DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
AT&T

AT&T Joins The Linux Foundation as a Platinum Member (linuxfoundation.org) 38

From a press release: The Linux Foundation, the nonprofit advancing professional open source management for mass collaboration, today announced that AT&T has become a Platinum member. This follows news of the company's contribution of several million lines of ECOMP code to The Linux Foundation, as well as the new Open Network Automation Platform (ONAP) Project based on production-ready code from AT&T and OPEN-O contributors. Chris Rice, senior vice president of AT&T Labs, joins The Linux Foundation Board of Directors and was also recently selected as the ONAP chairman. "Open source is crucial to AT&T's software transformation," said Chris Rice, chairman of ONAP and senior vice president of AT&T Labs. "So, it was a natural decision for us to join The Linux Foundation. SDN is helping us meet performance, capital spending and efficiency goals and we expect continued benefits. But more so, we recognize that the open source community accelerates innovation. We're excited to work with The Linux Foundation and its members to promote a globally accepted platform for SDN and NFV technologies."
AI

New AI Algorithm Beats Even the World's Worst Traffic (vice.com) 126

"Computer scientists at Nanyang Technological University in Singapore have developed a new intelligent routing algorithm that attempts to minimize the occurrence of spontaneous traffic jams -- those sudden snarls caused by greedy merges and other isolated disruptions -- throughout a roadway network," reports Motherboard. "It's both computationally distributed and fast, requirements for any real-world traffic management system. Their work is described in the April issue of IEEE Transactions on Emerging Topics in Computational Intelligence." From the report: The Nanyang researchers' algorithm starts off by just assuming that, given enough traffic density, shit is going to happen. Someone is going to make a greedy merge -- something is going to cause enough of a traffic perturbation to result in a network breakdown. Breakdown in this context is a technical-ish term indicating that for some period of time the traffic outflow from a segment of roadway is going to be less than the traffic inflow. "We assume that the traffic breakdown model has already been given, and the probability of traffic breakdown occurrence is larger than zero (meaning that traffic breakdowns would occur), and our goal is to direct the traffic flow so that the overall traffic breakdown probability is minimized," Hongliang Guo and colleagues write. Put differently, "our objective is to maximize the probability that none of the network links encounters a traffic breakdown." So, the goal of the algorithm is this maximization, which reduces to a fairly tidy equation. It then becomes a machine learning problem. Things get pretty messy at this point, but just understand that we're taking the current traffic load, adding an unknown additional load that might enter the network at any time, and then coming up with probabilities of network breakdown at each of the network's nodes or intersections. Crunch some linear algebra and we wind up with optimal routes through the network. Crucially, Guo and co. were able to come up with some mathematical optimizations that make this kind of calculation feasible in real-time. They were able to demonstrate their algorithm in simulations and are currently working on a further analysis with BMW, which is providing a vast trove of data from its Munich car-sharing fleet. This may not be as distant a technology as it might seem. As it turns out, only 10 percent of cars in a network need to be driving according to the optimizations for those optimizations to have a positive effect on the entire network.
Databases

Facial Recognition Database Used By FBI Is Out of Control, House Committee Hears (theguardian.com) 90

The House oversight committee claims the FBI's facial recognition database is out of control, noting that "no federal law controls this technology" and "no court decision limits it." At last week's House oversight committee hearing, politicians and privacy campaigners presented several "damning facts" about the databases. "About 80% of photos in the FBI's network are non-criminal entries, including pictures from driver's licenses and passports," reports The Guardian. "The algorithms used to identify matches are inaccurate about 15% of the time, and are most likely to misidentify black people than white people." From the report: "Facial recognition technology is a powerful tool law enforcement can use to protect people, their property, our borders, and our nation," said the committee chair, Jason Chaffetz, adding that in the private sector it can be used to protect financial transactions and prevent fraud or identity theft. "But it can also be used by bad actors to harass or stalk individuals. It can be used in a way that chills free speech and free association by targeting people attending certain political meetings, protests, churches, or other types of places in the public." Furthermore, the rise of real-time face recognition technology that allows surveillance and body cameras to scan the faces of people walking down the street was, according to Chaffetz, "most concerning." "For those reasons and others, we must conduct proper oversight of this emerging technology," he said.
Google

Still More Advertisers Pull Google Ads Over YouTube Hate Videos (morningstar.com) 292

"A week after Google apologized for running customers' advertisements alongside objectionable videos, triggering a change in policy, its YouTube site is still rife with examples that are angering more big advertisers and causing some to cut spending with the tech giant," reports the Dow Jones Newswire. Reporters from the Wall Street Journal spotted ads from Microsoft, Amazon, and Procter & Gamble appearing on hate videos -- and thus indirectly funding them. An anonymous reader quotes their report: Asked about the Journal's finding that their ads were still appearing with such content on YouTube as of Thursday night, Coca-Cola, PepsiCo Inc., Wal-Mart Stores Inc. and Dish Network Corp. said Friday they were suspending spending on all Google advertising except targeted search ads. Starbucks Corp. and General Motors Co. said they were pulling their ads from YouTube. FX Networks, part of 21st Century Fox Inc., said it was suspending all advertising spending on Google, including search ads and YouTube. Wal-Mart said: "The content with which we are being associated is appalling and completely against our company values."
An executive at one of the affected companies complained that Google "had assured us over the past few days that our brands were safe from this type of content. Despite their assurances, it's clear they couldn't give assurance."
Security

Anti-Virus Vendors Scramble To Patch Hijacking Exploit Involving Microsoft Tool (securityweek.com) 48

"A zero-day attack called Double Agent can take over antivirus software on Windows machines," Network World reported Wednesday. wiredmikey writes: The attack involves the Microsoft Application Verifier, a runtime verification tool for unmanaged code that helps developers find subtle programming errors in their applications... [The exploit] allows a piece of malware executed by a privileged user to register a malicious DLL for a process associated with an antivirus or other endpoint security product, and hijack its agent.
Patches were released by Malwarebytes, AVG, and Trend Micro, the security researchers told BleepingComputer earlier this week. Kaspersky Lab told ZDNet "that measures to detect and block the malicious scenario have now been added to all its products," while Norton downplayed the exploit, saying the attack "would require physical access to the machine and admin privileges to be successful," with their spokesperson "adding that it has deployed additional detection and blocking protections in the unlikely event users are targeted."

BetaNews reports that the researchers "say that it is very easy for antivirus producers to implement a method of protection against this zero-day, but it is simply not being done. 'Microsoft has provided a new design concept for antivirus vendors called Protected Processes...specially designed for antivirus services...the protected process infrastructure only allows trusted, signed code to load and has built-in defense against code injection attacks.'"
Transportation

Researchers Teach Self-Driving Cars To 'See' Better At Night (sciencemag.org) 32

Researchers may have developed a way for self-driving cars to continue navigating at night (or on rainy days) by performing an AI analysis to identify traffic signs by their relative reflectiveness. Slashdot reader sciencehabit shares an article from Science: Their approach requires autonomous cars to continuously capture images of their surroundings. Each image is evaluated by a machine learning algorithm...looking for a section of the image that is likely to contain a sign. It's able to simultaneously evaluate multiple sections of the image -- a departure from previous systems that considered parts of an image one by one. At this stage, it's possible it will also detect irrelevant signs placed along roads. The section of the image flagged as a possible sign then passes through what's known as a convolutional neural network [which] picks up on specific features like shapes, symbols, and numbers in the image to decide which type of sign it most likely depicts... In the real world, this should mean that an autonomous car can drive down the street and accurately pinpoint and decipher every single sign it passes.
Communications

T-Mobile Kicks Off Industry Robocall War With Network-Level Blocking and ID Tools (venturebeat.com) 76

T-Mobile is among the first U.S. telecom companies to announce plans to thwart pesky robocallers. From a report on VentureBeat: The move represents part of an industry-wide Robocall Strike Force set up by the Federal Communications Commission (FCC) last year to combat the 2 billion-plus automated calls U.S. consumers deal with each month. Other key members of the group include Apple, Google, Microsoft, and Verizon. T-Mobile's announcement comes 24 hours after the FCC voted to approve a new rule that would allow telecom companies to block robocallers who use fake caller ID numbers to conceal their true location and identity. From a report on WashingtonPost: The Federal Communications Commission on Thursday proposed new rules (PDF) that would allow phone companies to target and block robo-calls coming from what appear to be illegitimate or unassigned phone numbers. The rules could help cut down on the roughly 2.4 billion automated calls that go out each month -- many of them fraudulent, according to FCC Chairman Ajit Pai. "Robo-calls are the No. 1 consumer complaint to the FCC from members of the American public," he said, vowing to halt people who, in some cases, pretend to be tax officials demanding payments from consumers, or, in other cases, ask leading questions that prompt consumers to give up personal information as part of an identity theft scam.
Twitter

Twitter Considers Premium Version After 11 Years As a Free Service (reuters.com) 84

Twitter is considering whether or not to build a premium version of its site for select users. It's unclear what the cost would be at this time, but it's very possible it could be in the form of a subscription. Reuters reports: Like most other social media companies, Twitter since its founding 11 years ago has focused on building a huge user base for a free service supported by advertising. Last month it reported it had 319 million users worldwide. Twitter is conducting a survey "to assess the interest in a new, more enhanced version of Tweetdeck," which is an existing tool that helps users navigate the network, spokeswoman Brielle Villablanca said in a statement on Thursday. She went on: "We regularly conduct user research to gather feedback about people's Twitter experience and to better inform our product investment decisions, and we're exploring several ways to make Tweetdeck even more valuable for professionals." There was no indication that Twitter was considering charging fees from all its users. Word of the survey had earlier leaked on Twitter, where a journalist affiliated with the New York Times posted screenshots of what a premium version of Tweetdeck could look like. That version could include "more powerful tools to help marketers, journalists, professionals, and others in our community find out what is happening in the world quicker," according to one of the screenshots posted on the account @andrewtavani.
United States

71 Percent of Android Phones On Major US Carriers Have Out of Date Security Patches (betanews.com) 103

Ian Barker, writing for BetaNews: Slow patching of security flaws is leaving many US mobile users at risk of falling victim to data breaches according to the findings of a new report. The study from mobile defense specialist Skycure analyzed patch updates among the five leading wireless carriers in the US and finds that 71 percent of mobile devices still run on security patches more than two months old. This is despite Google releasing Android patches every month, indeed six percent of devices are running patches that are six or more months old. Without the most updated patches, these devices are susceptible to attacks, including rapidly rising network attacks and new malware, also detailed in the report.
Social Networks

Reddit To Transform Into a Social Network With New Profile Pages (digitaljournal.com) 130

An anonymous reader quotes a report from Digital Journal: Reddit has announced it has begun trialling a radical new profile page design that's reminiscent of Facebook and Twitter. It will evolve the discussion board site towards being a social network by enabling users to post directly to their new profile page. At present, posts on Reddit have to be directed into a specific sub-Reddit community. You can't simply write a post and have it appear across the network which can make it difficult to get your voice heard. Unless you've got some reputation in a relevant sub-Reddit, your posts may end up going unnoticed. That could soon change. Last night, Reddit announced it's working on a drastic revision of its user profile page experience. The site has commenced testing of an early version of the design. According to a report from Reuters, just three "high-profile" users currently have access to the feature. When the new pages are eventually opened up to all, they'll showcase the user's profile picture and description. Below the header, posts from the user will be publicly displayed. The user will be able to add new posts to their page, without submitting to a sub-Reddit. Users will be able to follow each other to stay informed of new posts, effectively creating a social network atmosphere above the discussion boards.
Medicine

Satellite Navigation 'Switches Off' Parts of Brain Used For Navigation, Study Finds (scientificamerican.com) 158

A new study published today in the journal Nature Communications reveals some of the drawbacks of using satellite navigation (SatNav) technology. After scanning the brains of 24 volunteers as they explored a simulation through the streets of London's Soho district, researchers from the University of London found that listening to a satellite navigation's instructions "switches off" activity in parts of the brain used for navigation. Scientific American reports: The researchers found that a brain structure called the hippocampus, which is involved in both memory and spatial navigation, appears to encode two different maps of the environment: One tracks the distance to the final destination as the crow flies and is encoded by the frontal region of the hippocampus, the other tracks the "true path" to the goal and is encoded by its rear region. During the navigation tasks, the hippocampus acts like a flexible guidance system, flipping between these two maps according to changing demands. Activity in the hippocampal rear region acts like a homing signal, increasing as the goal gets closer. Analysis of the brain-scanning data revealed activity in the rear right of the hippocampus increased whenever the participants entered a new street while navigating. It also varied with the number of new path options available. The more alternatives there were, the greater the brain activity. The researchers also found that activity in the front of the hippocampus was associated with a property called centrality, defined by the proximity of each new street to the center of the network. Further, they observed activity in the participants' prefrontal cortices when they were forced to make a detour and had to replan their route -- and this, too, increased in relation to the number of options available. Intriguingly, when participants followed SatNav instructions, however, brain activity in these regions "switched off." Together, the new findings suggest the rear portion of the hippocampus reactivates spatial memories of possible navigation paths, with more available paths evoking more activity, and that the prefrontal cortex may contribute to path-planning by searching though different route options and selecting the best one.
Businesses

Walmart Unveils 'Store No. 8' Tech Incubator In Silicon Valley (bloomberg.com) 66

An anonymous reader quotes a report from Bloomberg: Wal-Mart Stores Inc. is creating a technology-startup incubator in Silicon Valley to identify changes that will reshape the retail experience, including virtual reality, autonomous vehicle and drone delivery and personalized shopping. The incubator will be called Store No. 8, a reference to a Wal-Mart location where the company experimented with new store layouts. Marc Lore, chief executive officer of Wal-Mart's e-commerce operations, announced the incubator Monday at the ShopTalk conference in Las Vegas. The world's biggest retailer has been overhauling its online team to better challenge Amazon.com Inc. with greater selection and lower prices. Lore founded Jet.com, which Wal-Mart purchased in September for about $3.3 billion in pursuit of Amazon in the e-commerce race. Lore said Wal-Mart has an advantage over "pure play" e-commerce companies because of its large network of stores that attract shoppers for such items as fresh food. The incubator will partner with startups, venture capitalists and academics to promote innovation in robotics, virtual and augmented reality, machine learning and artificial intelligence, according to Wal-Mart. The goal is to have a fast-moving, separate entity to identify emerging technologies that can be developed and used across Wal-Mart.
Google

Burglars Can Easily Make Google Nest Security Cameras Stop Recording (helpnetsecurity.com) 71

Orome1 quotes a report from Help Net Security: Google Nest's Dropcam, Dropcam Pro, Nest Cam Outdoor and Nest Cam Indoor security cameras can be easily disabled by an attacker that's in their Bluetooth range. The vulnerabilities are present in the latest firmware version running on the devices (v5.2.1). They were discovered by researcher Jason Doyle last fall, and their existence responsibly disclosed to Google, but have still not been patched. The first two flaws can be triggered and lead to a buffer overflow condition if the attacker sends to the camera a too-long Wi-Fi SSID parameter or a long encrypted password parameter, respectively. Triggering one of these flaws will make the devices crash and reboot. The third flaw is a bit more serious, as it allows the attacker to force the camera to temporarily disconnect from the wireless network to which it is connected by supplying it a new SSID to connect to. If that particular SSID does not exist, the camera drops its attempt to associate with it and return to the original Wi-Fi network, but the whole process can last from 60 to 90 seconds, during which the camera won't be recording. Nest has apparently already prepared a patch but hasn't pushed it out yet. (It should be rolling out "in the coming days.")
IBM

IBM Unveils Blockchain As a Service Based On Open Source Hyperledger Fabric Technology (techcrunch.com) 42

IBM has unveiled its "Blockchain as a Service," which is based on the open source Hyperledger Fabric, version 1.0 from The Linux Foundation. "IBM Blockchain is a public cloud service that customers can use to build secure blockchain networks," TechCrunch reports, noting that it's "the first ready-for-primetime implementation built using that technology." From the report: Although the blockchain piece is based on the open source Hyperledger Fabric project of which IBM is a participating member, it has added a set of security services to make it more palatable for enterprise customers, while offering it as a cloud service helps simplify a complex set of technologies, making it more accessible than trying to do this alone in a private datacenter. The Hyperledger Fabric project was born around the end of 2015 to facilitate this, and includes other industry heavyweights such as State Street Bank, Accenture, Fujitsu, Intel and others as members. While the work these companies have done to safeguard blockchain networks, including setting up a network, inviting members and offering encrypted credentials, was done under the guise of building extra safe networks, IBM believes it can make them even safer by offering an additional set of security services inside the IBM cloud. While Jerry Cuomo, VP of blockchain technology at IBM, acknowledges that he can't guarantee that IBM's blockchain service is unbreachable, he says the company has taken some serious safeguards to protect it. This includes isolating the ledger from the general cloud computing environment, building a security container for the ledger to prevent unauthorized access, and offering tamper-responsive hardware, which can actually shut itself down if it detects someone trying to hack a ledger. What's more, IBM claims their blockchain product is built in a highly auditable way to track all of the activity that happens within a network, giving administrators an audit trail in the event something did go awry.
Google

After Years Waiting For Google Fiber, KC Residents Get Cancellation Emails (arstechnica.com) 64

An anonymous reader quotes a report from Ars Technica: Some Kansas City residents who have been waiting years for Google Fiber to install service at their homes recently received e-mails canceling their installations, with no word on whether they'll ever get Internet service from the company. KSHB 41 Action News in Kansas City, Missouri, "spoke to several people, living in different parts of the metro, all who have recently received cancellation e-mails," the station reported last week. "The e-mails do not provide a specific reason for the cancellations. Instead they say the company was 'unable to build our network to connect your home or business at this time.'" While Google Fiber refuses to say how many installations have been canceled, KSHB said, "there is speculation the number of cancellations in the metro is as high as 2,700." "The company says it has slowed down in some areas to experiment with new techniques," such as wireless technology, the report also said. Google Fiber is still hooking up fiber for some new customers in parts of the Kansas City area. One resident who had his installation canceled is Larry Meurer, who was seeing multiple Google Fiber trucks in his neighborhood nearly two years ago, in the spring of 2015. "I'm left wondering what's going on," he told KSHB after getting the cancellation e-mail. Meurer lives in Olathe, Kansas, one of the largest cities in the Kansas City metro area. Residents only five houses away and around the corner have Google Fiber service, the report said. But Meurer said he and several neighbors who never got service were "terminated."
Security

Royal Jordanian Airlines Bans Use of Electronics After US Voices Security 'Concerns' (theverge.com) 109

An anonymous reader quotes a report from The Verge: Royal Jordanian airlines banned the use of electronics on flights servicing the U.S. after government officials here expressed concerns. Details are scant, but CNN is reporting that other carriers based on the Middle East and Africa may be affected as well. The news broke when Royal Jordanian, a state-owned airline that operates around 500 flights a week, posted this cryptic notice on its Twitter feed. The ban, which includes laptops, tablets, and video games, but does not include smartphones or medical devices, is effective for Royal Jordanian flights servicing New York, Chicago, Detroit, and Montreal. A spokesperson for Royal Jordanian was not immediately available for clarification. Meanwhile, CNN is reporting that Royal Jordanian may not be the only carrier affected by these new security provisions. Jon Ostrower, the network's aviation editor, just tweeted that as many as 12 airlines based in the Middle East and Africa could be impacted. A Saudi executive also tweeted that "directives by U.S. authorities" could affect passengers traveling from 13 countries, with the new measure set to go into effect over the next 96 hours.
Crime

Company's Former IT Admin Accused of Accessing Backdoor Account 700+ Times (bleepingcomputer.com) 63

An anonymous reader writes: "An Oregon sportswear company is suing its former IT administrator, alleging he left backdoor accounts on their network and used them more than 700 times to search for information for the benefit of its new employer," reports BleepingComputer. Court papers reveal the IT admin left to be the CTO at one of the sportswear company's IT suppliers after working for 14 years at his previous employer. For more than two years, he's [allegedly] been using an account he created before he left to access his former colleagues' emails and gather information about the IT services they might need in the future. The IT admin was fired from his CTO job after his new employer found out what he was doing.
One backdoor, which enabled both VPN and VDI connections to the company's network, granted access to a "jmanming" account for a non-existent employee named Jeff Manning...
Encryption

Ask Slashdot: How Would You Implement Site-Wide File Encryption? 151

Recently-leaked CIA documents prove that encryption works, according to the Associated Press. But how should sys-admins implement site-wide file encryption? Very-long-time Slashdot reader Pig Hogger writes: If you decide to implement server-level encryption across all your servers, how do you manage the necessary keys/passwords/passphrases to insure that you have both maximum uptime (you can access your data if you need to reboot your servers), yet that the keys cannot be compromised... What are established practices to address this issue?
Keep in mind that you can't change your password once the server's been seized, bringing up the issue of how many people know that password. Or is there a better solution? Share you suggestions and experiences in the comments. How would you implement site-wide file encryption?
Botnet

Bruce Schneier Calls for IoT Legislation, Argues The Internet Is Becoming One Giant Robot (linux.com) 85

"We're building a world-size robot, and we don't even realize it," security expert Bruce Schneier warned the Open Source Leadership Summit. As mobile computing and always-on devices combine with the various network-connected sensors, actuators, and cloud-based AI processing, "We are building an internet that senses, thinks, and acts." An anonymous reader quotes Linux.com: You can think of it, he says, as an Internet that affects the world in a direct physical manner. This means Internet security becomes everything security. And, as the Internet physically affects our world, the threats become greater. "It's the same computers, it could be the same operating systems, the same apps, the same vulnerability, but there's a fundamental difference between when your spreadsheet crashes, and you lose your data, and when your car crashes and you lose your life," Schneier said...

"I have 20 IoT-security best-practices documents from various organizations. But the primary barriers here are economic; these low-cost devices just don't have the dedicated security teams and patching/upgrade paths that our phones and computers do. This is why we also need regulation to force IoT companies to take security seriously from the beginning. I know regulation is a dirty word in our industry, but when people start dying, governments will take action. I see it as a choice not between government regulation and no government regulation, but between smart government regulation and stupid government regulation."

AT&T

DirecTV Admits Screwing Up Regional Sports Fees, Starts Issuing Credits (arstechnica.com) 15

An anonymous reader quotes a report from Ars Technica: AT&T this week acknowledged that DirecTV has been charging the wrong regional sports fees to some customers and is now issuing bill credits to those who paid more because of the mistake. "We have identified a small percentage of customers who are receiving some inaccurate bills for regional sports network fees," an AT&T spokesperson told Ars yesterday. "We are working as quickly as possible to notify those customers and issue credits. We apologize for the error." AT&T bought DirecTV, the nation's largest satellite TV provider with about 21 million customers, in 2015. The mistake affects bills going back to late January. Customers will not have to do anything to get the credit, as it will be issued automatically. The billing problem came to light last week when Consumerist published a report detailing how the regional sports network fees vary by ZIP code in ways that simply didn't make sense. It wouldn't be surprising to see different fees in different metro areas and states, since different local sports networks and teams are broadcast in different areas. But there were numerous cases in which people in adjacent ZIP codes were charged very different amounts to watch the same exact networks and teams. Some customers were charged no sports fee, while others were charged amounts of $2.47, $5.83, or $7.29 a month.

Slashdot Top Deals