DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
DRM

W3C Erects DRM As Web Standard (theregister.co.uk) 14

The World Wide Web Consortium (W3C) has formally put forward highly controversial digital rights management as a new web standard. "Dubbed Encrypted Media Extensions (EME), this anti-piracy mechanism was crafted by engineers from Google, Microsoft, and Netflix, and has been in development for some time," reports The Register. "The DRM is supposed to thwart copyright infringement by stopping people from ripping video and other content from encrypted high-quality streams." From the report: The latest draft was published last week and formally put forward as a proposed standard soon after. Under W3C rules, a decision over whether to officially adopt EME will depend on a poll of its members. That survey was sent out yesterday and member organizations, who pay an annual fee that varies from $2,250 for the smallest non-profits to $77,000 for larger corporations, will have until April 19 to register their opinions. If EME gets the consortium's rubber stamp of approval, it will lock down the standard for web browsers and video streamers to implement and roll out. The proposed standard is expected to succeed, especially after web founder and W3C director Sir Tim Berners-Lee personally endorsed the measure, arguing that the standard simply reflects modern realities and would allow for greater interoperability and improve online privacy. But EME still faces considerable opposition. One of its most persistent vocal opponents, Cory Doctorow of the Electronic Frontier Foundation, argues that EME "would give corporations the new right to sue people who engaged in legal activity." He is referring to the most recent controversy where the W3C has tried to strike a balance between legitimate security researchers investigating vulnerabilities in digital rights management software, and hackers trying to circumvent content protection. The W3C notes that the EME specification includes sections on security and privacy, but concedes "the lack of consensus to protect security researchers remains an issue." Its proposed solution remains "establishing best practices for responsible vulnerability disclosure." It also notes that issues of accessibility were ruled to be outside the scope of the EME, although there is an entire webpage dedicated to those issues and finding solutions to them.
Chrome

Google Contemplating Removing Chrome 'Close Other Tabs' and 'Close Tabs to the Right' Options (bleepingcomputer.com) 193

An anonymous reader shares a report: Chrome engineers are planning to remove two options from Chrome that allow users to quickly close a large number of tabs with just a few clicks. The options, named "Close other tabs" and "Close tabs to the right" reside in the menu that appears when a user right-clicks on a Chrome tab. According to an issue on the Chromium project spotted yesterday by a Reddit user, Google engineers planned to remove to menu options for many years even before opening the Chromium issue, dated itself to July 31, 2015. After several years of inactivity and no decision, things started to move again in September 2016, when usage statistics confirmed that Chrome users rarely used the two options they initially wanted to remove. Seeing no new discussions past this point, Chromium engineers assigned the issue in February, meaning engineers are getting ready to remove the two menu options it in future Chromium builds.
Firefox

Firefox for Linux is Now Netflix Compatible (betanews.com) 63

Brian Fagioli, writing for BetaNews: For a while, Netflix was not available for traditional Linux-based operating systems, meaning users were unable to enjoy the popular streaming service without booting into Windows. This was due to the company's reliance on Microsoft Silverlight. Since then, Netflix adopted HTML5, and it made Google Chrome and Chromium for Linux capable of playing the videos. Unfortunately, Firefox -- the open source browser choice for many Linux users -- was not compatible. Today this changes, however, as Mozilla's offering is now compatible with Netflix!
Microsoft

Microsoft's Edge Was Most Hacked Browser At Pwn2Own 2017, While Chrome Remained Unhackable (tomshardware.com) 135

At the Pwn2Own 2017 hacking event, Microsoft's Edge browser proved itself to be the least secure browser at the event, after it was hacked no less than five times. Google's Chrome browser, on the other hand, remained unhackable during the contest. Tom's Hardware reports: On the first day, Team Ether (Tencent Security) was the first to hack Edge through an arbitrary write in the Chakra JavaScript engine. The team also used a logic bug in the sandbox to escape that, as well. The team got an $80,000 prize for this exploit. On the second day, the Edge browser was attacked fast and furious by multiple teams. However, one was disqualified for using a vulnerability that was disclosed the previous day. (The teams at Pwn2Own are supposed to only use zero-day vulnerabilities that are unknown to the vendor. Two other teams withdrew their entries against Edge. However, Team Lance (Tencent Security) successfully exploited Microsoft's browser using a use-after-free (UAF) vulnerability in Chakra, and then another UAF bug in the Windows kernel to elevate system privileges. The exploit got the team $55,000. Team Sniper (Tencent Security) also exploited Edge and the Windows kernel using similar techniques, which gained this team the same amount of money, as well. The most impressive exploit by far, and also a first for Pwn2Own, was a virtual machine escape through an Edge flaw by a security team from "360 Security." The team leveraged a heap overflow bug in Edge, a type confusion in the Windows kernel, and an uninitialized buffer in VMware Workstation for a complete virtual machine escape. The team hacked its way in via the Edge browser, through the guest Windows OS, through the VM, all the way to the host operating system. This impressive chained-exploit gained the 360 Security team $105,000. The fifth exploit against Edge was done by Richard Zhu, who used two UAF bugs--one in Edge and one in a Windows kernel buffer overflow--to complete the hack. The attack gained Zhu $55,000. At last year's Pwn2Own 2016, Edge proved to be more secure than Internet Explorer and Safari, but it still ended up getting hacked twice. Chrome was only partially hacked once, notes Tom's Hardware.
Advertising

Google Wants To Create Promotions That Aren't Ads For Its Voice-Controlled Assistant (businessinsider.in) 49

Earlier this month, some Google Home users noticed what appeared to be audio ads for Disney's "Beauty and the Beast" movie. After some intense backlash, the company released a statement claiming that the ad was not an ad, but that it was simply "timely content" that Disney didn't pay for. Google's UK director of agencies, Matt Bush, has since spoken out about the company's plans with advertising via the voice-controlled Assistant. Business Insider reports: Bush explained Google isn't looking to offer brand integrations in voice for the time being, since it didn't have enough data to come up with an ad product that adds value for consumers. "We want businesses to have a phenomenal mobile experience and then building on that have a phenomenal voice experience," Bush told Business Insider at Advertising Week Europe. "That might not be, in the early instances, anything that has to do with commercials at all. It might just be something something that adds value to the consumer without needing to be commercialized." Bush explained that the consumer experience with voice is very different from that of text search because the use cases for voice navigation differ depending on the device the function is used on and the context the user finds themselves in. "We don't want to start putting in commercial opportunities that we think users don't want to interact with," Bush said "We don't want anything to come in-between the user and their access to the information they're actually looking for. If a brand can add value in that space, fantastic." Bush cited mobile search ads as successful executions of using context and personal user insights, but voice promotions are unlikely to take the same form. "It's unlikely to be what you see from search as it currently stands, where you might have three or four ads as the top results of a search," he said.
Google

Burglars Can Easily Make Google Nest Security Cameras Stop Recording (helpnetsecurity.com) 66

Orome1 quotes a report from Help Net Security: Google Nest's Dropcam, Dropcam Pro, Nest Cam Outdoor and Nest Cam Indoor security cameras can be easily disabled by an attacker that's in their Bluetooth range. The vulnerabilities are present in the latest firmware version running on the devices (v5.2.1). They were discovered by researcher Jason Doyle last fall, and their existence responsibly disclosed to Google, but have still not been patched. The first two flaws can be triggered and lead to a buffer overflow condition if the attacker sends to the camera a too-long Wi-Fi SSID parameter or a long encrypted password parameter, respectively. Triggering one of these flaws will make the devices crash and reboot. The third flaw is a bit more serious, as it allows the attacker to force the camera to temporarily disconnect from the wireless network to which it is connected by supplying it a new SSID to connect to. If that particular SSID does not exist, the camera drops its attempt to associate with it and return to the original Wi-Fi network, but the whole process can last from 60 to 90 seconds, during which the camera won't be recording. Nest has apparently already prepared a patch but hasn't pushed it out yet. (It should be rolling out "in the coming days.")
Google

Android O First Developer Preview Featuring Notification Channels, Background Limits Now Available (googleblog.com) 63

A year after Google released the Android N Developer Preview, the company has made available the developer preview of the next major version of Android, "Android O." You will not want to put it on your primary Android smartphone as the preview is likely to have rough edges. Google says as much. "it's early days, there are more features coming, and there's still plenty of stabilization and performance work ahead of us. But it's booting :)."

The company is using the developer preview to give beta testers a sneak peek into some new features, such as "notification channels," which will offer users the ability to group notifications. There is also Picture in Picture, which will enable you to have a video appear in a small window on top of homescreen or any application. Google is also adding "multi-display support" and improved "keyboard navigation." Your guess is as good as mine as to what these features will actually do. There's also better "background limits" which will supposedly help save battery, and wider Wi-Fi support to include things like Neighborhood Aware Networking (NAN).

No word on what "O" in Android O stands for.
Google

Google To Revamp Policies, Hire Staff After UK Ad Scandal (reuters.com) 67

Google vowed on Tuesday to police its websites better by ramping up staff numbers and overhauling its policies after several companies deserted the internet giant for failing to keep their adverts off hate-filled videos. From a report on Reuters: Google has found itself at the center of a British storm in recent days after major companies from supermarkets to banks and consumer groups pulled their adverts from its YouTube site after they appeared alongside videos carrying homophobic and anti-Semitic messages. Alphabet's Google launched a review of the problem on Friday, apologized on Monday and said on Tuesday it had revamped its policies to give advertisers more control.
Power

John Goodenough's Colleagues Are Skeptical of His New Battery Technology (qz.com) 240

Earlier this month, a research team led by John Goodenough announced that they had created a new fast charging solid-state battery that can operate in extreme temperatures and store five to ten times as much energy as current standard lithium-ion batteries. The announcement was big enough to have Google's Eric Schmidt tweeting about it. However, there are some skeptics, including other leading battery researchers. "For his invention to work as described, they say, it would probably have to abandon the laws of thermodynamics, which say perpetual motion is not possible," reports Quartz. "The law has been a fundamental of batteries for more than a century and a half." Quartz reports: Goodenough's long career has defined the modern battery industry. Researchers assume that his measurements are exact. But no one outside of Goodenough's own group appears to understand his new concept. The battery community is loath to openly challenge the paper, but some come close. "If anyone but Goodenough published this, I would be, well, it's hard to find a polite word," Daniel Steingart, a professor at Princeton, told Quartz. Goodenough did not respond to emails. But in a statement released by the University of Texas, where he holds an engineering chair, he said, "We believe our discovery solves many of the problems that are inherent in today's batteries. Cost, safety, energy density, rates of charge and discharge and cycle life are critical for battery-driven cars to be more widely adopted." In addition, Helena Braga, the paper's lead author, in an exchange of emails, insisted that the team's claims are valid. For almost four decades, Goodenough has dominated the world of advanced batteries. If anyone could finally make the breakthrough that allows for cheap, stored electricity in cars and on the grid, it would figure to be him. Goodenough invented the heart of the battery that is all but certainly powering the device on which you are reading this. It's the lithium-cobalt-oxide cathode, invented in 1980 and introduced for sale by Sony in 1991. Again and again, Goodenough's lab has emerged with dramatic discoveries confirming his genius. It's what is not stated in the paper that has some of the battery community stumped. How is Goodenough's new invention storing any energy at all? The known rules of physics state that, to derive energy, differing material must produce differing eletro-chemical reactions in the two opposing electrodes. That difference produces voltage, allowing energy to be stored. But Goodenough's battery has pure metallic lithium or sodium on both sides. Therefore, the voltage should be zero, with no energy produced, battery researchers told Quartz. Goodenough reports energy densities multiple times that of current lithium-ion batteries. Where does the energy come from, if not the electrode reactions? That goes unexplained in the paper.
Google

After Years Waiting For Google Fiber, KC Residents Get Cancellation Emails (arstechnica.com) 63

An anonymous reader quotes a report from Ars Technica: Some Kansas City residents who have been waiting years for Google Fiber to install service at their homes recently received e-mails canceling their installations, with no word on whether they'll ever get Internet service from the company. KSHB 41 Action News in Kansas City, Missouri, "spoke to several people, living in different parts of the metro, all who have recently received cancellation e-mails," the station reported last week. "The e-mails do not provide a specific reason for the cancellations. Instead they say the company was 'unable to build our network to connect your home or business at this time.'" While Google Fiber refuses to say how many installations have been canceled, KSHB said, "there is speculation the number of cancellations in the metro is as high as 2,700." "The company says it has slowed down in some areas to experiment with new techniques," such as wireless technology, the report also said. Google Fiber is still hooking up fiber for some new customers in parts of the Kansas City area. One resident who had his installation canceled is Larry Meurer, who was seeing multiple Google Fiber trucks in his neighborhood nearly two years ago, in the spring of 2015. "I'm left wondering what's going on," he told KSHB after getting the cancellation e-mail. Meurer lives in Olathe, Kansas, one of the largest cities in the Kansas City metro area. Residents only five houses away and around the corner have Google Fiber service, the report said. But Meurer said he and several neighbors who never got service were "terminated."
Google

Google Maps Lets You Record Your Parking Location, Time Left At the Meter (techcrunch.com) 50

Google Maps has received a neat feature that will help users remember where they parked. "This appears as a new menu option when you tap the blue dot, and will place a 'P' icon on the map so you can find your way back to your spot," reports Ars Technica. From the report: Google had already introduced its own proactive parking saving feature via Google Now, but it had worked by tapping into your phone's sensors and making a determination that you had most likely parked at a given spot. Sometimes, you might see this information appear when it was unwarranted, however -- like if you got off a bus or exited a taxi, Google says. The new feature in Google Maps requires a manual entry, but this is actually a bit of an advantage over the guessing done by Google Now, because it allows you to input more information about your spot. Like Apple Maps, you can add notes about where you parked -- something that's helpful for jotting down cross streets or which floor of a garage you're on, for example. But Google Maps also supports adding multiple photos of your parking location -- a common way people often note the parking space number in the garage, and then, via a separate shot, the floor, row, aisle and/or color code for the garage level itself. In addition, Google's parking location saver will let you enter in how much time you have left at the spot. This is handy if you're in a temporary parking area (e.g. "two hour parking"), or at metered space. The time left is displayed on the map, and when it's due to expire, Google Maps will alert you via push notification.
Android

Android Creator Lost Out On a Big Investment, and Apple May Be To Blame (cnbc.com) 74

Earlier this year, we learned that Andy Rubin, creator of the Android operating system, has built a new company called Essential. The company was reportedly working on a "high-end smartphone with a large edge-to-edge screen that lacks a surrounding bezel." It appears things aren't chugging along so smoothly. From a report: Andy Rubin, a co-creator of Android, lost out on a $100 million investment from SoftBank as Apple deepened ties with the Japanese investor, people familiar with the matter told The Wall Street Journal. Rubin's company, Essential Products, is reportedly planning to release a new high-end smartphone this spring, and SoftBank planned to market the phone in Japan, the Journal said. But Apple subsequently agreed to commit $1 billion to SoftBank's Vision Fund, a move that "complicated" SoftBank's investment in Essential Products, the Journal reported Monday. Apple did not directly block the deal, the Journal said, though Rubin's premium phone would be released ahead of the highly anticipated 10th anniversary iPhone. The deal was "nearly complete," sources told the Journal.
Businesses

Two More Executives Are Leaving Uber, Drivers May Unionize (nytimes.com) 200

First the resignations. "The beliefs and approach to leadership that have guided my career are inconsistent with what I saw and experienced at Uber," the company's former president told Recode on Sunday, announcing his resignation. "The departures add to the executive exodus from Uber this year," writes The New York Times. An anonymous reader quotes their report. Brian McClendon, vice president of maps and business platform at Uber, also plans to leave at the end of the month... Raffi Krikorian, a well-regarded director in Uber's self-driving division, left the company last week, while Gary Marcus, who joined Uber in December after Uber acquired his company, left this month. Uber also asked for the resignation of Amit Singhal, a top engineer who failed to disclose a sexual harassment claim against him at his previous employer, Google, before joining Uber. And Ed Baker, another senior executive, left this month as well.
Jones left Uber after less than six months, though McClendon's departure is said to be more amicable. "Mr. McClendon, in a statement, said he was returning to his hometown, Lawrence, Kansas, after 30 years away. 'This fall's election and the current fiscal crisis in Kansas is driving me to more fully participate in our democracy -- and I want to do that in the place I call home."

In other news, the Teamsters labor union plans to start organizing Uber's drivers into a union, after a Washington judge rejected Uber's attempt to overturn a right-to-unionize ordinance passed by the city of Seattle.
Microsoft

WikiLeaks Won't Tell Tech Companies How To Patch CIA Zero-Days Until Demands Are Met (fortune.com) 225

"WikiLeaks has made initial contact with us via secure@microsoft.com," a Microsoft spokesperson told Motherboard -- but then things apparently stalled. An anonymous reader quotes Fortune: Wikileaks this week contacted major tech companies including Apple and Google, and required them to assent to a set of conditions before receiving leaked information about security "zero days" and other surveillance methods in the possession of the Central Intelligence Agency... Wikileaks' demands remain largely unknown, but may include a 90-day deadline for fixing any disclosed security vulnerabilities. According to Motherboard's sources, at least some of the involved companies are still in the process of evaluating the legal ramifications of the conditions.
Julian Assange announced Friday that Mozilla had already received information after agreeing to their "industry standard responsible disclosure plan," then added that "most of these lagging companies have conflicts of interest due to their classified work for U.S. government agencies... such associations limit industry staff with U.S. security clearances from fixing security holes based on leaked information from the CIA." Assange suggested users "may prefer organizations such as Mozilla or European companies that prioritize their users over government contracts. Should these companies continue to drag their feet we will create a league table comparing company responsiveness and government entanglements so users can decided for themselves."
Google

Google Glass Enters The Manufacturing Sector (npr.org) 61

NPR recently profiled one of the 100 factory workers now using Google Glass at the agricultural equipment manufacturer AGCO. An anonymous reader quotes their report: Google Glass tells her what to do should she forget, for example, which part goes where. "I don't have to leave my area to go look at the computer every time I need to look up something," she says. With Google Glass, she scans the serial number on the part she's working on. This brings up manuals, photos or videos she may need. She can tap the side of headset or say "OK Glass" and use voice commands to leave notes for the next shift worker...

Peggy Gullick, business process improvement director with AGCO, says the addition of Google Glass has been "a total game changer." Quality checks are now 20 percent faster, she says, and it's also helpful for on-the-job training of new employees... Tiffany Tsai, who writes about technology, says it's one of a growing number of companies -- including General Electric and Boeing -- testing it out... Companies working in the health care, entertainment and energy industries are listed as some of the Google Glass certified partners.

AGCO plans to have 200 workers using Google Glass by the end of this year.
Google

Google's New Campus Will Open Its Restaurants To The Public (recode.net) 76

Google's new 18-acre campus will feature a 595,000-square foot building for 2,400 employees, most of them engineers -- and its bottom floor will be open to the public. An anonymous reader quotes Recode: People will be able to walk through the middle of the building, where they can shop in retail stores and dine at cafes also frequented by Googlers... A summary of plans from Google also describes spaces for workshops and demonstrations of new technologies such as virtual reality. Visitors might encounter a pop-up store devoted to virtual reality or demonstrations of smart-home devices made by Alphabet subsidiary Nest, according to the spokesperson... This is the first time Google has built a campus from the ground up...

Generally speaking, Bay Area tech companies have tended to of cut their workplaces off from the communities surrounding them. Employees take private buses to their campuses, and stay on-site for non-work activities like meals in private cafeterias and exercise classes. Google offers similar amenities to its employees, but makes its open, grassy areas open to anyone.

The San Francisco Chronicle reports Google's new building will be "shaped to resemble a puffy white cloud, with solar panels on the roof... The campus also will have a plaza where the public can soak in performances."
AI

Researchers Build An AI That's Better At Reading Lips Than Humans (bbc.com) 62

An anonymous reader quotes the BBC: Scientists at Oxford say they've invented an artificial intelligence system that can lip-read better than humans. The system, which has been trained on thousands of hours of BBC News programs, has been developed in collaboration with Google's DeepMind AI division. "Watch, Attend and Spell", as the system has been called, can now watch silent speech and get about 50% of the words correct. That may not sound too impressive - but when the researchers supplied the same clips to professional lip-readers, they got only 12% of words right...
The system now recognizes 17,500 words, and one of the researchers says, "As it keeps watching TV, it will learn."
PlayStation (Games)

Ask Slashdot: Best Virtual Reality Headsets? 140

Quantus347 writes: Straightforward question: I held off for a year to let the various manufacturers shake out the bugs, but now it's down to either a virtual-reality system or a new generation console. So I ask you, the Slashdot community, what are your personal experiences with any of the various VR systems out there? What are their strengths and weaknesses? What little things annoy you the most? What features make a given product the best (or worst) option? "Sprinkle us with wisdom from your mighty brain!" For reference, the HTC Vive costs $799.00, while the Oculus Rift with Oculus Touch motion controllers costs $598 (which is the price after the recent markdown from $799). These prices do not include the necessary hardware required to power each headset. The PlayStation VR ($399.99), Samsung Gear VR ($99.99), and Google Daydream View ($79.00) are also available for less moolah.
Crime

Judge Grants Search Warrant For Everyone Who Searched a Crime Victim's Name On Google (startribune.com) 101

Hennepin County District Judge Gary Larson has issued a search warrant to Edina, Minnesota police to collect information on people who searched for variations of a crime victim's name on Google from Dec. 1 through Jan. 7. Google would be required to provide Edina police with basic contact information for people targeted by the warrant, as well as Social Security numbers, account and payment information, and IP and MAC addresses. StarTribune reports: Information on the warrant first emerged through a blog post by public records researcher Tony Webster. Edina police declined to comment Thursday on the warrant, saying it is part of an ongoing investigation. Detective David Lindman outlined the case in his application for the search warrant: In early January, two account holders with SPIRE Credit Union reported to police that $28,500 had been stolen from a line of credit associated with one of their accounts, according to court documents. Edina investigators learned that the suspect or suspects provided the credit union with the account holder's name, date of birth and Social Security number. In addition, the suspect faxed a forged U.S. passport with a photo of someone who looked like the account holder but wasn't. Investigators ran an image search of the account holder's name on Google and found the photo used on the forged passport. Other search engines did not turn up the photo. According to the warrant application, Lindman said he had reason to believe the suspect used Google to find a picture of the person they believed to be the account holder. Larson signed off on the search warrant on Feb. 1. According to court documents, Lindman served it about 20 minutes later.
Google

Google's Allo App Can Reveal To Your Friends What You've Searched (recode.net) 61

Google's new messaging app Allo can reveal your search history and other personal information when you include the Google Assistant bot in chats, according to a report. From the article: My friend directed Assistant to identify itself. Instead of offering a name or a pithy retort, it responded with a link from Harry Potter fan website Pottermore. The link led to an extract from "Harry Potter and the Order of the Phoenix," the fifth book in J.K. Rowling's Harry Potter series. But the response was not merely a nonsequitur. It was a result related to previous searches my friend said he had done a few days earlier. [...] When I asked "What is my job?" in my conversation with my friend, Assistant responded by sharing a Google Maps image showing the address at which I used to work -- the address of a co-working space, not the publicly listed address of my previous employer. Google had the address on file because I had included it in my personal Google Maps settings. It did not ask my permission to share that.

Slashdot Top Deals