Slashdot_Main

Reporter Regrets Letting Amazon's Delivery People Into His House

4 days 3 hours ago
An anonymous reader writes: Washington Post reporter Geoffrey A. Fowler describes his short-lived experience with "Amazon Key", a $250 smart lock system with a security camera that grants Amazon's delivery people access to your home. The lock sounds "like R2-D2 with constipation," and at one point it actually jammed (though his persistent delivery person eventually got it working properly). The unlocking of the door triggers a live video feed of the delivery -- which is also stored in a private archive online -- plus an alert to your phone -- and the Post's reporter writes that "The biggest downsides to the experience haven't been the strangers -- it's been Amazon." They missed their delivery windows four out of eight times, and though the packages all arrived eventually, all four were late by a least a day. But his larger issue is that Amazon "wants to draw you further into an all-Amazon world... Now Amazon wants to literally own your door, so it can push not just packages but also services that come through it, like handymen, dog-walkers, groceries, you name it." His ultimate question? "Who's really being locked in?" The Post's reporter notes that Amazon CEO Jeff Bezos owns the Washington Post, "but I review all tech the same." He did identify some advantages to the $250 smart lock system -- the door can now also be unlocked with the Amazon Key app, and he can even share that access with his friends by giving them a special access code. But he also notes that security researchers discovered a way to freeze Amazon's security camera, potentially allowing a rogue delivery person to lurk in your house. And all things considered, it was apparently all too creepy. "After two weeks, my family voted to remove the Amazon Key smart lock and take down the camera."

Read more of this story at Slashdot.

EditorDavid

Patreon Hits Donors With New Fees, Angering Creators

4 days 4 hours ago
Patreon's changing their fee structure to make donors cover payment-processing fees (standardized to 2.9%) -- plus an additional 35 cents for every pledge. Long-time Slashdot reader NewtonsLaw reports that Patreon's users are furious: Despite Patreon's hype that this is a good thing for creators, few of these actually seem to agree and there's already a growing backlash on social media... many fear that their net return will be lower because the extra fees levied on patreons are causing them to either reduce the amount they pledge or withdraw completely... For those patrons supporting only a few creators the effect won't be large, but for those who make small donations to many creators this could amount to a hike of almost 40% in the amount charged to their credit cards. Without exception, all the content creators I have spoken to would have: a) liked to have been consulted first b) wanted the option to retain the old system where they bear the cost of the fees. As a content creator, I've already seen quite a few of my patreons reducing their pledge and others canceling their pledges completely -- and I understand why they are doing that. "Everyone hates Patreon's new fee," writes VentureBeat, adding "Many creators are saying it's unfair for patrons to have to pay transaction fees. In addition to that, most people support multiple creators and not just one, and they'll have to pay the extra fee for each pledge they make." Tech journalist Bryan Lunduke is already soliciting suggestions on Twitter for an open source or Free Software solution that accepts donations from multiple payment systems, and while the change doesn't go into effect until December 18th, NewtonsLaw writes that "it's starting to look as if many content creators will be getting a slightly larger percentage of a much smaller amount as a result of this lunacy by Patreon -- something that will see them far worse off than the were before."

Read more of this story at Slashdot.

EditorDavid

People Keep Finding Hidden Cameras in Their Airbnbs

4 days 5 hours ago
"Airbnb has a scary problem on their hands: People keep finding hidden cameras in their rental homes," reports the New York Post. "Another host was busted last month trying to film guests without their knowledge -- marking the second time since October that the company has had to publicly deal with this sort of incident." BuzzFeed reports: In October, an Indiana couple visiting Florida discovered a hidden camera disguised as a smoke detector in their Airbnb's master bedroom. Earlier that same year Airbnb was forced to investigate and suspend a Montreal listing after one of the renters discovered a camera in the bedroom of the property... Hidden cameras aren't just an issue for Airbnb -- it's been a hot-button topic in hospitality for years. There are hundreds of stories about hotels using unlawful surveillance. [For example, this one.] Airbnb recommends its customers read the reviews of the host of any rental property they might be interested in, and also offers an on-platform messaging tool that allows communication between host and guests... "Cameras are never allowed in bathrooms or bedrooms; any other cameras must be properly disclosed to guests ahead of time," Airbnb spokesperson Jeff Henry told BuzzFeed News. This time the couple discovered hidden cameras that were disguised as a motion detectors. Airbnb says they've permanently banned the offending host -- and offered his guests a refund -- adding that this type of incident was "incredibly rare."

Read more of this story at Slashdot.

EditorDavid

Sexual Harassment In Tech Is As Old As the Computer Age

4 days 7 hours ago
Tekla Perry writes: Historian Marie Hicks, speaking at the Computer History Museum talks about how women computer operators and programmers were driven out of the industry, gives examples of sexual harassment dating back to the days of the Colossus era, and previews her next research. "It's all a matter of power, Hicks pointed out -- and women have never had their share of it," reports IEEE Spectrum. "Women dominated computer programming in its early days because the field wasn't seen as a career, just a something someone could do without a lot of training and would do for only a short period of time. Computer jobs had no room for advancement, so having women 'retire' in their 20s was not seen as a bad thing. And since women, of course, could never supervise men, Hicks said, women who were good at computing ended up training the men who ended up as their managers. But when it became clear that computers -- and computer work -- were important, women were suddenly pushed out of the field." Hicks has also started looking at the bias baked into algorithms, specifically at when it first crossed from human to computer. The first example she turned up had "something to do with transgender people and the government's main pension computer." She says that when humans were in the loop, petitions to change gender on national insurance cards generally went through, but when the computer came in, the system was "specifically designed to no longer accommodate them, instead, to literally cause an error code to kick out of the processing chain any account of a 'known transsexual.'"

Read more of this story at Slashdot.

BeauHD

Reading Information Aloud To Yourself Improves Memory

4 days 10 hours ago
According to a study in the journal Memory, reading aloud works by creating a "production effect" which cements information in your memory. Meanwhile, hearing words said in your own voice personalizes the references and enhances recollection, according to psychology professor Colin MacLeod and researchers from the University of Waterloo in Ontario, Canada. Quartz reports: The findings are based on a study of 95 students (75 of whom returned for a second session) at the University of Waterloo. The students were tested on their ability to recall written information inputted in four different ways -- reading silently, hearing someone else read, listening to a recording of oneself reading, and reading aloud in real time. They were tested on recollection of short, four-to-six letter words on a list of 160 terms. The results show that reading information aloud to oneself led to the best recall. Oral production is effective because it has two distinctive components, a motor or speech act and a personal auditory input, the researchers explain. "[The] results suggest that production is memorable in part because it includes a distinctive, self-referential component. This may well underlie why rehearsal is so valuable in learning and remembering," the study concludes. "We do it ourselves, and we do it in our own voice. When it comes time to recover the information, we can use this distinctive component to help us to remember."

Read more of this story at Slashdot.

BeauHD

Toyota's New Power Plant Will Create Clean Energy From Manure

4 days 13 hours ago
schwit1 shares a report from Futurism: Japanese automobile giant Toyota is making some exciting moves in the realm of renewable, clean energy. The company is planning to build a power plant in California that turns the methane gas produced by cow manure into water, electricity, and hydrogen. The project, known as the Tri-Gen Project, was unveiled at this year's Los Angeles Auto Show. The plant, which will be located at the Port of Long Beach in California, will be "the world's first commercial-scale 100% renewable power and hydrogen generation plant," writes USA Today. Toyota is expecting the plant to come online in about 2020. The plant is expected to have the capability to provide enough energy to power 2,350 average homes and enough fuel to operate 1,500 hydrogen-powered vehicles daily. The company is estimating the plant to be able to produce 2.35 MW of electricity and 1.2 tons of hydrogen each day. The facility will also be equipped with one of the largest hydrogen fueling stations in the world. Toyota's North America group vice president for strategic planning, Doug Murtha, says that the company "understand[s] the tremendous potential to reduce emissions and improve society."

Read more of this story at Slashdot.

BeauHD

People Who Can't Remember Their Bitcoin Passwords Are Really Freaking Out Now

4 days 17 hours ago
An anonymous reader quotes a report from Slate: Bitcoin has had quite a week. On Thursday, the cryptocurrency surged past $19,000 a coin before dropping down to $15,600 by Friday midday. The price of a single Bitcoin was below $1,000 in January. Any investors who bought Bitcoins back in 2013, when the price was less than $100, probably feel pretty smart right now. But not all early cryptocurrency enthusiasts are counting their coins. Instead they might be racking their brains trying to remember their passwords, without which those few Bitcoins they bought as an experiment a few years ago could be locked away forever. That's because Bitcoin's decentralization relies on cryptography, where each transaction is signed with an identifier assigned to the person paying and the person receiving Bitcoin. "I've tried to ignore the news about Bitcoin completely," joked Alexander Halavais, a professor of social technology at Arizona State University, who said he bought $70 of Bitcoin about seven years as a demonstration for a graduate class he was teaching at the time but has since forgotten his password. "I really don't want to know what it's worth now," he told me. "This is possibly $400K and I'm freaking the fuck out. I'm a college student so this would change my life lmao," wrote one Reddit user last week. The user claimed to have bought 40 bitcoins in 2013 but can't remember the password now. "A few years ago, I bought about 20 euros worth of bitcoin, while it was at around 300eur/btc.," lamented another Reddit user earlier this week. "Haven't looked at it since, and recently someone mentioned the price had hit 10.000usd. So, I decided to take a look at my wallet, but found that it wasn't my usual password. I have tried every combination of the password variations I usually use, but none of them worked."

Read more of this story at Slashdot.

BeauHD

Insurers Are Rewarding Tesla Owners For Using Autopilot

4 days 19 hours ago
Britain's largest auto insurance company Direct Line is testing out an idea to let Tesla owners receive a 5% discount for switching on the car's autopilot system, seeking to encourage use of a system it hopes will cut down on accidents. Reuters reports: The move - confirmed by company representatives in response to Reuters' questions - is Tesla's only tie-up in the UK and comes at a time when the company is trying to convince insurers that its internet-connected vehicles are statistically safer. Direct Line said it was too early to say whether the use of the autopilot system produced a safety record that justified lower premiums. It said it was charging less to encourage use of the system and aid research. "Crash rates across all Tesla models have fallen by 40 percent since the introduction of the autopilot system ... However, when owners seek to insure their Tesla vehicles, this is not reflected in the pricing of premiums," Daniel Pearce, Financial Analyst at GlobalData, said. Direct Line, which is enjoying soaring motor insurance prices in Britain, said it sets premiums for Tesla drivers based on the risk they present, including who is driving, their age, driving experience and claim history.

Read more of this story at Slashdot.

BeauHD

Zero-Day iOS HomeKit Vulnerability Allowed Remote Access To Smart Accessories Including Locks

4 days 20 hours ago
Apple has issued a fix to a vulnerability that allowed unauthorized control of accessories, including smart locks and garage door openers. "Our understanding is Apple has rolled out a server-side fix that now prevents unauthorized access from occurring while limiting some functionality, and an update to iOS 11.2 coming next week will restore that full functionality," reports 9to5Mac. From the report: The vulnerability, which we won't describe in detail and was difficult to reproduce, allowed unauthorized control of HomeKit-connected accessories including smart lights, thermostats, and plugs. The most serious ramification of this vulnerability prior to the fix is unauthorized remote control of smart locks and connected garage door openers, the former of which was demonstrated to 9to5Mac. The issue was not with smart home products individually but instead with the HomeKit framework itself that connects products from various companies. The vulnerability required at least one iPhone or iPad on iOS 11.2, the latest version of Apple's mobile operating system, connected to the HomeKit user's iCloud account; earlier versions of iOS were not affected.

Read more of this story at Slashdot.

BeauHD

'Process Doppelganging' Attack Bypasses Most Security Products, Works On All Windows Versions

4 days 20 hours ago
An anonymous reader quotes a report from Bleeping Computer: Yesterday, at the Black Hat Europe 2017 security conference in London, two security researchers from cyber-security firm enSilo have described a new code injection technique called "Process Doppelganging." This new attack works on all Windows versions and researchers say it bypasses most of today's major security products. Process Doppelganging is somewhat similar to another technique called "Process Hollowing," but with a twist, as it utilizes the Windows mechanism of NTFS Transactions. "The goal of the technique is to allow a malware to run arbitrary code (including code that is known to be malicious) in the context of a legitimate process on the target machine," Tal Liberman & Eugene Kogan, the two enSilo researchers who discovered the attack told Bleeping Computer. "Very similar to process hollowing but with a novel twist. The challenge is doing it without using suspicious process and memory operations such as SuspendProcess, NtUnmapViewOfSection. In order to achieve this goal we leverage NTFS transactions. We overwrite a legitimate file in the context of a transaction. We then create a section from the modified file (in the context of the transaction) and create a process out of it. It appears that scanning the file while it's in transaction is not possible by the vendors we checked so far (some even hang) and since we rollback the transaction, our activity leaves no trace behind." The good news is that "there are a lot of technical challenges" in making Process Doppelganging work, and attackers need to know "a lot of undocumented details on process creation." The bad news is that the attack "cannot be patched since it exploits fundamental features and the core design of the process loading mechanism in Windows." More research on the attack will be published on the Black Hat website in the following days.

Read more of this story at Slashdot.

BeauHD

Google Puts Android Accessibility Crackdown On Hold

4 days 21 hours ago
Last month, Google issued a warning to Android app developers that they will no longer be able to access Android accessibility service functions in their apps, unless they can demonstrate that those functions are specifically used to help users with "disabilities." Since a lot of password managers use the Accessibility API, as well as poplar apps like Tasker automation and Greenify battery saver, there was a large amount of backlash from developers and users alike. According to SlashGear, Google is putting the Android accessibility crackdown on hold. From the report: Google has now sent another email that basically says "we'll think about it." It is evaluating "responsible and innovative use" of those services on a case to case basis. It is also requiring developers to explicitly inform users why they are asking for accessibility permissions rather than just informing them. This, of course, puts a heavier burden on Google, as it has to be more involved in the screening of apps rather than just rely on good ol' machine learning and automation. Developers and users probably won't mind, if it means still having access to those features that make Android a platform above all the rest.

Read more of this story at Slashdot.

BeauHD

Elon Musk Says Tesla Is Building Dedicated Chips For Autopilot

4 days 22 hours ago
Elon Musk says Tesla is developing its own chip to run the Autopilot system in future vehicles from the firm. The news was revealed at a Tesla party that took place at the intelligence conference NIPS. Attendees at the party told The Register that Musk said, "I wanted to make it clear that Tesla is serious about AI, both on the software and hardware fronts. We are developing custom AI hardware chips." From the report: Musk offered no details of his company's plans, but did tell the party that "Jim is developing specialized AI hardware that we think will be the best in the world." "Jim" is Jim Keller, a well-known chip engineer who was lead architect on a range of silicon at AMD and Apple and joined Tesla in 2016. Keller later joined Musk on a panel discussing AI at the Tesla Party alongside Andrej Karpathy, Tesla's Director of AI and chaired by Shivon Zilis, a partner and founding member at Bloomberg Beta, a VC firm. Musk is well known for his optimism about driverless cars and pessimism about whether AI can operate safely. At the party he voiced a belief that "about half of new cars built ten years from now will be autonomous." He added his opinion that artificial general intelligence (AGI) will arrive in about seven or eight years.

Read more of this story at Slashdot.

BeauHD

Apple Is Reportedly Buying Shazam For Nearly Half a Billion Dollars

4 days 22 hours ago
Apple is close to acquiring Shazam, one of the most recognized services for music recognition. While the exact amount is unknown, the service may be purchased by Apple for around $400 million. PhoneDog reports: Apple is close to acquiring Shazam, say sources speaking to TechCrunch. The deal will reportedly be signed this week and could be announced as early as next Monday. A report from Recode echoes the news of Apple acquiring Shazam, adding that Shazam will likely be valued at around $400 million. Apple -- and other companies -- already offer a music recognition service, but Apple must see something in Shazam's services that it thinks can help improve its own music recognition if it's going to drop nearly half a billion dollars on this deal. Shazam is able to identify TV shows, films, and advertisements in addition to music, so perhaps Apple sees some benefit to these abilities, too.

Read more of this story at Slashdot.

BeauHD

Chrome 63 Offers Even More Protection From Malicious Sites, Using Even More Memory

4 days 22 hours ago
An anonymous reader quotes a report from Ars Technica: To further increase its enterprise appeal, Chrome 63 -- which hit the browser's stable release channel yesterday -- includes a couple of new security enhancements aimed particularly at the corporate market. The first of these is site isolation, an even stricter version of the multiple process model that Chrome has used since its introduction. Chrome uses multiple processes for several security and stability reasons. On the stability front, the model means that even if a single tab crashes, other tabs (and the browser itself) are unaffected. On the security front, the use of multiple processes makes it much harder for malicious code from one site to steal secrets (such as passwords typed into forms) of another. [...] Naturally, this greater use of multiple processes incurs a price; with this option enabled, Chrome's already high memory usage can go up by another 15 to 20 percent. As such, it's not enabled by default; instead, it's intended for use by enterprise users that are particularly concerned about organizational security. The other new capability is the ability for administrators to block extensions depending on the features those extensions need to use. For example, an admin can block any extension that tries to use file system access, that reads or writes the clipboard, or that accesses the webcam or microphone. Additionally, Google has started to deploy TLS 1.3, the latest version of Transport Layer Security, the protocol that enables secure communication between a browser and a Web server. In Chrome 63, this is only enabled between Chrome and Gmail; in 2018, it'll be turned on more widely.

Read more of this story at Slashdot.

BeauHD

The Neon Glow of Tokyo Modified Car Culture

4 days 23 hours ago
Jason Kottke: New Zealand drift racer Mike Whiddett recently travelled to Japan to explore Tokyo's "extraordinary after-dark modified auto scene." He found people making California-style lowriders, Dekotora (my favorite, if only for the sheer spectacle), illegally modified cars, and a man who says with a straight face that "driving an unmodified Lamborghini is boring."

Read more of this story at Slashdot.

msmash

Twitter Says It Accidentally Banned A Bunch Of Accounts

5 days ago
An anonymous reader shares a report: Over the past 24 hours, some Twitter users had their profiles replaced with a notice saying their accounts were now being "withheld in: Worldwide." The "country withheld" program run by Twitter typically prevents users based in a specific country from from seeing tweets sent by a withheld account. This was the first time people could recall the company withholding accounts globally, which was in effect a total ban for the user. At the time of writing, BuzzFeed News had identified 21 accounts that were being withheld worldwide, and users on Twitter were beginning to wonder if this was a new method being used by the company to suspend accounts. But a Twitter spokesperson tells BuzzFeed News that the worldwide withholdings were in fact the result of a bug. "We have identified a bug that incorrectly impacted certain accounts. We have identified a fix, are working to resolve the issue, and anticipate it will be fully resolved shortly," the spokesperson told BuzzFeed News.

Read more of this story at Slashdot.

msmash

YouTube to Launch New Music Subscription Service in March

5 days 1 hour ago
An anonymous reader shares a report: YouTube plans to introduce a paid music service in March, according to people familiar with the matter, a third attempt by parent company Alphabet Inc. to catch up with rivals Spotify and Apple. The new service could help appease record-industry executives who have pushed for more revenue from YouTube. Warner Music Group, one of the world's three major record labels, has already signed on, said the people, who asked not to be identified discussing private talks. YouTube is also in talks with the two others, Sony Music Entertainment and Universal Music Group, and Merlin, a consortium of independent labels, the people said.

Read more of this story at Slashdot.

msmash

'Nature' Editorial Juxtaposes FOIA Email Release With Illegal Hacking

5 days 2 hours ago
Jason Koebler and Sarah Emerson, reporting for Motherboard: Private emails between scientists working on a controversial genetic technology called "gene drive" were released last week. Obtained through a Freedom of Information Act (FOIA) request, their publication has been criticized by some as an attempt to discredit the science community. Gene drives are a genetic engineering approach with huge implications. They're meant to seed genetic traits -- one that stops mosquitoes from carrying malaria, for instance, or hampers invasive rodents' ability to reproduce -- in a population, and with terrifyingly high odds of inheritance. If things go wrong, gene drives could destabilize ecosystems. (So far, they've only been applied to yeast, fruit flies, and mosquitoes in a lab setting.) More ideally, they could wipe out deadly plagues by targeting their vectors, or give threatened species a fighting chance. Like any young technology, there are a lot of unknowns, and stakeholders are hoping to provide clarity at the United Nations Convention on Biological Diversity next year; the same convention where a proposed gene drive moratorium was rejected in 2016. The emails and other documents reveal details about gene drive's biggest funders, including DARPA, the US military's research agency.

Read more of this story at Slashdot.

msmash

Zimbabwe's Internet Went Down for About Five Hours. The Culprit Was Reportedly a Tractor.

5 days 2 hours ago
Zimbabweans lost internet access en masse on Tuesday when a tractor reportedly cut through key fiber-optic cables in South Africa and another internet provider experienced simultaneous issues with its primary internet conduits. From a report: The outage began shortly before noon local time and persisted for more than five hours, affecting not only citizens' day-to-day internet usage but businesses that rely upon web access. And while five internet-free hours might sound unfathomable to those of us accustomed to having the web constantly at our fingertips, large-scale internet outages -- from inadvertent lapses caused by ship anchors to government-calculated blackouts designed to showcase political power -- do happen, and maybe more frequently than you'd thought. According to local news sources, a tractor in South Africa damaged cables belonging to Liquid Telecom, which has an 81.5 percent market share of Zimbabwe's international-equipped internet bandwidth as of the second quarter of 2017 and leases capacity to other internet providers. In a bad coincidence, city council employees in Kuwadzana, a suburb of Zimbabwe's capitol city of Harare, cut an additional TelOne cable around the same time. (According to NewsDay Zimbabwe, it was an accident. The company blamed "faults that occurred on our main links through South Africa and Botswana" in a statement.)

Read more of this story at Slashdot.

msmash
Checked
35 minutes 44 seconds ago
News for nerds, stuff that matters
Subscribe to Slashdot_Main feed