Facebook Asks Users About Coronavirus Symptoms, Releases Friendship Data To Researchers
technology - Posted On:2020-04-07 08:14:57 Source: slashdot
Facebook said on Monday it would start surveying some U.S. users about their health as part of a Carnegie Mellon University research project aimed at generating "heat maps" of self-reported coronavirus infections. From a report: The social media giant will display a link at the top of users' News Feeds directing them to the survey, which the researchers say will help them predict where medical resources are needed. Facebook said it may make surveys available to users in other countries too, if the approach is successful. Facebook said in a blog post that the Carnegie Mellon researchers "won't share individual survey responses with Facebook, and Facebook won't share information about who you are with the researchers." Read more of this story at Slashdot.
Russian Telco Hijacked Internet Traffic of Google, AWS, Cloudflare, and Others
technology - Posted On:2020-04-07 05:14:57 Source: slashdot
Last week, traffic meant for more than 200 of the world's largest content delivery networks (CDNs) and cloud hosting providers was suspiciously redirected through Rostelecom, Russia's state-owned telecommunications provider. From a report: The incident affected more than 8,800 internet traffic routes from 200+ networks, and lasted for about an hour. Impacted companies are a who's who in the cloud and CDN market, including big names such as Google, Amazon, Facebook, Akamai, Cloudflare, GoDaddy, Digital Ocean, Joyent, LeaseWeb, Hetzner, and Linode. Read more of this story at Slashdot.
uTorrent is the Most Used BitTorrent Client By Far
it - Posted On:2020-04-07 03:14:57 Source: slashdot
Ernesto, writing for TorrentFreak: With help from iknowwhatyoudownload we looked at over 25 million logged BitTorrent connections on a single day last week. This reveals that more than two-thirds (68.6%) of these were using uTorrent's desktop version. The vast majority of these users were updated to the most recent 3.5.5 release, but dozens of older versions are in use as well. Although no longer officially supported, there are also hundreds of thousands of people who still use uTorrent for Mac. The most popular Mac client, however, appears to be Transmission. This is a notable change compared to a decade ago when its market share was much lower. Although Transmission also has a beta Windows release, that userbase is believed to be relatively small. Below is an overview of all software with at least 0.1% market share -- which translates to roughly 25,000 logged connections. Read more of this story at Slashdot.
NVIDIA Is Contributing Its AI Smarts To Help Fight COVID-19
technology - Posted On:2020-04-06 18:29:59 Source: slashdot
NVIDIA is using its background in AI and optimizing supercomputer throughput to the COVID-19 High Performance Computing Consortium group, which plans to support researchers by giving them time with 30 supercomputers offering a combined 400 petaflops of performance. Engadget reports: NVIDIA will add to this by providing expertise in AI, biology and large-scale computing optimizations. The company likened the Consortium's efforts to the Moon race. Ideally, this will speed up work for scientists who need modelling and other demanding tasks that would otherwise take a long time. NVIDIA has a number of existing contributions to coronavirus research, including the 27,000 GPUs inside the Summit supercomputer and those inside many of the computers from the crowdsourced Folding@Home project. This is still a significant step forward, though, and might prove lifesaving if it leads to a vaccine or more effective containment. Read more of this story at Slashdot.
Russia Accused of Spreading Coronavirus Disinformation
technology - Posted On:2020-04-05 15:45:00 Source: slashdot
Two associate professors studying foreign trolls online have penned an op-ed in the Washington Post arguing that Russian efforts to stir up antagonisms online "continues to be true with coronavirus disinformation." In our research, we have found multiple networks of fake accounts — one of which we can attribute to Russia — that use conversations about coronavirus as a tool for political attacks. To right-leaning Americans, these trolls criticize the response from liberals, suggest the coronavirus is being used to take away their freedoms, and point the finger of blame at China. To left-wing Americans, they suggest the administration's response is immoral and inadequate and point the finger of blame at Trump. On both sides, these are arguments that real Americans are also making, typically with honest intentions. The attacks play to the trolls' goals, however, and so they repeat them, making the loudest and ugliest versions more mainstream. In doing so, they dangerously widen existing divisions in a time of crisis, making critical compromise more difficult. As before, these networks rely on hashtags from organic American conversations, such as #TrumpLiedPeopleDied and #ReopenAmerica. They aren't creating the divisions, but they are working hard to make them wider.... Many commentators have discussed various ways in which the United States has acted to make the coronavirus crisis worse than it could or should be. The public's own role in spreading global disinformation needs to be added to that list. We have to address our own culpability in the problems that are fomented by disinformation. At a time when most news and information people digest is socially mediated, we need to create citizens and platforms that are more resilient to lies and more accepting of facts. Above all, however, we need to stop doing the trolls' jobs for them. The article also cites "websites peddling conspiracy theories" (including what it calls the "Chinese lab origin theory, among other fearmongering stories related to the virus.") "Among those accounts circulating the stories are pro-Russian and Russian state media-affiliated social media influencers." Read more of this story at Slashdot.
What It's Like To Attend a Conference -- in Person -- in the Age of Covid-19?
it - Posted On:2020-04-05 11:45:05 Source: slashdot
What happens when no one shows up for a tech conference? Fast Company's technology editor harrymcc writes: From Apple to Microsoft to Google, major tech companies have responded to the coronavirus crisis by either canceling their 2020 conference or making them purely virtual. But one well-established event — Vancouver's CanSecWest — went ahead earlier this month, with streaming as an option but not mandatory. Only three attendees showed up in the flesh. But so did security reporter Seth Rosenblatt, who wrote about the eerie experience for Fast Company. They were outnumbed by the six staffers at the event -- "there to run the online component" -- but the article notes that the conference's organizer and founder promised all attendees "infrared body temperature checks, on-site coronavirus testing, ample supplies of disposable face masks and hand sanitizer, and restrictions on physical contact and interaction..." "Empty hallways and escalators echoed with every footstep, and it smelled empty, the ventilation system circulating unused air. At the conference registration desk, I was offered a disposable surgical face mask and gloves." Read more of this story at Slashdot.
Coronavirus: Could Etsy Help Save the World?
technology - Posted On:2020-04-05 03:14:58 Source: slashdot
Long-time Slashdot reader theodp writes: With the CDC now recommending wearing cloth face coverings in public settings, Etsy has called in the cavalry, encouraging additional sellers on its platform to start creating and offering face masks to help meet an already significant demand for fabric face masks. "We believe that the Etsy community is uniquely positioned to address this crucial need during a global health crisis," Etsy CEO Josh Silverman said in a statement. "We hope that increasing the availability of fabric, non-medical grade face masks from Etsy sellers will allow more medical and surgical masks to reach the people who need them most: front-line health care workers." Read more of this story at Slashdot.
U.S. Government: Update Chrome 80 Now, Multiple Security Concerns Confirmed
it - Posted On:2020-04-04 18:44:59 Source: slashdot
Part of America's Department of Homeland Security, the Cybersecurity and Infrastructure Security Agency (CISA) "has advised users to update Google Chrome as new high-rated security vulnerabilities have been found," reports Forbes: In an April 1 posting, CISA confirmed that Google Chrome version 80.0.3987.162 "addresses vulnerabilities that an attacker could exploit to take control of an affected system," be that Windows, Mac or Linux. It went on to state that it "encourages" users and administrators to apply the update. It's not just CISA that is warning about the need to update Google Chrome. The Center for Internet Security (CIS) is a non-profit entity that works to safeguard both private and public organizations against cyber threats. In a multi-state information sharing and analysis center (MS-ISAC) advisory, it has also warned of multiple vulnerabilities in Google Chrome. The most severe of these could allow an attacker to achieve arbitrary code execution within the context of the browser... All it would take for an attacker to exploit the vulnerabilities is to get the user to visit, by way of a phishing attack or even redirection from a compromised site, a maliciously crafted web page. Beside three high-rated vulnerabilities, Forbes reports that "a further five security vulnerabilities were discovered by the Google internal security team using a combination of internal audits and fuzzing." Read more of this story at Slashdot.
How the Telephone Failed Its Big Test During 1918's Spanish Flu Epidemic
technology - Posted On:2020-04-04 14:44:59 Source: slashdot
Fast Company's technology editor harrymcc writes: When the Spanish flu struck in 1918, the U.S. reacted in ways that sound eerily familiar, by closing public places and telling people to stay at home. The one technology that promised to make isolation less isolating was the telephone, which was used for commerce, education, and even news distribution. But the phone itself got caught up in the flu's damaging impact on society, and AT&T ended up running ads asking people not to make calls if at all possible. I wrote about this little-known tale of technology's promise and pitfalls for Fast Company. The article shows some strange glimpses of a very different time. "A New York Telephone ad even warned that operators might inquire about the nature of a call to ensure that it was truly necessary." Read more of this story at Slashdot.
Not Just 'The Death of IT'. Cringely Also Predicts Layoffs For Many IT Contractors
it - Posted On:2020-04-04 11:45:00 Source: slashdot
Last week long-time tech pundit Robert Cringely predicted "the death of IT" in 2020 due to the widespread adoption of SD-WAN and SASE. Now he's predicting "an even bigger bloodbath as IT employees at all levels are let go forever," including IT consultants and contractors. My IT labor death scenario now extends to process experts (generally consultants) being replaced with automation. In a software-defined network, whether that's SD-WAN or SASE, so much of what used to be getting discreet boxes to talk with one another over the network becomes a simple database adjustment. The objective, in case anyone forgets (as IT, itself, often does) is the improvement of the end-user experience, in this case through an automated process. With SD-WAN, for example, there are over 3,000 available Quality of Service metrics. You can say that Office 365 is a critical metric as just one example. Write a script to that effect into the SD-WAN database, deploy it globally with a keyclick and you are done... It's slowly dawning on IBM [and its competitors] that they have to get rid of all those process experts and replace them with a few subject matter experts. Here's the big lesson: with SD-WAN and SASE the process no longer matters, so knowing the process (beyond a few silverbacks kept on just in case the world really does end) isn't good for business. Cringely predicts the downgrading of corporate bonds will also put pressure on IBM and its competitors, perhaps ultimately leading to a sale or spin-off at IBM. "Either they sell the parts that don't make money, which is to say everything except Red Hat and mainframes, or they sell the whole darned thing, which is what I expect to happen." With that he predicts thousands of layoffs or furloughs — and while the bond market puts IBM in a bigger bind, "this could apply in varying degrees to any IBM competitors." Read more of this story at Slashdot.
Y Combinator Company 'Flexport' Is Shipping PPE To Frontline Responders
technology - Posted On:2020-04-04 10:44:57 Source: slashdot
The Y Combinator company Flexport is a San Francisco-based freight-forwarding and customs brokerage company. (Its investors include Google Ventures and Peter Thiel's Founders Fund.) But on March 23rd Flexport announced they were now re-focusing all their resources to get critical supplies to frontline responders combating COVID-19. They've joined a team that announced on Friday announced "we're shipping full cargo planes filled with PPE to protect frontline responders," citing a partnership with Atlas Air and United Airlines. Atlas Air delivered a dedicated charter plane for this mission on Thursday, April 2nd. Originating in Shanghai, the plane contained over 143,000 pounds of PPE for medical systems in California, including approximately: - 4,500,000 medical masks - 116,000 disposable medical protection coveralls - 121,300 surgical gowns For this volume of goods, significant capacity is needed on a plane. However, global travel has plunged because of the outbreak, meaning that passenger planes which used to carry cargo are grounded, and the air market capacity is extremely limited. And hospitals, who in normal situations aren't importing their own goods, can't arrange cargo on a plane on their own... Crews from United Airlines volunteered to help, arriving at SFO [San Francisco International Airport] at 6AM to unload and unpack the plane. The cargo was then put on a truck and delivered directly to hospitals that will distribute the PPE across the state based on need... Up next, we're moving cargo to New York and will share updates next week. Please continue to help us spread the word to support the response efforts. They're raising money on GoFundMe, and this "Frontline Responders Fund" has so far raised over $6 million from 15,800 donors. Their page notes that on Thursday former California governor Arnold Schwarzenegger "personally helped us deliver a trucking shipment from MedShare with 49,000 donated masks to a hospital in Los Angeles, California." Their page also notes donations have funded the trucking of goods across America from nonprofits, including: All Hands and All Hearts Smart Response, who delivered over 43,000 units of gloves, gowns, face masks, goggles, and hand sanitizer to emergency rooms and hospitals in New York City and Southern California. Donate PPE, who delivered over 3,750 N95 respirator masks to hospitals in Brooklyn, NY yesterday One of their supporters is actor Clark Gregg, who plays agent Coulson in five Marvel movies and the TV series Agents of S.H.I.E.L.D. He records personalized video greetings for fans through a web site called Cameo, and through Wednesday he donated 100% of the money earned to the Frontline Responders Fund. Read more of this story at Slashdot.
A Hacker Found a Way To Take Over Any Apple Webcam
it - Posted On:2020-04-04 09:14:56 Source: slashdot
An anonymous reader quotes a report from Wired: Apple has a well-earned reputation for security, but in recent years its Safari browser has had its share of missteps. This week, a security researcher publicly shared new findings about vulnerabilities that would have allowed an attacker to exploit three Safari bugs in succession and take over a target's webcam and microphone on iOS and macOS devices. Apple patched the vulnerabilities in January and March updates. But before the fixes, all a victim would have needed to do is click one malicious link and an attacker would have been able to spy on them remotely. The bugs Pickren found all stem from seemingly minor oversights. For example, he discovered that Safari's list of the permissions a user has granted to websites treated all sorts of URL variations as being part of the same site, like https://www.example.com, http://example.com and fake://example.com. By "wiggling around," as Pickren puts it, he was able to generate specially crafted URLs that could work with scripts embedded in a malicious site to launch the bait-and-switch that would trick Safari. A hacker who tricked a victim into clicking their malicious link would be able to quietly launch the target's webcam and microphone to capture video, take photos, or record audio. And the attack would work on iPhones, iPads, and Macs alike. None of the flaws are in Apple's microphone and webcam protections themselves, or even in Safari's defenses that keep malicious sites from accessing the sensors. Instead, the attack surmounts all of these barriers just by generating a convincing disguise. Read more of this story at Slashdot.
Zoom's Encryption Is 'Not Suited for Secrets' and Has Surprising Links To China, Researchers Discover
technology - Posted On:2020-04-03 12:45:00 Source: slashdot
Meetings on Zoom, the increasingly popular video conferencing service, are encrypted using an algorithm with serious, well-known weaknesses, and sometimes using keys issued by servers in China, even when meeting participants are all in North America, according to researchers at the University of Toronto. From a report: The researchers also found that Zoom protects video and audio content using a home-grown encryption scheme, that there is a vulnerability in Zoom's "waiting room" feature, and that Zoom appears to have at least 700 employees in China spread across three subsidiaries. They conclude, in a report for the university's Citizen Lab -- widely followed in information security circles -- that Zoom's service is "not suited for secrets" and that it may be legally obligated to disclose encryption keys to Chinese authorities and "responsive to pressure" from them. Read more of this story at Slashdot.
A Hacker Has Wiped, Defaced More Than 15,000 Elasticsearch Servers
technology - Posted On:2020-04-03 12:15:00 Source: slashdot
For the past two weeks, a hacker has been breaking into Elasticsearch servers that have been left open on the internet without a password and attempting to wipe their content, while also leaving the name of a cyber-security firm behind, trying to divert blame. From a report: According to security researcher John Wethington, one of the people who saw this campaign unfolding and who aided ZDNet in this report, the first intrusions began around March 24. The attacks appear to be carried with the help of an automated script that scans the internet for ElasticSearch systems left unprotected, connects to the databases, attempts to wipe their content, and then creates a new empty index called nightlionsecurity.com. The attacking script doesn't appear to work in all instances, though, as the nightlionsecurity.com index is also present in databases where the content has been left intact. Read more of this story at Slashdot.
Facebook Wanted NSO Spyware To Monitor Users, NSO CEO Claims
technology - Posted On:2020-04-03 11:30:01 Source: slashdot
Facebook representatives approached controversial surveillance vendor NSO Group to try and buy a tool that could help Facebook better monitor a subset of its users, according to an extraordinary court filing from NSO in an ongoing lawsuit. From a report: Facebook is currently suing NSO for how the hacking firm leveraged a vulnerability in WhatsApp to help governments hack users. NSO sells a product called Pegasus, which allows operators to remotely infect cell phones and lift data from them. According to a declaration from NSO CEO Shalev Hulio, two Facebook representatives approached NSO in October 2017 and asked to purchase the right to use certain capabilities of Pegasus. At the time, Facebook was in the early stages of deploying a VPN product called Onavo Protect, which, unbeknownst to some users, analyzed the web traffic of users who downloaded it to see what other apps they were using. According to the court documents, it seems the Facebook representatives were not interested in buying parts of Pegasus as a hacking tool to remotely break into phones, but more as a way to more effectively monitor phones of users who had already installed Onavo. Read more of this story at Slashdot.
Google Is Publishing Location Data From 131 Countries To Show How Coronavirus Lockdowns Are Working
technology - Posted On:2020-04-03 10:44:57 Source: slashdot
Google is using the location data it collects from billions of smartphones to show how people's movements have changed as governments around the world lock down cities and issue shelter in place orders to slow down the spread of the coronavirus. From a report: Reports generated using this data, which is normally used to show how busy a certain location is on Google Maps, and which Google says does not identify individual people, are freely available on a brand new website called COVID-19 Community Mobility Reports. "We have heard from public health officials that this same type of aggregated, anonymized data could be helpful as they make critical decisions to combat COVID-19," wrote Google senior vice president Jen Fitzpatrick and Karen DeSalvo, chief health officer for Google Health, in a blog post published Friday. The data is currently available for 131 countries, and in many locations including the US, you can also access data for individual counties. Read more of this story at Slashdot.
Scientists Develop AI That Can Turn Brain Activity Into Text
technology - Posted On:2020-04-03 09:14:57 Source: slashdot
An anonymous reader quotes a report from The Guardian: Writing in the journal Nature Neuroscience, [researchers from the University of California, San Francisco] reveal how they developed their system by recruiting four participants who had electrode arrays implanted in their brain to monitor epileptic seizures. These participants were asked to read aloud from 50 set sentences multiple times, including "Tina Turner is a pop singer," and "Those thieves stole 30 jewels." The team tracked their neural activity while they were speaking. This data was then fed into a machine-learning algorithm, a type of artificial intelligence system that converted the brain activity data for each spoken sentence into a string of numbers. To make sure the numbers related only to aspects of speech, the system compared sounds predicted from small chunks of the brain activity data with actual recorded audio. The string of numbers was then fed into a second part of the system which converted it into a sequence of words. At first the system spat out nonsense sentences. But as the system compared each sequence of words with the sentences that were actually read aloud it improved, learning how the string of numbers related to words, and which words tend to follow each other. The team then tested the system, generating written text just from brain activity during speech. The system was not perfect, but for one participant just 3% of each sentence on average needed correcting -- "higher than the word error rate of 5% for professional human transcribers," the report says. "But, the team stress, unlike the latter, the algorithm only handles a small number of sentences." "The team also found that training the algorithm on one participant's data meant less training data was needed from the final user -- something that could make training less onerous for patients." Read more of this story at Slashdot.
New York Finally Legalizes Electric Bikes and Scooters
technology - Posted On:2020-04-02 20:59:59 Source: slashdot
Included in New York's tentative budget agreement reached on April 1st is a provision that would legalize throttle-based bikes and scooters. The Verge reports: The budget language almost exactly mirrors a bill that passed the New York State Legislature last year but was inexplicably vetoed at the last minute by Gov. Andrew Cuomo. It changes state law to legalize e-bikes and scooters but would give localities the ability to decide for themselves how to regulate the vehicles. Throttle-based e-bikes favored by delivery workers would be legal, and dockless scooter services like Bird and Lime would need to be permitted by municipalities before launching. Scooters would stay illegal in Manhattan, though the city could eventually overrule that provision. The budget language would create three classes of e-bikes: Class 1 is pedal-assisted with no throttle; Class 2 is throttle-assisted with a maximum speed of 20 mph; and Class 3 is throttle-powered with a maximum speed of 25 mph. E-scooters would be capped at 15 mph, and riders under 18 years of age would be required to wear a helmet. Helmets would also be required for riders of Class 3 e-bikes. (Food delivery workers, who favor these bikes, are already required by law to wear helmets.) But the budget is undoubtedly a huge win for delivery workers and immigrant rights groups that have been fighting for nearly a decade to overturn the rules. Read more of this story at Slashdot.
Boeing 787s Must Be Turned Off and On Every 51 Days To Prevent 'Misleading Data' Being Shown To Pilots
technology - Posted On:2020-04-02 18:14:59 Source: slashdot
The U.S. Federal Aviation Administration has ordered Boeing 787 operators to switch their aircraft off and on every 51 days to prevent what it called "several potentially catastrophic failure scenarios" -- including the crashing of onboard network switches. The Register reports: The airworthiness directive, due to be enforced from later this month, orders airlines to power-cycle their B787s before the aircraft reaches the specified days of continuous power-on operation. The power cycling is needed to prevent stale data from populating the aircraft's systems, a problem that has occurred on different 787 systems in the past. According to the directive itself, if the aircraft is powered on for more than 51 days this can lead to "display of misleading data" to the pilots, with that data including airspeed, attitude, altitude and engine operating indications. On top of all that, the stall warning horn and overspeed horn also stop working. This alarming-sounding situation comes about because, for reasons the directive did not go into, the 787's common core system (CCS) -- a Wind River VxWorks realtime OS product, at heart -- stops filtering out stale data from key flight control displays. That stale data-monitoring function going down in turn "could lead to undetected or unannunciated loss of common data network (CDN) message age validation, combined with a CDN switch failure." Solving the problem is simple: power the aircraft down completely before reaching 51 days. It is usual for commercial airliners to spend weeks or more continuously powered on as crews change at airports, or ground power is plugged in overnight while cleaners and maintainers do their thing. Read more of this story at Slashdot.
Moscow To Launch Mandatory Surveillance App To Track Residents In Coronavirus Lockdown
technology - Posted On:2020-04-02 17:00:00 Source: slashdot
An anonymous reader quotes a report from NPR: City authorities in Moscow are rolling out new digital "social monitoring" tools targeting the public, after what officials say were constant violations of the city's quarantine imposed this week to fight the spread of the new coronavirus. Under restrictions in place since Monday, most of the city's 12 million residents must remain indoors, barring a few exceptions -- like trips to the supermarket or pharmacy, taking out the trash or briefly walking the dog. But starting Thursday, Muscovites will have their movements tracked through a mandatory app required on their smartphones. Don't have one? The city says it will lend out devices. In addition, Moscow residents will be obligated to register for a government-issued QR code -- a small square matrix bar code containing personal data. What information the codes will hold isn't yet clear. But Russians must present it on their smartphones or carry a printout of their QR profiles to present to police, when requested. (City officials say they're also preparing to educate the public -- and elder Russians, in particular -- on what a QR code actually is.) The new tools will merge with existing street cameras and face recognition software to quickly identify residents who stray from their homes and/or quarantines, say authorities. President Putin also signed a bill into law on Wednesday that introduces criminal penalties for skipping quarantine and infecting others. They include fines and up to seven years in prison. Read more of this story at Slashdot.