DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
Biotech

Theranos To Investors: Please Don't Sue! Here, Have Some More Shares (siliconbeat.com) 7

Theranos "plans to give additional shares to investors who pledge not to sue," reports the Wall Street Journal. An anonymous reader quotes Silicon Beat: The deal, which hasn't been disclosed publicly, was approved by the Palo Alto-based company's board last month, The Wall Street Journal reported, citing anonymous "people familiar with the matter." They said most investors have tentatively agreed to the deal. Those extra shares are coming from none other than founder and CEO Elizabeth Holmes' personal cache, the Journal reported. That means the beleaguered founder, who has remained stubbornly at the helm of her struggling startup even though federal regulators have barred her from running a medical lab for two years, would give up her majority ownership in the company.
Businesses

Over 14K 'Let's Encrypt' SSL Certificates Issued To PayPal Phishing Sites (bleepingcomputer.com) 60

BleepingComputer reports: During the past year, Let's Encrypt has issued a total of 15,270 SSL certificates that contained the word 'PayPal' in the domain name or the certificate identity. Of these, approximately 14,766 (96.7%) were issued for domains that hosted phishing sites, according to an analysis carried out on a small sample of 1,000 domains, by Vincent Lynch, encryption expert for The SSL Store... Lynch, who points out the abuse of Let's Encrypt's infrastructure, doesn't blame the Certificate Authority (CA), but nevertheless, points out that other CAs have issued a combined number of 461 SSL certificates containing the term "PayPal" in the certificate information, which were later used for phishing attacks... Phishers don't target these CAs because they're commercial services, but also because they know these organizations will refuse to issue certificates for certain hot terms, like "PayPal," for example. Back in 2015, Let's Encrypt made it clear in a blog post it doesn't intend to become the Internet's HTTPS watchdog.
Of course, some web browsers don't even check whether a certificate has been revoked. An anonymous reader writes: Browser makers are also to blame, along with "security experts" who tell people HTTPS is "secure," when they should point out HTTPS means "encrypted communication channel," and not necessarily that the destination website is secure.
IBM

A 21st-Century Version Of OS/2 Warp May Be Released Soon (arcanoae.com) 71

dryriver writes: A company named Arca Noae is working on a new release of the X86 OS/2 operating system code named "Blue Lion" and likely called ArcaOS 5 in its final release. Blue Lion wants to be a modern 21st Century OS/2 Warp, with support for the latest hardware and networking standards, a modern accelerated graphics driver, support for new cryptographic security standards, full backward compatibility with legacy OS/2, DOS and Windows 3.1 applications, suitability for use in mission-critical applications, and also, it appears, the ability to run "ported Linux applications". Blue Lion, which appears to be in closed beta with March 31st 2017 cited as the target release date, will come with up to date Firefox browser and Thunderbird mail client, Apache OpenOffice, other productivity tools, a new package manager, and software update and support subscription to ensure system stability. It is unclear from the information provided whether Blue Lion will be able to run modern Windows applications.
United Kingdom

UK Broadband Customers Set To Receive Millions In Compensation For Bad Service (thestack.com) 8

An anonymous reader quotes The Stack: British telecoms regulator Ofcom has revealed new plans which would see consumers who experience poor service automatically compensated, in cash or credit, by their landline or broadband providers. As part of the scheme, customers who have had to put up with delayed repairs, missed installation or engineer appointments, will be paid up to £30 in compensation, depending on the issue. According to Ofcom, 6 million landline and broadband customers could receive a total of around £185 million (approximately $230 million) in compensatory payments each year as a result of the policy. The regulator says every year U.K. repair technicians failed to show up for 250,000 repair appointments.
Robotics

US Workers Face A Higher Risk Of Being Replaced By Robots (cnn.com) 159

There's a surprising prediction for the next 15 years from the world's second largest professional services firm. An anonymous reader quotes CNN: Millions of workers around the world are at risk of losing their jobs to robots -- but Americans should be particularly worried. Thirty-eight percent of jobs in the U.S. are at high risk of being replaced by robots and artificial intelligence over the next 15 years, according to a new report by PwC. Meanwhile, only 30% of jobs in the U.K. are similarly endangered. The same level of risk applies to only 21% of positions in Japan.
61% of America's financial service jobs "are at a high risk of being replaced by robots," according to the article, vs. just 32% of the finance jobs in the U.K. (Those U.S. finance jobs tend to be "domestic retail operations" like small-town bank tellers, whereas U.K. finance jobs concentrate more in international finance and investment banking.) The firm's chief economist sees a world where new jobs are more likely to go to higher-skilled workers, and he ultimately predicts "a restructuring of the jobs market... The gap between rich and poor could get even wider."
Government

Terrifying Anti-Riot Vehicle Created To Quash Any Urban Disturbance (boingboing.net) 110

"Are you an urban police force thinking about how to control your fellow humans?" jokes Cory Doctorow. "Look no farther! Your pals at Bozena have an all-new RIOT system, a crowd-control killdozer for all your protest-suppressing needs!" He's one of several web commentators marveling at the marketing copy for a Slovenian company's new anti-riot machinery, also spotted by Slashdot reader drunkdrone. Some quotes from the BOZENA RIOT SYSTEM site about the device's features:
  • Easy attachable bulldozer blade.
  • The [6,600 pound] shield comes equipped with launching ports designed for use of guns or other rubber projectiles launchers.
  • The trailer is capable of displacing the water/foam or its mixtures (available additives: pepper or painting substances) under the high pressure into the distance of several dozen meters.
  • Communication with rioters through the loudspeakers.
  • Designed to control riots in streets and urbanized areas...intended predominantly for the special military and police units responsible for the CROWD CONTROL during the violent political/social demonstrations, against football hooligans, etc.

Google

Still More Advertisers Pull Google Ads Over YouTube Hate Videos (morningstar.com) 181

"A week after Google apologized for running customers' advertisements alongside objectionable videos, triggering a change in policy, its YouTube site is still rife with examples that are angering more big advertisers and causing some to cut spending with the tech giant," reports the Dow Jones Newswire. Reporters from the Wall Street Journal spotted ads from Microsoft, Amazon, and Procter & Gamble appearing on hate videos -- and thus indirectly funding them. An anonymous reader quotes their report: Asked about the Journal's finding that their ads were still appearing with such content on YouTube as of Thursday night, Coca-Cola, PepsiCo Inc., Wal-Mart Stores Inc. and Dish Network Corp. said Friday they were suspending spending on all Google advertising except targeted search ads. Starbucks Corp. and General Motors Co. said they were pulling their ads from YouTube. FX Networks, part of 21st Century Fox Inc., said it was suspending all advertising spending on Google, including search ads and YouTube. Wal-Mart said: "The content with which we are being associated is appalling and completely against our company values."
An executive at one of the affected companies complained that Google "had assured us over the past few days that our brands were safe from this type of content. Despite their assurances, it's clear they couldn't give assurance."
Businesses

SAS Mocked For Recommending 60% Proprietary Software, 40% Open Source (infoworld.com) 120

This week SAS wrote that open source technology "has its own, often unexpected costs," recommending organizations maintain a balance of 60% proprietary software to 40% open software. An anonymous reader quotes InfoWorld: How they arrived at this bizarre conclusion is hard to fathom, except that SAS sells more than $1 billion worth of proprietary software every year and presumably would like to continue, despite a clear trend toward open-source-powered analytics... In a Burtch Works survey of over 1,100 quant pros, 61.3% prefer open source R or Python to SAS, and only 38.6% opting for SAS, with that percentage growing for open source options every year.

Worse for SAS, a variety of open source data infrastructure and analytics tools threaten to encroach on its bastions in data management, business intelligence, and analytics... Nearly all innovation in data infrastructure is happening in open source, not proprietary software. That's a tide SAS can try to fight with white papers, but it would do better to join by embracing open source in its product suite.

"In the paper, SAS correctly argues that open source versus proprietary software is not an either/or decision..." writes InfoWorld, but they note that the report also "put the percentage of open source adopters at a mere 25%, which is pathetically wrong." The article suggests a hope that the report "is the product of a rogue field marketing team, and not the company's official position." Adobe's vice president of mobile commented on Twitter, "I just wonder who in their marketing dept thought this was a good idea."
Businesses

Comcast Launches New 24/7 Workplace Surveillance Service (philly.com) 120

America's largest ISP just rolled out a new service that allows small and medium-sized business owners "to oversee their organization" with continuous video surveillance footage that's stored in the cloud -- allowing them to "improve efficiency." An anonymous reader quotes the Philadelphia Inquirer: Inventory is disappearing. Workplace productivity is off. He said/she said office politics are driving people crazy. Who you gonna call...? Comcast Business hopes it will be the one, with the "SmartOffice" surveillance offering formally launched this week in Philadelphia and across "70 percent of our national [internet] service footprint," said Christian Nascimento, executive director of premise services for the Comcast division. Putting a "Smart Cities" (rather than "Big Brother is watching you") spin on "the growing trend for...connected devices across the private and public sectors," the SmartOffice solution "can provide video surveillance to organizations that want to monitor their locations more closely," Nascimento said...
The surveillance cameras are equipped with zoom lenses, night-vision, motion detection, and wide-angle lenses, while an app allows remote access to the footage from smartphones and tablets (though the footage can also be downloaded, or stored online for up to a month). Last year Comcast was heavily involved in an effort to provide Detroit's police department with real-time video feeds from over 120 local businesses, which the mayor said wouldn't have been successful "Without the complete video technology system Comcast provides."
Ubuntu

Ubuntu Linux 17.04 'Zesty Zapus' Final Beta Now Available For Download (betanews.com) 99

BrianFagioli writes: The final beta of Ubuntu 17.04 'Zesty Zapus' became available for download Thursday. While it is never a good idea to run pre-release software on production machines, Canonical is claiming that it should be largely bug free at this point. In other words, if you understand the risks, it should be a fairly safe. Home users aside, this is a good opportunity for administrators to conduct testing prior to the official release next month.

"The Ubuntu team is pleased to announce the final beta release of the Ubuntu 17.04 Desktop, Server, and Cloud products. Codenamed 'Zesty Zapus', 17.04 continues Ubuntu's proud tradition of integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution," says Adam Conrad, Canonical. "The team has been hard at work through this cycle, introducing new features and fixing bugs."

Cloud

Apache Hadoop Has Failed Us, Tech Experts Say (datanami.com) 109

It was the first widely-adopted open source distributed computing platform. But some geeks running it are telling Datanami that Hadoop "is great if you're a data scientist who knows how to code in MapReduce or Pig...but as you go higher up the stack, the abstraction layers have mostly failed to deliver on the promise of enabling business analysts to get at the data." Slashdot reader atcclears shares their report: "I can't find a happy Hadoop customer. It's sort of as simple as that," says Bob Muglia, CEO of Snowflake Computing, which develops and runs a cloud-based relational data warehouse offering. "It's very clear to me, technologically, that it's not the technology base the world will be built on going forward"... [T]hanks to better mousetraps like S3 (for storage) and Spark (for processing), Hadoop will be relegated to niche and legacy statuses going forward, Muglia says. "The number of customers who have actually successfully tamed Hadoop is probably less than 20 and it might be less than 10..."

One of the companies that supposedly tamed Hadoop is Facebook...but according to Bobby Johnson, who helped run Facebook's Hadoop cluster before co-founding behavioral analytics company Interana, the fact that Hadoop is still around is a "historical glitch. That may be a little strong," Johnson says. "But there's a bunch of things that people have been trying to do with it for a long time that it's just not well suited for." Hadoop's strengths lie in serving as a cheap storage repository and for processing ETL batch workloads, Johnson says. But it's ill-suited for running interactive, user-facing applications... "After years of banging our heads against it at Facebook, it was never great at it," he says. "It's really hard to dig into and actually get real answers from... You really have to understand how this thing works to get what you want."

Johnson recommends Apache Kafka instead for big data applications, arguing "there's a pipe of data and anything that wants to do something useful with it can tap into that thing. That feels like a better unifying principal..." And the creator of Kafka -- who ran Hadoop clusters at LinkedIn -- calls Hadoop "just a very complicated stack to build on."
Privacy

'Why The US Senate's Vote To Throw Out ISP Privacy Laws Isn't All Bad' (technologyreview.com) 93

"Nobody wants their data spread far and wide," write two associate editors at MIT Technology Review, "but the FCC's rules were an inconsistent solution to a much larger problem." An anonymous reader writes: They point out the rules passed in October "weren't even yet in effect," but more importantly -- they only would've applied to ISPs. "[T]he reality is that the U.S. doesn't have a baseline law that governs online privacy," and the truth is, it never did. "The FCC's new privacy rules would have been dramatic, to be sure -- but they would only have addressed one piece of the problem, leaving companies like Facebook and Google free to continue doing much the same thing.
While the repeal still needs approval in the U.S. House of Representatives and the president's signature, their article argues that what's really needed is "a more consistent approach to privacy."
Transportation

Uber Halts Self-Driving Car Tests in Arizona After Friday Night Collision (businessinsider.com) 200

"Given that the Uber vehicle has flipped onto its side it looks to be a high speed crash," writes TechCrunch, though Business Insider reports that no one was seriously injured. An anonymous reader quotes their report: A self-driving Uber car was involved in an accident on Friday night in Tempe, Arizona, in one of the most serious incidents to date involving the growing fleet of autonomous vehicles being tested on U.S. roads... Uber has halted its self-driving-car pilot in Arizona and is investigating what caused the incident... A Tempe police spokesperson told Bloomberg that the Uber was not at fault in the accident and was hit by another car which failed to yield. Still, the collision will likely to turn up the temperature on the heated debate about the safety of self-driving cars.
Security

Anti-Virus Vendors Scramble To Patch Hijacking Exploit Involving Microsoft Tool (securityweek.com) 41

"A zero-day attack called Double Agent can take over antivirus software on Windows machines," Network World reported Wednesday. wiredmikey writes: The attack involves the Microsoft Application Verifier, a runtime verification tool for unmanaged code that helps developers find subtle programming errors in their applications... [The exploit] allows a piece of malware executed by a privileged user to register a malicious DLL for a process associated with an antivirus or other endpoint security product, and hijack its agent.
Patches were released by Malwarebytes, AVG, and Trend Micro, the security researchers told BleepingComputer earlier this week. Kaspersky Lab told ZDNet "that measures to detect and block the malicious scenario have now been added to all its products," while Norton downplayed the exploit, saying the attack "would require physical access to the machine and admin privileges to be successful," with their spokesperson "adding that it has deployed additional detection and blocking protections in the unlikely event users are targeted."

BetaNews reports that the researchers "say that it is very easy for antivirus producers to implement a method of protection against this zero-day, but it is simply not being done. 'Microsoft has provided a new design concept for antivirus vendors called Protected Processes...specially designed for antivirus services...the protected process infrastructure only allows trusted, signed code to load and has built-in defense against code injection attacks.'"
Government

After Healthcare Defeat, Can The Trump Administration Fix America's H-1B Visa Program? (bloomberg.com) 408

Friday the Trump administration suffered a political setback when divisions in the president's party halted a move to repeal healthcare policies passed in 2010. But if Trump hopes to turn his attention to how America's H-1B visa program is affecting technology workers, "time is running out," writes Slashdot reader pteddy. Bloomberg reports: [T]he application deadline for the most controversial visa program is the first week of April, which means new rules have to be in place for that batch of applicants or another year's worth of visas will be handed out under the existing guidelines... There probably isn't enough time to pass legislation on such a contentious issue. But Trump could sign an executive order with some changes. The article points out that under the current system, one outsourcing firm was granted 6.5 times as many U.S. visas as Amazon. There's also an interesting map showing which countries' workers received the most H-1B visas in 2015 -- 69.4% went to workers in India, with another 10.5% going to China -- and a chart showing which positions are most in demand, indicating that two-thirds of the visa applications are for tech workers.

Slashdot Top Deals