setup, with easy defaults which is appreciated by many Linux users worldwide. Phoronix has a small writeup noting the anniversary and there's also a nice reddit thread.
Businesses

Verizon Accused of Throttling Netflix and YouTube, Admits To 'Video Optimization' (arstechnica.com) 51

New submitter dgatwood writes: According to an Ars Technica article, Verizon recently began experimenting with throttling of video traffic. The remarkable part of this story is not that a wireless ISP would throttle video traffic, but rather that Verizon's own Go90 video platform is also affected by the throttling. From the article, "Verizon Wireless customers this week noticed that Netflix's speed test tool appears to be capped at 10Mbps, raising fears that the carrier is throttling video streaming on its mobile network. When contacted by Ars this morning, Verizon acknowledged using a new video optimization system but said it is part of a temporary test and that it did not affect the actual quality of video. The video optimization appears to apply both to unlimited and limited mobile plans. But some YouTube users are reporting degraded video, saying that using a VPN service can bypass the Verizon throttling."
If even Verizon can get on board with throttling sans paid prioritization, why is Comcast so scared of the new laws that are about to go into effect banning it?

Mozilla

The New Firefox and Ridiculous Numbers of Tabs (metafluff.com) 203

An anonymous reader shares a blog post: I've got a Firefox profile with 1691 tabs. As you would expect, Firefox handled this profile quite poorly for a long time. I got used to multi-minute startup time, waiting 15-30 seconds for tabs from external apps to show up, and all manner of non-responsive behavior. And then, quite recently, everything changed. Right now, more effort is being put into making Firefox fast than I've seen since... well, since I've been working on Firefox. And I've been at Mozilla for more than a decade. Part of this effort is a project called Quantum Flow -- a bunch of engineers making changes that directly impact Firefox responsiveness. A lot of the improvement in this particular scenario is from Kevin Jones' work on bringing the overall cost of unloaded tabs as close to zero as possible. While the major work has landed, the work continues in Bug 906076. Test scenario: I took my 1691 tab browser profile, and did a wall-clock measurement of start-up time and memory use for Firefox versions 20, 30, 40, and 50 through 56. In the result, the person found that Firefox startup time has gotten worse over time... until Firefox 51.
Businesses

Google, Apple, Amazon Hit Record Lobbying Highs (axios.com) 83

An anonymous reader shares a report: The last three months brought record-high lobbying spending from four major tech companies: Google spent $5.93 million, Apple spent $2.2 million, Amazon spent $3.21 million, Uber spent $430,000. Facebook spent $2.38 million this quarter, up from the same period last year but far from a record. Microsoft's bill for the quarter was just over $2 million.
Transportation

Lyft Launches a New Self-driving Division and Will Develop Its Own Autonomous Ride-hailing Technology (techcrunch.com) 49

An anonymous reader shares a report: Lyft is betting the future of the road centers on sharing autonomous vehicles. It aims to be at the forefront of that technology with a new self-driving division and a self-driving system car manufacturers could plug into their self-driving cars. The company expects to hire "hundreds" of people for the new division by the end of next year and has just signed a lease for 50,000-square-feet on the first floor of a Palo Alto facility where it plans to build out several labs and open testing spaces. The building Lyft refers to as "Level 5" will be developing its new "open self-driving platform" and a combination hardware and software system still in development. Lyft hopes auto manufacturers will then bring in a fleet of autonomous cars to its ride-hailing network. The plan is somewhat similar to one Uber announced earlier. Lyft's larger rival uses Volvo's XC90 to test its self-driving tech on the roads. Uber announced earlier this year it was also partnering with Daimler to operate self-driving cars on its network.
China

Beijing Wants AI To Be Made In China By 2030 (nytimes.com) 160

Reader cdreimer writes: According to a report on The New York Times (may be paywalled, alternative story here): "If Beijing has its way, the future of artificial intelligence will be made in China. The country laid out a development plan on Thursday to become the world leader in A.I. by 2030, aiming to surpass its rivals technologically and build a domestic industry worth almost $150 billion. Released by the State Council, the policy is a statement of intent from the top rungs of China's government: The world's second-largest economy will be investing heavily to ensure its companies, government and military leap to the front of the pack in a technology many think will one day form the basis of computing. The plan comes with China preparing a multibillion-dollar national investment initiative to support "moonshot" projects, start-ups and academic research in A.I., according to two professors who consulted with the government about the effort."

Slashdot Top Deals