[syndicated profile] slashdot_feed

Posted by BeauHD

If you bought a Kindle e-book between April 2010 and May 2012, you might see some Amazon credit coming your way. The company is reportedly distributing funds from an antitrust lawsuit that it levied at Apple in 2013. From a report: Amazon has set up a website listing the available credits, and it has begun sending out emails this morning to U.S. customers who are eligible for a refund. Apple and a handful of book publishers, including Penguin, HarperCollins, Machete Book Group and Macmillan, were found guilty of conspiring to inflate the prices of e-books in order to weaken Amazon's grip on the market. While the book publishers settled out of court, Apple decided to fight the lawsuit and appealed several times. Eventually, it was ordered to pay a total of $450 million in the protracted antitrust case. Several refunds have already been distributed because of the lawsuit. In fact, the bulk of credits were sent out in 2014 and 2016. The round of credits being sent out today comes from an earmarked $20 million meant to pay states involved in the suit. The Amazon credits have a six-month shelf life and must be spent by April 20, 2018, or they'll expire. In addition the Amazon credits, customers may also be receiving Apple credits that can be used toward iBooks, iTunes and App Store purchases. Apple is currently notifying eligible customers via email.

Read more of this story at Slashdot.

[syndicated profile] slashdot_feed

Posted by BeauHD

An anonymous reader quotes a report from The Guardian: The abundance of flying insects has plunged by three-quarters over the past 25 years, according to a new study that has shocked scientists. Insects are an integral part of life on Earth as both pollinators and prey for other wildlife and it was known that some species such as butterflies were declining. But the newly revealed scale of the losses to all insects has prompted warnings that the world is "on course for ecological Armageddon," with profound impacts on human society. The new data was gathered in nature reserves across Germany but has implications for all landscapes dominated by agriculture, the researchers said. The cause of the huge decline is as yet unclear, although the destruction of wild areas and widespread use of pesticides are the most likely factors and climate change may play a role. The scientists were able to rule out weather and changes to landscape in the reserves as causes, but data on pesticide levels has not been collected. The research, published in the journal Plos One, is based on the work of dozens of amateur entomologists across Germany who began using strictly standardized ways of collecting insects in 1989.

Read more of this story at Slashdot.

[syndicated profile] slashdot_feed

Posted by BeauHD

schwit1 shares a report from The Independent: The stereotype of a tortured genius may have a basis in reality after a new study found that people with higher IQs are more at risk of developing mental illness. A team of U.S. researchers surveyed 3,715 members of American Mensa with an IQ higher than 130. An "average IQ score" or "normal IQ score" can be defined as a score between 85 and 115. The team asked the Mensa members to report whether they had been diagnoses with mental illnesses, including autism spectrum disorder (ASD) and attention deficit hyperactivity disorder (ADHD). They were also asked to report mood and anxiety disorders, or whether the suspected they suffered from any mental illnesses that had yet to be diagnosed, as well as physiological diseases, like food allergies and asthma. After comparing this with the statistical national average for each illness they found that those in the Mensa community had considerably higher rates of varying disorders. While 10 per cent of the general population were diagnosed with anxiety disorder, that rose to 20 percent among the Mensa community, according to the study which published in the Science Direct journal.

Read more of this story at Slashdot.

[syndicated profile] slashdot_feed

Posted by BeauHD

New submitter ctilsie242 writes: Many years ago, it was said that we would have a "cyber 9/11," a security event so drastic that it fundamentally would change how companies and people thought about security. However, this has not happened yet (mainly because the bad guys know that this would get organizations to shut their barn doors, stopping the gravy train.) With the perception that security has no financial returns, coupled with the opinion that "nobody can stop the hackers, so why even bother," what can actually be done to get businesses to have an actual focus on security. The only "security" I see is mainly protection from "jailbreaking," so legal owners of a product can't use or upgrade their devices. True security from other attack vectors are all but ignored. In fact, I have seen some development environments where someone doing anything about security would likely get the developer fired because it took time away from coding features dictated by marketing. I've seen environments where all code ran as root or System just because if the developers gave thought to any permission model at all, they would be tossed, and replaced by other developers who didn't care to "waste" their time on stuff like that. One idea would be something similar to Underwriters Labs, except would grade products, perhaps with expanded standards above the "pass/fail" mark, such as Europe's "Sold Secure," or the "insurance lock" certification (which means that a security device is good enough for insurance companies to insure stuff secured by it.) There are always calls for regulation, but with regulatory capture being at a high point, and previous regulations having few teeth, this may not be a real solution in the U.S. Is our main hope the new data privacy laws being enacted in Europe, China, and Russia, which actually have heavy fines as well as criminal prosecutions (i.e. execs going to jail)? This especially applies to IoT devices where it is in their financial interest to make un-upgradable devices, forcing people to toss their 1.0 lightbulbs and buy 1.0.1 lightbulbs to fix a security issue, as opposed to making them secure in the first place, or having an upgrade mechanism. Is there something that can actually be done about the general disinterest by companies to make secure products, or is this just the way life is now?

Read more of this story at Slashdot.

Кса и Эгон Шиле

Oct. 19th, 2017 02:14 am
kobelsky: (2p)
[personal profile] kobelsky
Господамы и мужикисты, трудящиеся и прогульщики и просто прекрасные распиздяи!

Сегодня, 19.10, прекрасная [personal profile] ksa собирается у себя в музейчике "говорить об Эгоне Шиле - сложном человеке и великолепном художнике, графику которого (а ещё там Климт!) к нам как раз так удачно привезли в ГМИИ".
И я опять буду вести трансляцию всего этого безобразия. Начинается все это примерно в 19.00 GMT+3

Адрес трансляции здесь:



Непременно присоединяйтесь!

Обязательное напоминание смотрящим:

Не забывайте благодарно кормить лектора!
Дистанционная корзиночка для прокорма:
Сбер 5469 3800 4619 0426
PayPal на мыло oxana.sanzharova@gmail.com
[syndicated profile] slashdot_feed

Posted by BeauHD

The FAA has granted CNN a waiver that allows it to fly its Vantage Robotics Snap drone over open-air crowds of people at altitudes of up to 150 feet. "This is a new precedent in this kind of waiver: Previous exemptions allowed flight of drones over people in closed set operations (like for filmmaking purposes) and only when tethered, with a max height of 21 feet," reports TechCrunch. From the report: The new waiver granted to CNN, as secured through its legal counsel Hogan Lovells, allows for flight of the Vantage UAV (which is quite small and light) above crowds regardless of population density. It was a big win for the firm and the company because it represents a change in perspective on the issue for the FAA, which previously viewed all requests for exceptions from a "worst-case scenario" point of view. Now, however, the FAA has accepted CNN's "reasonableness Approach," which takes into account not just the potential results of a crashed drone, but also the safe operating history of the company doing the flying, their built-in safety procedures, and the features included on the drone model itself that are designed to mitigate the results of any negative issues.

Read more of this story at Slashdot.

[syndicated profile] slashdot_feed

Posted by BeauHD

An anonymous reader quotes a report from TechSpot: Microsoft late last year announced a partnership with Qualcomm to bring the full Windows 10 experience to ARM-powered devices. Terry Myerson, Executive Vice President of Microsoft's Windows and Devices Group, promised at the time that Snapdragon-powered Windows 10 devices would be efficient in the power consumption department. We're still waiting for the partnership to bear fruit but in the interim, new details regarding efficiency (and a few other subjects) have emerged. With regard to battery life, Pete Bernard, Principal Group Program Manager for Connectivity Partners at Microsoft, said that to be frank, battery life at this point is beyond their expectations: ""We set a high bar for [our developers], and we're now beyond that. It's the kind of battery life where I use it on a daily basis. I don't take my charger with me. I may charge it every couple of days or so. It's that kind of battery life."

Read more of this story at Slashdot.

[syndicated profile] slashdot_feed

Posted by BeauHD

Three former Tesla factory workers have filed a lawsuit against the company, claiming they were subject to constant racial discrimination and harassment in the electric car company's factories. "The men, who are African-American, claim in a new complaint filed Monday in state court that Tesla supervisors and workers used racial epithets and drew racist graffiti on cardboard boxes," reports The Mercury News. From the report: The new suit is the second by black employees charging Tesla failed to address racial antagonism at its factory. The electric vehicle maker also has a hearing before the National Labor Relations Board over claims it illegally tried to silence workers promoting a union. The complaints come as the Tesla heads into a crucial ramp-up of Model 3 production, its lower-cost electric vehicle. A Tesla spokesman denied the suit's allegations and said the men never raised the complaints to the company during their brief time at the plant. "Given our size, we recognize that unfortunately at times there will be cases of harassment or discrimination in corners of the company," the spokesman said. "From what we know so far, this does not seem to be such a case." The suit, filed in Alameda County Superior Court, claims Owen Diaz and his son, Demetric, were called the N-word while they worked at the Fremont factory, and supervisors did little to stop it. A third man, Lamar Patterson, also claims he was subjected to insensitive racist remarks.

Read more of this story at Slashdot.

[syndicated profile] slashdot_feed

Posted by BeauHD

New submitter EndlessNameless writes: If you like fair play, you might not like future Activision games. They will cross the line to encourage microtransactions, specifically matching players to both encourage and reward purchase. Rewarding the purchase, in particular, is an explicit and egregious elimination of any claim to fair play. "For example, if the player purchased a particular weapon, the microtransaction engine may match the player in a gameplay session in which the particular weapon is highly effective, giving the player an impression that the particular weapon was a good purchase," according to the patent. "This may encourage the player to make future purchases to achieve similar gameplay results." Even though the patent's examples are all for a first-person-shooter game, the system could be used across a wide variety of titles. "This was an exploratory patent filed in 2015 by an R&D team working independently from our game studios," an Activision spokesperson tells Rolling Stone. "It has not been implemented in-game." Bungie also confirmed that the technology isn't being used in games currently on the market, mentioning specifically Destiny 2.

Read more of this story at Slashdot.

[syndicated profile] slashdot_feed

Posted by BeauHD

An anonymous reader quotes a report from The Verge: Google's AI subsidiary DeepMind has unveiled the latest version of its Go-playing software, AlphaGo Zero. The new program is a significantly better player than the version that beat the game's world champion earlier this year, but, more importantly, it's also entirely self-taught. DeepMind says this means the company is one step closer to creating general purpose algorithms that can intelligently tackle some of the hardest problems in science, from designing new drugs to more accurately modeling the effects of climate change. The original AlphaGo demonstrated superhuman Go-playing ability, but needed the expertise of human players to get there. Namely, it used a dataset of more than 100,000 Go games as a starting point for its own knowledge. AlphaGo Zero, by comparison, has only been programmed with the basic rules of Go. Everything else it learned from scratch. As described in a paper published in Nature today, Zero developed its Go skills by competing against itself. It started with random moves on the board, but every time it won, Zero updated its own system, and played itself again. And again. Millions of times over. After three days of self-play, Zero was strong enough to defeat the version of itself that beat 18-time world champion Lee Se-dol, winning handily -- 100 games to nil. After 40 days, it had a 90 percent win rate against the most advanced version of the original AlphaGo software. DeepMind says this makes it arguably the strongest Go player in history.

Read more of this story at Slashdot.

[syndicated profile] slashdot_feed

Posted by msmash

Mozilla has announced deeper partnerships with Microsoft, Google, Samsung, and web standards body W3C to create cross-browser documentation on MDN Web Docs, a web development documentation portal created by Mozilla. From a report: MDN Web Docs first came to fruition in 2005, and it has since been known under various names, including the Mozilla Developer Network and Mozilla Developer Center. Today, MDN Web Docs serves as a community and library of sorts covering all things related to web technologies and standards, including JavaScript, HTML, CSS, open web app development, Firefox add-on development, and more. The web constitutes multiple players from across the technology spectrum and, of course, multiple browsers, including Microsoft's Edge, Google's Chrome, Mozilla's Firefox, and the Samsung Internet Browser. To avoid fragmentation and ensure end-users have a (fairly) consistent browsing experience, it helps if all the players involved adhere to a similar set of standards.

Read more of this story at Slashdot.

[syndicated profile] slashdot_feed

Posted by msmash

Catalin Cimpanu, reporting for BleepingComputer: Ever since mid-September, when Coinhive launched and the whole cryptojacking frenzy started, the Internet has gone crazy with in-browser cryptocurrency miners, and new sites that offer similar services are popping up on a weekly basis. While one might argue that mining Monero in a site's background is an acceptable alternative to viewing intrusive ads, almost none of these services that have recently appeared provide a way to let users know what's happening, let alone a way to stop mining behavior. In other words, most are behaving like malware, intruding on users' computers and using resources without permission. [...] Bleeping Computer spotted two new services named MineMyTraffic and JSEcoin, while security researcher Troy Mursch also spotted Coin Have and PPoi, a Coinhive clone for Chinese users. On top of this, just last night, Microsoft spotted two new services called CoinBlind and CoinNebula, both offering similar in-browser mining services, with CoinNebula configured in such a way that users couldn't report abuse. Furthermore, none of these two services even have a homepage, revealing their true intentions to be deployed in questionable scenarios.

Read more of this story at Slashdot.

"Maybe It's a Piece of Dust"

Oct. 18th, 2017 03:30 pm
[syndicated profile] slashdot_feed

Posted by msmash

An anonymous reader shares a report: I was in the Grand Central Station Apple Store for a third time in a year, watching a progress bar slowly creep across my computer's black screen as my Genius multi-tasked helping another customer with her iPad. My computer was getting its third diagnostic test in 45 minutes. The problem was not that its logic board was failing, that its battery was dying, or that its camera didn't respond. There were no mysteriously faulty innerworkings. It was the spacebar. It was broken. And not even physically broken -- it still moved and acted normally. But every time I pressed it once, it spaced twice. "Maybe it's a piece of dust," the Genius had offered. The previous times I'd been to the Apple Store for the same computer with the same problem -- a misbehaving keyboard -- Geniuses had said to me these exact same nonchalant words, and I had been stunned into silence, the first time because it seemed so improbable to blame such a core problem on such a small thing, and the second time because I couldn't believe the first time I was hearing this line that it was not a fluke. But this time, the third time, I was ready. "Hold on," I said. "If a single piece of dust lays the whole computer out, don't you think that's kind of a problem?"

Read more of this story at Slashdot.

[syndicated profile] slashdot_feed

Posted by msmash

An anonymous reader shares a report: The next big function to take off on Amazon's Echo devices will be voice or video calling -- which is a way Alexa can reduce the need to have your smartphone on your at all times, said Rohit Prasad, VP and Head Scientist at Alexa Machine Learning. "If you have not played with calling and the video calls on Echo Show, you should try it because that is revolutionizing how you can communicate," Prasad said in an exclusive interview with CNBC at an Alexa Accelerator event in Seattle Tuesday night. (The event is dedicating to developing new voice-powered technologies.) "When you can drop in on people who have given you access -- so I can drop in and call my mom in her kitchen without her picking any device -- it's just awesome." (Amazon added the ability to call mobile numbers and landlines for free onto Echo devices a few weeks ago.) Amazon doesn't have a smartphone that lets customers bring a digital assistant everywhere -- like Apple's Siri and Google's Assistant -- and communicating through Alexa devices is one way of reducing the need for a personal handset, Prasad said "I can easily drop in and talk to my kids," Prasad says. "They don't have a smartphone so that's my easiest way to talk to them. It's yet another area where Alexa is taking the friction away."

Read more of this story at Slashdot.

Надо похвастаться

Oct. 18th, 2017 06:27 pm
beldmit: (Человеческое лицо)
[personal profile] beldmit
Опубликован документ, к которому я приложил некоторое участие - спецификация на использование кириллицы в качестве доменных имён верхнего уровня.

IoT Cybersecurity: What's Plan B?

Oct. 18th, 2017 02:58 pm
[syndicated profile] bruce_schneier_feed

Posted by Bruce Schneier

In August, four US Senators introduced a bill designed to improve Internet of Things (IoT) security. The IoT Cybersecurity Improvement Act of 2017 is a modest piece of legislation. It doesn't regulate the IoT market. It doesn't single out any industries for particular attention, or force any companies to do anything. It doesn't even modify the liability laws for embedded software. Companies can continue to sell IoT devices with whatever lousy security they want.

What the bill does do is leverage the government's buying power to nudge the market: any IoT product that the government buys must meet minimum security standards. It requires vendors to ensure that devices can not only be patched, but are patched in an authenticated and timely manner; don't have unchangeable default passwords; and are free from known vulnerabilities. It's about as low a security bar as you can set, and that it will considerably improve security speaks volumes about the current state of IoT security. (Full disclosure: I helped draft some of the bill's security requirements.)

The bill would also modify the Computer Fraud and Abuse and the Digital Millennium Copyright Acts to allow security researchers to study the security of IoT devices purchased by the government. It's a far narrower exemption than our industry needs. But it's a good first step, which is probably the best thing you can say about this legislation.

However, it's unlikely this first step will even be taken. I am writing this column in August, and have no doubt that the bill will have gone nowhere by the time you read it in October or later. If hearings are held, they won't matter. The bill won't have been voted on by any committee, and it won't be on any legislative calendar. The odds of this bill becoming law are zero. And that's not just because of current politics -- I'd be equally pessimistic under the Obama administration.

But the situation is critical. The Internet is dangerous -- and the IoT gives it not just eyes and ears, but also hands and feet. Security vulnerabilities, exploits, and attacks that once affected only bits and bytes now affect flesh and blood.

Markets, as we've repeatedly learned over the past century, are terrible mechanisms for improving the safety of products and services. It was true for automobile, food, restaurant, airplane, fire, and financial-instrument safety. The reasons are complicated, but basically, sellers don't compete on safety features because buyers can't efficiently differentiate products based on safety considerations. The race-to-the-bottom mechanism that markets use to minimize prices also minimizes quality. Without government intervention, the IoT remains dangerously insecure.

The US government has no appetite for intervention, so we won't see serious safety and security regulations, a new federal agency, or better liability laws. We might have a better chance in the EU. Depending on how the General Data Protection Regulation on data privacy pans out, the EU might pass a similar security law in 5 years. No other country has a large enough market share to make a difference.

Sometimes we can opt out of the IoT, but that option is becoming increasingly rare. Last year, I tried and failed to purchase a new car without an Internet connection. In a few years, it's going to be nearly impossible to not be multiply connected to the IoT. And our biggest IoT security risks will stem not from devices we have a market relationship with, but from everyone else's cars, cameras, routers, drones, and so on.

We can try to shop our ideals and demand more security, but companies don't compete on IoT safety -- and we security experts aren't a large enough market force to make a difference.

We need a Plan B, although I'm not sure what that is. Comment if you have any ideas.

This essay previously appeared in the September/October issue of IEEE Security & Privacy.

[syndicated profile] slashdot_feed

Posted by msmash

An anonymous reader writes: Earlier today, Google released version 62 of its Chrome browser that comes with quite a few new features but also fixes for 35 security issues. The most interesting new features are support for OpenType variable fonts, the Network Quality Estimator API, the ability to capture and stream DOM elements, and HTTP warnings for the browser's Normal and Incognito mode. The most interesting of the new features is variable fonts. Until now, web developers had to load multiple font families whenever they wanted variations on a font family. For example, if a developer was using the Open Sans font family on a site, if he wanted a font variation such as Regular, Bold, Black, Normal, Condensed, Expanded, Highlight, Slab, Heavy, Dashed, or another, he'd have to load a different font file for each. OpenType variable fonts allow font makers to merge all these font family variations in one file that developers can use on their site and control via CSS. This results in fewer files loaded on a website, saving bandwidth and improving page load times. Two other features that will interest mostly developers are the Network Quality Estimator and the Media Capture from DOM Elements APIs. As the name hints, the first grants developers access to network speed and performance metrics, information that some websites may use to adapt video streams, audio quality, or deliver low-fi versions of their sites. Developers can use the second API -- the Media Capture from DOM Elements -- to record videos of how page sections behave during interaction and stream the content over WebRTC. This latter API could be useful for developers debugging a page, but also support teams that want to see what's happening on the user's side.

Read more of this story at Slashdot.

[syndicated profile] slashdot_feed

Posted by BeauHD

AnalogDiehard writes: The recent -- and questionable -- practice of technological and pharmaceutical companies selling their patents to U.S. native Indian tribes (where they enjoy "sovereign immunity" from the inter partes review (IPR) process of the PTO) and then the tribes licensing them back to the companies is drawing scrutiny from a federal court and has inspired a new U.S. bill outlawing the practice. The IPR process is a "fast track" (read: much less expensive) process through the PTO to review the validity of challenged patents -- it is loved by defendants and hated by patent holders. Not only has U.S. Circuit Judge William Bryson invalidated Allergan's pharmaceutical patents due to "obviousness," he is questioning the legitimacy of the sovereign immunity tactic. The judge was well aware that the tactic could endanger the IPR process, which was a central component of the America Invents Act of 2011, and writes that sovereign immunity "should not be treated as a monetizable commodity that can be purchased by private entities as part of a scheme to evade their legal responsibility." U.S. Senator Claire McCaskill (D-Mo.) -- no stranger to abuses of the patent system -- has introduced a bill that would outlaw the practice she describes as "one of the most brazen and absurd loopholes I've ever seen and it should be illegal." Sovereign immunity is not absolute and has been limited by Congress and the courts in the past. The bill would apply only to the IPR proceedings and not to patent disputes in federal courts.

Read more of this story at Slashdot.

Будущее

Oct. 18th, 2017 03:42 pm
alien3: (Default)
[personal profile] alien3
Забавно наблюдать, как подкрадывается будущее, иначе, чем в фильмах про Марти Макфлая, но всё равно красиво. Я помню, как больше 13 лет назад в бумажной «Компьютерре» описывалась история появления сегвеев. Они не перевернули мир, как обещал создатель, но стали чем-то привычным в развитых городах.
Филипп Терехов ([livejournal.com profile] lozga), известный популяризатор космонавтики из Уфы, часто пишет про сегвеи, электросамокаты, гироскутеры и моноколеса в России. Никита Попов в лагере космической подготовки для детей «Шумгам» учит детей кататься на гироскутерах, что развивает равновесие.
У меня на работе есть коллеги, которые приезжают на работу на моноколёсах, со шлемами на голове.

Это круто, конечно, но я всё равно больше восхищаюсь людьми на скейтбордах.

Например, молодая и «хрупкая» художница Настя Просочкина ([livejournal.com profile] anestazy) совершенно спокойно перемещается по узким улицам Петербурга на скейте. Для меня это чудо, так как, получив много негативного опыта перемещения по городу на велосипеде, я предпочитаю общественный транспорт и ходить пешком.

А Настя герой, не зря её так сильно интересует космонавтика:


Кстати, сейчас Настя запустила предпродажу перекидного календаря на 2018 год формата А3. В нём использованы цифровые версии её космических картин, а в месяцах отмечены даты из истории космонавтики.
Смотреть дальше )
kostya_moskowit: (Default)
[personal profile] kostya_moskowit
По данным Росстата, сейчас в экономике России заняты около 72 млн человек. На них приходится 450 профессий, при этом около 50% работников заняты только в 28 из них. На первом месте по числу занятых на протяжении последних 15 лет — профессия водителя, это 5 млн россиян, или 7% занятых. На втором — 4,9 млн продавцов (6,8% занятых). Третье место (2 млн человек, или 2,8% занятых) за учителями средних школ. Также в десятке наиболее массовых российских профессий: сельхозработники (2,5%), финансисты (2,4%), грузчики (2,3%), уборщики (2,1%), медперсонал (1,9%), охранники (1,8%) и руководители производственно-эксплуатационных подразделений (1,6%).

Ъ - https://www.kommersant.ru/doc/3441720


Непропорциональное число учителей средних школ. 2 млн человек. При том, что у нас пирамида возрастов из-за низкой рождаемости - перевернутая. В школах учатся 11 лет и сейчас в школах 15,5 млн. школьников. Выходит на 8 учеников - один учитель. Многовато.

И все замечают, что из-за плохих дорог и низкой частной автомобилезации у нас слишком много профессиональных водителей - которые кого-то и что-то возят - таксисты, персональные водители, офисные водители, водители грузовиков, трамваем, троллейбусов, автобусов, маршруток, автозаков и т.д. У нас и в полиции есть отдельные должности водителей, хотя в нормальных странах на работу просто не берут полицейского, который не умеет управлять автомобилем.

Profile

vitus_wagner: My photo 2005 (Default)
vitus_wagner

October 2017

S M T W T F S
123 456 7
89 101112 1314
1516 17 18192021
22232425262728
293031    

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Oct. 19th, 2017 02:00 am
Powered by Dreamwidth Studios