Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
China

China's New 'Social Credit Score' Law Means Full Access To Customer Data (insurancejournal.com) 37

AnonymousCube shares this quote about China's new 'Social Credit Score' law from an insurance industry magazine: "Companies are also required to give government investigators complete access to their data if there is suspected wrong-doing, and Internet operators must cooperate in any national security or crime-related investigation."

Note that China has an extremely flexible definition of "national security". Additionally computer equipment will need to undergo mandatory certification, that could involve giving up source code, encryption keys, or even proprietary intellectual data, as Microsoft has been doing for some time.

The article suggests businesses like insurers "will likely see the cost of complying with this new action as a disincentive to conducting business in China."
Chrome

Chrome 55 Now Blocks Flash, Uses HTML5 By Default (bleepingcomputer.com) 44

An anonymous reader quotes Bleeping Computer: Chrome 55, released earlier this week, now blocks all Adobe Flash content by default, according to a plan set in motion by Google engineers earlier this year... While some of the initial implementation details of the "HTML5 By Default" plan changed since then, Flash has been phased out in favor of HTML5 as the primary technology for playing multimedia content in Chrome.

Google's plan is to turn off Flash and use HTML5 for all sites. Where HTML5 isn't supported, Chrome will prompt users and ask them if they want to run Flash to view multimedia content. The user's option would be remembered for subsequent visits, but there's also an option in the browser's settings section, under Settings > Content Settings > Flash > Manage Exceptions, where users can add the websites they want to allow Flash to run by default.

Exceptions will also be made automatically for your more frequently-visited sites -- which, for many users, will include YouTube. And Chrome will continue to ship with Flash -- as well as an option to re-enable Flash on all sites.
Transportation

Mercedes Unveils Digital Headlights That Project Street Signs, Markings Onto the Road Ahead (newatlas.com) 58

An anonymous reader quotes a report from New Atlas: Mercedes has just announced a conceptual new set of lamps that can not only adapt their light distribution to cater to the environment, but can project high-res visual aids onto the road ahead, such as makeshift zebra crossings for nearby pedestrians. The new system is dubbed Digital Light and features two million pixels that, with the help of algorithms and sensors that analyze the vehicle's surroundings, can each adjust their individual brightness depending on the scenario. An example of this might be a partial dimming to avoid blinding a cyclist. We have seen this kind of adaptive lighting technology before in systems developed by Fraunhofer and indeed Mercedes itself, although tuning it to control millions of pixels individually does appear to be new territory. But where the Digital Light system gets quite interesting is with the ability to project different objects onto the road. Imagine you are rolling up to an intersection in a foreign city with unfamiliar streets signs and the car, having collected the necessary information, projects a stop sign onto the road out ahead. Perhaps just as practical is the ability to shoot out strips of light that represent the precise width of the car, which could be pretty hand just as you try to squeeze through that extremely narrow gap. For what it's worth, Mercedes says it has already fitted it to a number of demo vehicles and reckons it will be on the road "in the near future."
Twitter

Reuters Built An Algorithm That Can Identify Real News On Twitter (popsci.com) 105

Reuters has built an algorithm called News Tracer that flags and verifies breaking news on Twitter. The algorithm weeds through all 500 million tweets that are posted on a daily basis to "sort real news from spam, nonsense, ads, and noise," writes Corinne Iozzio via Popular Science: In development since 2014, reports the Columbia Journalism Review, News Tracer's work starts by identifying clusters of tweets that are topically similar. Politics goes with politics; sports with sports; and so on. The system then uses language-processing to produce a coherent summary of each cluster. What differentiates News Tracer from other popular monitoring tools, is that it was built to think like a reporter. That virtual mindset takes 40 factors into account, according to Harvard's NiemanLab. It uses information like the location and status of the original poster (e.g. is she verified?) and how the news is spreading to establish a "credibility" rating for the news item in question. The system also does a kind of cross-check against sources that reporters have identified as reliable, and uses that initial network to identify other potentially reliable sources. News Tracer can also tell the difference between a trending hashtag and real news. The mix of data points News Tracer takes into account means it works best with actual, physical events -- crashes, protests, bombings -- as opposed to the he-said-she-said that can dominate news cycles.
Android

Multiple Vulnerabilities In AirDroid Opens At Least 10 Million Android Users To MITM Attacks, Hijackings (androidpolice.com) 29

AirDroid is a popular Android application that allows users to send and receive text messages and transfer files and see notifications from their computer. Zimperium, a mobile security company, recently released details of several major security vulnerabilities in the application, allowing attackers on the same network to access user information and execute code on a user's device. Since there are between 10 and 50 million installations of the app, many users may be imperiled by AirDroid. Android Police reports: The security issues are mainly due to AirDroid using the same HTTP request to authorize the device and send usage statistics. The request is encrypted, but uses a hardcoded key in the AirDroid application (so essentially, everyone using AirDroid has the same key). Attackers on the same network an intercept the authentication request (commonly known as a Man-in-the-middle attack) using the key extracted from any AirDroid APK to retrieve private account information. This includes the email address and password associated with the AirDroid account. Attackers using a transparent proxy can intercept the network request AirDroid sends to check for add-on updates, and inject any APK they want. AirDroid would then notify the user of an add-on update, then download the malicious APK and ask the user to accept the installation. Zimperium notified AirDroid of these security flaws on May 24, and a few days later, AirDroid acknowledged the problem. Zimperium continued to follow up until AirDroid informed them of the upcoming 4.0 release, which was made available last month. Zimperium later discovered that version 4.0 still had all these same issues, and finally went public with the security vulnerabilities today.
ISS

Russian Supply Rocket Malfunctions, Breaks Up Over Siberia En Route To ISS (npr.org) 135

An anonymous reader quotes a report from NPR: An unmanned cargo rocket bound for the International Space Station was destroyed after takeoff on Thursday. The Russian rocket took off as planned from Baikonur, Kazahkstan, on Thursday morning but stopped transmitting data about six minutes into its flight, as NPR's Rae Ellen Bichell reported: "'Russian officials say the spacecraft failed [...] when it was about 100 miles above a remote part of Siberia. The ship was carrying more than 2 1/2 tons of supplies -- including food, fuel and clothes. Most of that very likely burned up as the unmanned spacecraft fell back toward Earth. NASA says the six crew members on board the International Space station, including two Americans, are well stocked for now.'" This is the fourth botched launch of an unmanned Russian rocket in the past two years. Roscomos officials wrote in an update today: "According to preliminary information, the contingency took place at an altitude of about 190 km over remote and unpopulated mountainous area of the Republic of Tyva. The most of cargo spacecraft fragments burned in the dense atmosphere. The State Commission is conducting analysis of the current contingency. The loss of the cargo ship will not affect the normal operations of the ISS and the life of the station crew."
The Courts

French Man Sentenced To Two Years In Prison For Visiting Pro-ISIS Websites (theverge.com) 384

According to French media, a court in the department of Ardeche on Tuesday sentenced a 32-year-old man in France to two years in prison for repeatedly visiting pro-ISIS websites -- even though there was no indication he planned to stage a terrorist attack. Police raided his house and found the man's browsing history. They also found pro-ISIS images and execution videos on his phone, personal computer, and a USB stick, an ISIS flag wallpaper on his computer, and a computer password that was "13novembrehaha," referencing the Paris terrorist attacks that left 130 people dead. Slashdot reader future guy shares with us an excerpt from The Verge's report: In court, the man argued that he visited the sites out of curiosity. "I wanted to tell the difference between real Islam and the false Islam, now I understand," he said, according to FranceBleu. But the man reportedly admitted to not reading other news sites or international press, and family members told the court that his behavior had recently changed. He became irritated when discussing religion, they said, and began sporting a long beard with harem pants. A representative from the Ardeche court confirmed to The Verge that there was no indication that the man had any plans to launch an attack. In addition to the two-year prison sentence, he will have to pay a 30,000 euros (roughly $32,000) fine.
Communications

'Fatal' Flaws Found in Medical Implant Software (bbc.com) 38

Security researchers have warned of flaws in medical implants in what they say could have fatal consequences. The flaws were found in the radio-based communications used to update implants, including pacemakers, and read data from them. From a BBC report:By exploiting the flaws, the researchers were able to adjust settings and even switch off gadgets. The attacks were also able to steal confidential data about patients and their health history. A software patch has been created to help thwart any real-world attacks. The flaws were found by an international team of security researchers based at the University of Leuven in Belgium and the University of Birmingham.
Earth

Earthquake-Sensing Mobile App 'MyShake' Detects Over 200 Earthquakes Large and Small (techcrunch.com) 25

Back in February, researchers at UC Berkeley released an app called MyShake that detects strong earthquakes seconds before the damaging seismic waves arrive. Several months have passed since its release and app has already detected over 200 earthquakes in more than ten countries. TechCrunch reports: The app has received nearly 200,000 downloads, though only a fraction of those are active at any given time; it waits for the phone to sit idle so it can get good readings. Nevertheless, over the first six months the network of sensors has proven quite effective. "We found that MyShake could detect large earthquakes, but also small ones, which we never thought would be possible," one of the app's creators, Qingkai Kong, told New Scientist. A paper describing the early results was published in Geophysical Research Letters -- the abstract gives a general idea of the app's success: "On a typical day about 8000 phones provide acceleration waveform data to the MyShake archive. The on-phone app can detect and trigger on P waves and is capable of recording magnitude 2.5 and larger events. The largest number of waveforms from a single earthquake to date comes from the M5.2 Borrego Springs earthquake in Southern California, for which MyShake collected 103 useful three-component waveforms. The network continues to grow with new downloads from the Google Play store everyday and expands rapidly when public interest in earthquakes peaks such as during an earthquake sequence." You can download the app for Android here.
Businesses

Cyanogen Inc and CyanogenMod Creator Steve Kondik Part Ways (ndtv.com) 73

bulled writes: In the middle of a press release discussing the move of employees from Seattle to California, Cyanogen Inc notes that it has parted ways with Steve Kondik. It is unclear what this means for the future of CyanogenMod. NDTV reports: "Kondik took to the official CyanogenMod developer Google+ community recently where he voiced what he thought were the reasons behind Cyanogen's plight and blamed Kirt McMaster, Cyanogen's Co-Founder. 'I've been pretty quiet about the stuff that's been going on but I'm at least ready to tell the short version and hopefully get some input on what to do next because CM is very much affected,' wrote Kondik in a private Google+ community first reported by Android Police. According to Kondik's version, Cyanogen's turmoil is way far from being over. He claimed that Cyanogen had seen success thanks to the efforts by the community and the company. Though, this also changed how the company worked. Explaining how it all started to come down, Kondik wrote, 'Unfortunately once we started to see success, my co-founder apparently became unhappy with running the business and not owning the vision. This is when the 'bullet to the head' and other misguided media nonsense started, and the bad business deals were signed. Being second in command, all I could do was try and stop it, do damage control, and hope every day that something new didn't happen. The worst of it happened internally and it became a generally shitty place to work because of all the conflict. I think the backlash from those initial missteps convinced him that what we had needed to be destroyed. By the time I was able to stop it, I was outgunned and outnumbered by a team on the same mission.' Kondik also seemingly confirmed a report from July which claimed Cyanogen may pivot to apps. He further wrote, 'Eventually I tried to salvage it with a pivot that would have brought us closer to something that would have worked, but the new guys had other plans. With plenty of cash in the bank, the new guys tore the place down and will go and do whatever they are going to do. It's probably for the best and I wish them luck, but what I was trying to do, is over.'"
Bitcoin

Bitcoin Exchange Ordered To Give IRS Years of Data On Millions of Users (gizmodo.com) 202

Last month, instead of asking for data relating to specific individuals suspected of a crime, the Internal Revenue Service (IRS) demanded America's largest Bitcoin service, Coinbase, to provide the identities of all of the firm's U.S. customers who made transactions over a three year period because there is a chance they are avoiding paying taxes on their bitcoin reserves. On Wednesday, a federal judge authorized a summons requiring Coinbase to provide the IRS with those records. Gizmodo reports: Covering the identities and transaction histories of millions of customers, the request is believed to be the largest single attempt to identify tax evaders using virtual currency to date. As a so-called "John Doe" summons, the document targets a particular group or class of taxpayers -- rather than individuals -- the agency has a "reasonable basis" to believe may have broken the law. According to The New York Times, the IRS argued that two cases of tax evasion involving Coinbase combined with Bitcoin's "relatively high level of anonymity" serve as that basis. "There is no allegation in this suit that Coinbase has engaged in any wrongdoing in connection with its virtual currency exchange business," said the Justice Department on Wednesday. "Rather, the IRS uses John Doe summonses to obtain information about possible violations of internal revenue laws by individuals whose identities are unknown." In a statement, Coinbase vowed to fight the summons, which the company's head counsel has previously characterized as a "every, very broad" fishing expedition.
Businesses

Fitbit Is Buying Smartwatch Maker Pebble For Around $40 Million, Says Report (techcrunch.com) 92

According to a report from The Information, Fitbit is buying smartwatch maker Pebble for a "small amount" of money. One source says Fitbit is paying between $34 and $40 million for the company and is "barely covering their debts." TechCrunch reports: A source close to the company told TechCrunch that watch maker Citizen was interested in purchasing Pebble for $740 million in 2015. This deal failed and before the launch of the Pebble 2 Intel made an offer for $70 million. The CEO, Eric Migicovsky refused both offers. Pebble released the newest version of its smartwatch in October, but the past year or so has been a challenging period. It laid off 25 percent of its staff in March, while we reported last year that it was in some trouble and had turned to debt funding and loans, as well as traditional investor cash, "in order to stay afloat." Earlier this year, Pebble CEO Migicovsky confirmed that his company had raised $28 million in debt and venture financing. He blamed a more cautious outlook from VCs focused on tech as the primary reason for letting 40 of Pebble's staff go.
Movies

British Film Institute To Digitize 100,000 Old TV Shows Before They Disappear (bbc.com) 122

An anonymous reader quotes a report from BBC: Thousands of British TV programs are to be digitized before they are lost forever, the British Film Institute says. Anarchic children's show Tiswas and The Basil Brush Show are among the programs in line for preservation. The initiative was announced as part of the BFI's five-year strategy for 2017-2022. "Material from the 70s and early 80s is at risk," said Heather Stewart, the BFI's creative director. "It has a five or six-year shelf life and if we don't do something about it will just go, no matter how great the environment is we keep it in. "Our job is make sure that things are there in 200 years' time." The BFI has budgeted $14.3 million of Lottery funding towards its goal of making the UK's entire screen heritage digitally accessible. This includes an estimated 100,000 of the "most at-risk" British TV episodes and clips held on obsolete video formats. The list includes "early children's programming, little-seen dramas, regional programs and the beginnings of breakfast television." The issue for the BFI, Ms Stewart added, was also to do with freeing up storage space. "We have a whole vault which is wall-to-wall video. If we digitized it, it would be in a robot about the size of a wardrobe," she said.
Advertising

No Man's Sky's Steam Page Didn't Mislead Gamers, Rules UK Ad Watchdog (arstechnica.com) 75

Shortly after it officially launched in August on PlayStation and Windows, No Man's Sky -- the game that sees the protagonist explore space and experience uncertain places -- was accused of false advertising. Players felt that the pictures and videos used to promote the game on its Steam page didn't represent the sort of things players might expect to encounter in the game. Today, a UK advertising regulator has ruled the opposite -- the game didn't mislead gamers. Ars Technica reports: The complainants -- who had been part of a semi-organized campaign upset with the state of the game at release -- insisted that the screenshots on the storefront had seemed to promise various features that turned out to be absent from the final game. These included things like the appearance and behavior of animals, large in-game buildings, large-scale space combat, loading screens, a promised system wherein the different factions contested galactic territory, and general graphical polish. Hello Games' defense rested on the fact that No Man's Sky is procedurally generated, and that while players would not enjoy the exact experience shown in promotional images, they could reasonably expect to see similar things. The Advertising Standards Authority (ASA) agreed, saying: "The summary description of the game made clear that it was procedurally generated, that the game universe was essentially infinite, and that the core premise was exploration. As such, we considered consumers would understand the images and videos to be representative of the type of content they would encounter during gameplay, but would not generally expect to see those specific creatures, landscapes, battles, and structures." It also ruled that the developers hadn't misled customers over graphics: "We understood the graphical output of the game would be affected by the specifications of each player's computer, and considered that consumers would generally be aware of this limitation."
Windows

Wielding Their Windows Phones, Microsoft Shareholders Grill CEO Satya Nadella On Device Strategy (geekwire.com) 156

At a meeting with shareholders Wednesday, Microsoft CEO Satya Nadella was asked numerous times what the company is doing about Windows Phones, and why do they keep hearing that Microsoft is abandoning smartphone manufacturer business. The stakeholders also asked why the company is seemingly focusing more on Android and iOS rival platforms instead of its own. From a report on GeekWire: Microsoft shareholder Dana Vance, owner of a Windows Phone and a Microsoft Band, said he received an email about the Microsoft Pix app but was surprised to learn that it was available for iPhone and Android but not Windows Phone. Ditto for Microsoft Outlook. He also alluded to reports that Microsoft has put the Band on the back burner. Given this, he asked Nadella to explain the company's vision for its consumer devices. As part of his response, Nadella said Microsoft's Windows camera and mail apps will include the same features as in Microsoft's apps for other platforms. "When we control things silicon-up, that's how we will integrate those experiences," Nadella said. The company will "build devices that are unique and differentiated with our software capability on top of it -- whether it's Surface or Surface Studio or HoloLens or the phone -- and also make our software applications available on Android and iOS and other platforms. That's what I think is needed in order for Microsoft to help you as a user get the most out of our innovation." Another shareholder, who says he uses his Windows Phone "18 hours a day," said he has heard Microsoft is "stepping away from mobile." He asked, "Can you calm me down ... and tell me what your vision is for mobile?" Nadella answered, "We think about mobility broadly. In other words, we think about the mobility of the human being across all of the devices, not just the mobility of a single device. That said, we're not stepping away or back from our focus on our mobile devices," Nadella said. "What we are going to do is focus that effort on places where we have differentiation. If you take Windows Phone, where we are differentiated on Windows Phone is on manageability. It's security, it's Continuum capability -- that is, the ability to have a phone that can act like a PC. So we're going to double-down on those points of differentiation."
Java

Muni System Hacker Hit Others By Scanning For Year-Old Java Vulnerability (arstechnica.com) 30

An anonymous reader quotes a report from Ars Technica: The attacker who infected servers and desktop computers at the San Francisco Metropolitan Transit Agency (SFMTA) with ransomware on November 25 apparently gained access to the agency's network by way of a known vulnerability in an Oracle WebLogic server. That vulnerability is similar to the one used to hack a Maryland hospital network's systems in April and infect multiple hospitals with crypto-ransomware. And evidence suggests that SFMTA wasn't specifically targeted by the attackers; the agency just came up as a target of opportunity through a vulnerability scan. In an e-mail to Ars, SFMTA spokesperson Paul Rose said that on November 25, "we became aware of a potential security issue with our computer systems, including e-mail." The ransomware "encrypted some systems mainly affecting computer workstations," he said, "as well as access to various systems. However, the SFMTA network was not breached from the outside, nor did hackers gain entry through our firewalls. Muni operations and safety were not affected. Our customer payment systems were not hacked. Also, despite media reports, no data was accessed from any of our servers." That description of the ransomware attack is not consistent with some of the evidence of previous ransomware attacks by those behind the SFMTA incident -- which Rose said primarily affected about 900 desktop computers throughout the agency. Based on communications uncovered from the ransomware operator behind the Muni attack published by security reporter Brian Krebs, an SFMTA Web-facing server was likely compromised by what is referred to as a "deserialization" attack after it was identified by a vulnerability scan. A security researcher told Krebs that he had been able to gain access to the mailbox used in the malware attack on the Russian e-mail and search provider Yandex by guessing its owner's security question, and he provided details from the mailbox and another linked mailbox on Yandex. Based on details found in e-mails for the accounts, the attacker ran a server loaded with open source vulnerability scanning tools to identify and compromise servers to use in spreading the ransomware, known as HDDCryptor and Mamba, within multiple organizations' networks.
Google

Google Successfully Uses Machine Learning To Detect Diabetic Retinopathy (betanews.com) 30

BrianFagioli writes from a report via BetaNews: Diabetic eye disease is caused by retinopathy. Affected diabetics can have small tears inside the eye, causing bleeding. Over time, they can lose vision, and ultimately, they can go blind. Luckily, Google has been trying to use machine learning to detect diabetic retinopathy. Guess what? The search giant has seen much success. Not only are the computers able to detect the disease at the same level as ophthalmologists, but Google is actually slightly better! "A few years ago, a Google research team began studying whether machine learning could be used to screen for diabetic retinopathy (DR). Today, in the Journal of the American Medical Association, we've published our results: a deep learning algorithm capable of interpreting signs of DR in retinal photographs, potentially helping doctors screen more patients, especially in underserved communities with limited resources," says Lily Peng, MD Ph.D., Product Manger at Google. She goes on to say "our algorithm performs on par with the ophthalmologists, achieving both high sensitivity and specificity. [...] For example, on the validation set described in Figure 2, the algorithm has a F-score of 0.95, which is slightly better than the median. F-score of the 8 ophthalmologists we consulted (measured at 0.91)."
Microsoft

Microsoft Brings Collaborative Editing To PowerPoint On Desktop (venturebeat.com) 38

Microsoft today said that it has enhanced certain versions of its PowerPoint presentation-building program with real-time collaborative editing. VentureBeat adds: This feature came to Word on desktop last year. And before that it was available through Office Online. Microsoft said last year that real-time coauthoring would come to all of its desktop apps, and now Microsoft is executing on that commitment. Just like in Google Docs, Sheets, and Slides, this feature lets you "see what others are typing as it happens on a given slide," Microsoft Office corporate vice president Kirk Koenigsbauer wrote in a blog post. The feature is live now in PowerPoint on Windows for people who subscribe to Office 365 and belong to the Office Insider program. In addition, it's now available to everyone in PowerPoint Mobile on Windows tablets, Koenigsbauer wrote.
Desktops (Apple)

Boot Camp Might Damage Speakers on 2016 MacBook Pro (digitaltrends.com) 115

An anonymous reader writes:One of the things an Apple Mac can do that Windows 10 machines can't do -- at least easily and completely legally -- is run both Windows and MacOS. Interestingly, it's Apple's Boot Camp utility that makes this feat possible, which essentially enables Macs of all flavors to boot directly to Windows 10 and use the Mac as if it were a Windows machine. Usually, this is a fairly straightforward process that works well, with the resulting Boot Camp configuration doing fairly well at mimicking a Windows 10 machine with a few hardware limitations. As of the 2016 MacBook Pro machines, however, it appears that Boot Camp might be causing some serious and uncharacteristic audio issues. It appears that the new speakers running on the refreshed MacBook Pro line aren't working so well with the obsolete drivers provided in the current version of MacOS Sierra Boot Camp. Users are reporting the issue on all models of the 2016 MacBook Pro, and they are not experiencing the issue in MacOS. Virtual machines using Parallels or other software are also not experiencing the issue, providing more support of a bad audio driver causing the problem in Boot Camp.
The Almighty Buck

Fearing Tighter US Visa Regime, Indian IT Firms Rush To Hire (moneycontrol.com) 184

From a report on Reuters: Anticipating a more protectionist US technology visa programme under a Donald Trump administration, India's $150 billion IT services sector will speed up acquisitions in the United States and recruit more heavily from college campuses there. Indian companies including Tata Consultancy Services, Infosys, and Wipro have long used H1-B skilled worker visas to fly computer engineers to the US, their largest overseas market, temporarily to service clients. Staff from those three companies accounted for around 86,000 new H1-B workers in 2005-14. The US currently issues close to that number of H1-B visas each year. President-elect Trump's campaign rhetoric, and his pick for Attorney General of Senator Jeff Sessions, a long-time critic of the visa programme, have many expecting a tighter regime.

Slashdot Top Deals