Android

Malicious Apps Brought Ad-Clicking 'Judy' Malware To Millions Of Android Phones (fortune.com) 1

An anonymous reader quotes Fortune: The security firm Checkpoint on Thursday uncovered dozens of Android applications that infected users' devices with malicious ad-click software. In at least one case, an app bearing the malware was available through the Google Play app store for more than a year. While the actual extent of the malicious code's spread is unknown, Checkpoint says it may have reached as many as 36.5 million users, making it potentially the most widely-spread malware yet found on Google Play... The nefarious nature of the programs went unnoticed in large part, according to Checkpoint, because its malware payload was downloaded from a non-Google server after the programs were installed. The code would then use the infected phone to click on Google ads, generating fraudulent revenue for the attacker.
Networking

New Privacy Vulnerability In IOT Devices: Traffic Rate Metadata (helpnetsecurity.com) 9

Orome1 quotes Help Net Security: Even though many IoT devices for smart homes encrypt their traffic, a passive network observer -- e.g. an ISP, or a neighborhood WiFi eavesdropper -- can infer consumer behavior and sensitive details about users from IoT device-associated traffic rate metadata. A group of researchers from the Computer Science Department of Princeton University have proven this fact by setting up smart home laboratory with a passive network tap, and examining the traffic rates of four IoT smart home devices: a Sense sleep monitor, a Nest Cam Indoor security camera, a WeMo smart outlet, and an Amazon Echo smart speaker... "Once an adversary identifies packet streams for a particular device, one or more of the streams are likely to encode device state. Simply plotting send/receive rates of the streams revealed potentially private user interactions for each device we tested," the researchers noted. [PDF]
In addition, the article notes, "Separating recorded network traffic into packet streams and associating each stream with an IoT device is not that hard."
Government

Silicon Valley Continues To Explore Universal Basic Incomes (siliconvalley.com) 88

A Silicon Valley Congressman "is pushing for a plan that has been described as a first step toward universal basic income...a long-shot $1 trillion expansion to the earned income tax credit that is already available to low-income families." An anonymous reader quotes the Mecury News: Stanford University also has created a Basic Income Lab to study the idea, and the San Francisco city treasurer's office has said it's designing pilot tests -- though the department told this news organization it has no updates on the status of that project... The problem is that giving all Americans a $10,000 annual income would cost upwards of $3 trillion a year -- more than three-fourths of the federal budget, said Bob Greenstein, president of Washington, D.C.-based Center for Budget and Policy Priorities. Some proponents advocate funding the move by cutting programs like food stamps and Medicaid. But that approach would take money set aside for low-income families and redistribute it upward, exacerbating poverty and inequality, Greenstein said... Jennifer Lin, deputy director of the East Bay Alliance for a Sustainable Economy, is skeptical that basic income can do much lasting good in Oakland. What the city needs is more high-paying jobs and affordable housing, she said... The idea, [Sam Altman, president of Y Combinator] said at the Commonwealth Club, tackles the question not enough people are asking: "What do we as the tech industry do to solve the problem that we're helping to create?"
This summer Y Combinator is expected to announce a larger Universal Basic Income program, though the article also describes "small pilot studies" in the 1960s and 1970s in Canada and in several U.S. states including New Jersey, Pennsylvania, North Carolina, Iowa and Indiana, where "Some studies showed improvements in participants' physical and mental health, and found children performed better in school or stayed in school longer. But some also showed that people receiving a basic income were inclined to spend fewer hours working."
Biotech

Researchers Found Perfect Contraceptives In Traditional Chinese Medicine (inverse.com) 78

hackingbear writes: Researchers at U.C. Berkeley found a birth control that was hormone-free, 100 percent natural, resulted in no side effects, didn't harm either eggs nor sperm, could be used in the long-term or short-term, and -- perhaps the best part of all -- could be used either before or after conception, from ancient Chinese folk medicine... "Because these two plant compounds block fertilization at very, very low concentrations -- about 10 times lower than levels of levonorgestrel in Plan B -- they could be a new generation of emergency contraceptive we nicknamed 'molecular condoms,'" team leader Polina Lishko.
Cloud

Is Amazon's AWS Hiring 'Demolishing The Cult Of Youth'? (redmonk.com) 85

Tech analyst James Governor argues that Amazon's cloud business is "demolishing the cult of youth." It just announced it is hiring James Gosling, one of the original inventors of Java... Meanwhile James Hamilton continues to completely kick ass in compute, network, and data center design for AWS... He's in his 50s. Tim Bray, one of the inventors of XML, joined Amazon in 2014. He's another Sun alumni. He's 61 now. He still codes. When you sit down with one of the AWS engineering teams you're sitting down with grownups... Adrian Cockcroft joined AWS in October 2016. He graduated in 1982, not 2002. He is VP Cloud Architecture Strategy at AWS, a perfect role for someone that helped drive Netflix's transition from on-prem Java hairball to serious cloud leadership.

Great engineering is not maths -- it involves tradeoffs, wisdom and experience... The company puts such a premium on independent groups working fast and making their own decisions it requires a particular skillset, which generally involves a great deal of field experience. A related trend is hiring seasoned marketing talent from the likes of IBM. Some other older companies have older distinguished engineers because they grew up with the company. AWS is explicitly bringing that experience in. It's refreshing to the see a different perspective on value.

In a later post the analyst acknowledges engineering managers are generally older than their reports, but adds that "If AWS sees value in hiring engineering leadership from folks that are frankly a bit older than the norm in the industry, isn't that worth shining a light on?" In response to the article, XML inventor Tim Bray suggested a new acronym: GaaS. "Geezers as a service," while Amazon CTO Werner Vogels tweeted "There is no compression algorithm for experience."
Transportation

New Details On Sergey Brin's Plan For The World's Largest Aircraft (theguardian.com) 83

An anonymous reader shares The Guardian's report on plans for a new aircraft that's two-and-a-half times the size of a 747. Google co-founder Sergey Brin is building a hi-tech airship in Silicon Valley destined to be the largest aircraft in the world, according to multiple sources with knowledge of the project. "It's going to be massive on a grand scale," said one, adding that the airship is likely to be nearly 200 meters [656 feet] long... Brin wants the gargantuan airship, funded personally by the billionaire, to be able to deliver supplies and food on humanitarian missions to remote locations. However, it will also serve as a luxurious intercontinental "air yacht" for Brin's friends and family.

One source put the project's price tag at $100m to $150m. Igor Pasternak, an airship designer who was involved in the early stages of the project, believes airships could be as revolutionary for the trillion-dollar global cargo market as the internet was for communications. "Sergey is pretty innovative and forward looking," he said. "Trucks are only as good as your roads, trains can only go where you have rails, and planes need airports. Airships can deliver from point A to point Z without stopping anywhere in between."

The Guardian quips that while Brin's plans may stay secret for a while, "the good news is that the first flight test of such an enormous aircraft will be impossible to hide."
Chrome

Even For Businesses, Chrome Is The Top Browser (computerworld.com) 65

An anonymous reader shares Computerworld's interview with David Michael Smith of Gartner. "Most enterprises still have a 'standard' browser, and most of the time, that's something from Microsoft. These days it's IE11. But we've found that people actually use Chrome more than IE... It's the most-used browser in enterprise," he said... IE retains a sizable share -- Smith called it "a significant presence" -- largely because it's still required in most companies. "There are a lot of [enterprise] applications that only work in IE, because [those apps] use plug-ins," Smith said, ticking off examples like Adobe Flash, Java and Microsoft's own Silverlight. "Anything that requires an ActiveX control needs IE."

Many businesses have adopted the two-prong strategy that Gartner and others began recommending years ago: Keep a "legacy" browser to handle older sites, services and web apps, but offer another for everything else... Chrome, said Smith, is now the "overwhelming choice" as the modern enterprise browser... Smith wasn't optimistic that Edge would supplant Chrome, even when Windows 10 is widely deployed on corporate computers in the next few years. "Edge certainly will have opportunities" once Windows 10 is the enterprise-standard OS, "but I would say that Chrome has a lot of momentum, largely for the fact that it is so popular on the internet."

While a year ago Chrome and Microsoft's browsers both held 41% of the browser market share, now Chrome holds 59% to just 24% for both IE and Edge combined.
Iphone

Working Theory In Jet Crash: IPhone In Cockpit Is To Blame (appleinsider.com) 104

Apple Insider reports: Apple on Friday said that it's open to cooperation with French authorities, who are exploring the possibility that two of the company's devices were linked to the crash of EgyptAir Flight 804 in 2016. The flight's first officer may have plugged an iPhone 6s and an iPad mini 4 into the wrong socket in the jet's cockpit, French officials told Le Parisien. That may have triggered runaway heat, in turn sparking a fire.

At the moment, the investigation is being helped by an engineer from the French National Center for Scientific Research, as well as two people fron the French defense ministry, including a physics professor and an engineer specializing in batteries. Results from the investigation should be submitted by Sept. 30. Apple told the Parisien that it wasn't aware of evidence linking its devices to the EgyptAir disaster.

AI

Google Go-Playing A.I. Retires To Focus On Energy Conservation And Medicine (engadget.com) 100

After "narrowly" beating the world's top Go player, what's left for Google's AlphaGo AI? Engadget reports: Now that it has nothing left to prove, the AI is hanging up its boots and leaving the world of competitive Go behind. AlphaGo's developers from Google-owned DeepMind will now focus on creating advanced general algorithms to help scientists find elusive cures for diseases, conjure up a way to dramatically reduce energy consumption and invent new revolutionary materials. Before they leave Go behind completely, though, they plan to publish one more paper later this year to reveal how they tweaked the AI to prepare it for the matches against Ke Jie. They're also developing a tool that would show how AlphaGo would respond to a particular situation on the Go board with help from the world's number one player. While you'll have to wait a while for those two, you'll soon be able to watch 50 games AlphaGo played against itself when it was training
The first ten games that AlphaGo played against itself are already online. Shi Yue, 9 Dan Professional and World Champion, described them as "Like nothing I've ever seen before -- they're how I imagine games from far in the future." Google announced that this week's competition "has been the highest possible pinnacle for AlphaGo as a competitive program. For that reason, the Future of Go Summit is our final match event with AlphaGo... We hope that the story of AlphaGo is just the beginning."
Books

Creative Commons Staff Members Release New Free eBook (creativecommons.org) 27

ChristianVillum writes: Creative Commons staff-members Sarah Hinchliff Pearson and Paul Stacey have now published Made With Creative Commons, the awaited book they successfully funded on Kickstarter in 2015. "Made With Creative Commons is a book about sharing," explains the book's description. "It is about sharing textbooks, music, data, art, and more. People, organizations, and businesses all over the world are sharing their work using Creative Commons licenses because they want to encourage the public to reuse their works, to copy them, to modify them... But if they are giving their work away to the public for free, how do they make money?

"This is the question this book sets out to answer. There are 24 in-depth examples of different ways to sustain what you do when you share your work. And there are lessons, about how to make money but also about what sharing really looks like -- why we do it and what it can bring to the economy and the world. Full of practical advice and inspiring stories, Made with Creative Commons is a book that will show you what it really means to share."

There's free versions in PDF, ePub, and MOBI formats for downloading from the Creative Commons site, and there's also an edit-able version on Google Docs. A small Danish non-profit publisher named Ctrl+Alt+Delete Books is also publishing print copies of the book under a Creative Commons license "to ensure easy sharing," and is making the book available on Amazon or through the publisher's own web site.
Microsoft

Security Analyst Concludes Windows 10 Enterprise 'Tracks Too Much' (xato.net) 237

A viral Twitter rant about Windows 10 Enterprise supposedly ignoring users' privacy settings has since been clarified. "I made mistakes on my original testing and therefore saw more connections than I should have," writes IT security analyst Mark Burnett, "including some to Google ads." But his qualified results -- quoted below -- are still critical of Microsoft:
  • You can cut back even more using the Windows Restricted Traffic Limited Functionality Baseline but break many things.
  • Settings can be set wrong if you aren't paying attention. Also, settings are not consistent and can be confusing to beginners.
  • You are opted-in to just about everything by default and have to set hundreds of settings to opt out, even on an Enterprise Windows system. Sometimes multiple settings for the same feature. Most Microsoft documentation discourages opting out and warns of a less optimal experience... But you can't completely opt-out. Windows still tracks too much.
  • Home and Professional users are much worse off due to limitations of some settings and lack of an IT staff... I'm not saying ditch Windows. I'm saying let's fix this. If we can't fix it, then we ditch Windows.

Hardware

Ask Slashdot: Is There A Screen-Less, Keyboard-Less, Battery-Powered Computer? 157

Long-time Slashdot reader Wycliffe writes: So I have a travel keyboard that I love. I can carry my OS on a USB flash drive. There are several options for portable battery powered monitors. The only thing I'm missing to have a completely modular laptop is the CPU/MB/RAM... I can get a laptop but it seems silly to carry around a laptop with a keyboard when I never use the keyboard. I don't need a long battery life, if I need more than an hour then I can find somewhere to plug it in...

I've thought about buying a small box like a Zotac and trying to replace the hard drive with a battery -- but does anything like this already exist...? Also, are there any systems like this with decent specs? Most stuff I see like the Intel Compute Stick are horribly underpowered compared to a decent laptop.

The original submission drew some interesting discussion. Another option is "a good x86/x64 tablet that I can install Linux on" -- especially with a decent processor -- or "laptop-like systems that got rid of the screen entirely... I just need the travel CPU part without the added weight of a second keyboard and monitor." So leave your best suggestions in the comments. Is there a good, lightweight computer that's battery-powered without a screen or a keyboard?
Opera

Opera Says Their iOS Updates Are Still Coming - Just Slowly (twitter.com) 33

Slashdot reader BrianFagioli has posted an update about his communication with Opera over their plans for iOS. They'd originally tweeted Thursday that "at this moment we don't have a team working on IOS which is why we haven't released any updates." But Friday they clarified that "It does not mean we give up development on iOS. It's just that now our resources are on Android." They reiterated that point in an email. We would like to clarify that Opera does not abandon iOS... We plan to keep developing it as Opera Min[i] provides unique features that other browsers do not have, such as data saving for both webpages and video, ad-blocking, built-in newsfeed etc. And people love using it. As most of the engineering resources are now on Android, our update on iOS is slow at this moment. Please bear with us and do stay tune for our next updates.
The tweet Friday also emphasized that "We will update iOS for sure."
Power

New Solar Plane Plans Non-Stop Flight Around The World (bloomberg.com) 32

An anonymous reader quotes Bloomberg: [A] Russian tycoon and his Renova Group plan a record-breaking effort to send a plane around the world nonstop using only the power of the sun. If all goes well, a single pilot will fly for five days straight at altitudes of up to 10 miles, about a third higher than commercial airliners. The project isn't just a stunt. The glider-style airplane with a 36-meter (120-foot) wingspan will be a test of technologies that are set to be used to build new generations of autonomous craft for the military and business, say aerospace experts. They will fly continuously, have far greater reach and control than satellites and expand broadcast, communication and spying capabilities around the globe... "Our flight should prove that it's possible to make long-distance flights using solar energy," said Mikhail Lifshitz, Renova's director of high-tech asset development and a qualified pilot-instructor. A "flying laboratory" test-plane will be ready by year-end, Lifshitz said in an interview.
The plane will conserve power by slowly gliding down from the high altitudes at night -- without ever touching the ground. In comparison a solar plane (partially funded by Google) already circled the earth last year -- but it took 22 days, and made 17 different stops.
Data Storage

SSD Drives Vulnerable To Rowhammer-Like Attacks That Corrupt User Data (bleepingcomputer.com) 89

An anonymous reader writes: NAND flash memory chips, the building blocks of solid-state drives (SSDs), include what could be called "programming vulnerabilities" that can be exploited to alter stored data or shorten the SSD's lifespan. According to research published earlier this year, the programming logic powering of MLC NAND flash memory chips (the tech used for the latest generation of SSDs), is vulnerable to at least two types of attacks.

The first is called "program interference," and takes place when an attacker manages to write data with a certain pattern to a target's SSD. Writing this data repeatedly and at high speeds causes errors in the SSD, which then corrupts data stored on nearby cells. This attack is similar to the infamous Rowhammer attack on RAM chips.

The second attack is called "read disturb" and in this scenario, an attacker's exploit code causes the SSD to perform a large number of read operations in a very short time, which causes a phenomenon of "read disturb errors," that alters the SSD ability to read data from nearby cells, even long after the attack stops.

Slashdot Top Deals