SoylentNews

GlennC writes:

From Naked Security: https://nakedsecurity.sophos.com/2015/08/25/pirate-sites-ban-windows-10-over-privacy-worries/

There's been a good amount of privacy freak-out over Windows 10. Concerns have been sparked by things such as the Wi-Fi password sharing feature and the fact that Windows 10 by default shares a lot of your personal information - contacts, calendar details, text and touch input, location data, and what Ars Technica calls "a whole lot more" - with Microsoft's servers.

It's gotten to the point where, as TorrentFreak reports, some smaller pirate sites have become so concerned that Windows 10 systems will phone home with too many hints about their users, that the sites' administrators have started blocking Windows users from the BitTorrent trackers hosted on their sites.

One of those sites, iTS, released a statement which referred to Windows 10's "outrageous privacy violations", which, it says, include...

        [sending] the contents of your local disks directly to one of their servers.

Thus, since Thursday, Windows 10 has officially been banned from iTS until "special versions" surface that undo this purported privacy wreckage.

On a personal note, I'd like to see this "Special Version" too.

Original Submission

The Mighty Buzzard writes:

Another year passes and everyone gets a just little bit older, including everyone's favorite penguin-mascotted OS. This day in 1991, Linus Torvalds announced the first release of the Linux kernel. At its birth, it was a paltry 10,239 lines of code with abysmal hardware support. Since then it's grown to nearly twenty million lines and pretty much everything you plug in just works. It's gone from a hobbyist OS that you really needed mad tech chops to even install to something most grandmothers could use without batting an eye. From running on a few select platforms to providing a stable platform for PCs, TVs, DVRs, routers, phones, tablets, cylons, etc... So, happy birthday, Linux. Here's to twenty-four years with many more to come.

Now normally in an article like this we'd end up reminiscing, saying things about how awesome linux is, and arguing with *BSD/Windows fanbois and the ever-present trolls in the comments. Let's try a little something different this time. What do you remember about Linux's early days that completely and utterly sucked but that new users will never have to experience?

Original Submission

"exec" writes:

For reasons lost in the mists of time - or possibly to impared memory function - the number ‘420’ is code for pot. As such, mile markers and other signs bearing that number have become targets for trophy-hunting cannabis enthusiasts.

To combat this expensive annoyance, the State of Idaho has turned to to strategic inaccuracy, labeling their at-risk mile-markers a tenth short to become less appealing to would-be thieves.

-- submitted from IRC

Original Submission

AnonTechie writes:

Quantum key distribution is regularly touted as the encryption of the future. While the keys are exchanged on an insecure channel, the laws of physics provide a guarantee that two parties can exchange a secret key without knowing whether they're being overheard. This unencrypted-but-secure form of key exchange circumvents one of the potential shortcomings of some forms of public key systems.

However, quantum key distribution (QKD) has one big downside: the two parties need to have a direct link to each other. So, for instance, banks in and around Geneva use dedicated fiber links to perform QKD, but they can only do this because the link distance is less than 100 km. These fixed and short links are an expensive solution. A more flexible solution is required if QKD is going to be used for more general encryption purposes.

A group of Italian researchers have demonstrated the possibility of QKD via a satellite, which in principle (but not in practice) means that any two parties with a view of a satellite can exchange keys.

http://arstechnica.com/science/2015/08/reflective-satellites-may-be-the-future-of-high-end-encryption/

Original Submission

Phoenix666 writes:

In the online world, a number of companies use algorithms to set or suggest prices. eBay, for example, tells you what similar products have sold for and lets you choose a price based on that information. eBay’s pricing problem was relatively simple to solve: It didn’t matter where the sellers and buyers were or whether you’re selling the product today or next week. Meanwhile, over at Uber and Lyft, the ride-sharing companies, geography and time do matter—but these two companies simply set prices by decree; there is no user choice or need for transparency in how the prices are determined.

At Airbnb, we faced an unusually complex problem. Every one of the million-plus listings on our site is unique, having its own address, size, and decor. Our hosts also vary in their willingness to play concierge, cook, or tour guide. And events—some regular, like seasonal weather changes; others unusual, like large local events—muddy the waters even further.

The article is in part an advertisement for AirBnB, but there's also interesting detail there for those aspiring- or current online entrepreneurs.

Original Submission

takyon writes:

Steven Aftergood of FAS Secrecy News reports that the Intelligence Community Directive 191 signed by James Clapper on July 21st includes an obligation to protect endangered persons under certain circumstances:

Intelligence agencies that discover a threat to a person's life or safety are obliged to alert the intended target in most cases as long as they can do so without compromising intelligence sources and methods, a new intelligence community directive instructs.

A U.S. intelligence agency "that collects or acquires credible and specific information indicating an impending threat of intentional killing, serious bodily injury, or kidnapping directed at a person or group of people shall have a duty to warn the intended victim or those responsible for protecting the intended victim, as appropriate," the new directive states. "This includes threats where the target is an institution, place of business, structure, or location." Remarkably, "the term intended victim includes both U.S. persons... and non-U.S. persons."

The "duty to warn" obligation, which in principle dates back at least several decades, was formally established last month by Director of National Intelligence James R. Clapper in Intelligence Community Directive 191, July 21, 2015. It is not binding in all circumstances, however. Notification of the target would be waived if it "would unduly endanger U.S. government personnel, sources, methods, intelligence operations, or defense operations."

The notification requirement also does not apply in cases where the threat emanates from the U.S. government itself, whether in combat operations or in "covert" targeted killing programs. Thus, the directive states that the requirement would be appropriately waived when "There is a reasonable basis for believing that the intended victim is a terrorist, a direct supporter of terrorists, an assassin, a drug trafficker, or involved in violent crimes." Likewise, no notification would be required in cases where "The intended victim is at risk only as a result of the intended victim's participation in an insurgency, insurrection, or other armed conflict." Nor is notice needed when the intended victim "is already aware of the specific threat."

Original Submission

mendax writes:

It was twenty years ago yesterday (August 24, 2015) that Windows 95 was introduced, says El Reg.

Windows 95 was a great success, despite not being the most stable of operating systems. Microsoft's own Windows NT 3.1, released two years earlier, was built on stronger foundations, but high system requirements and lack of compatibility with many DOS applications and games made it unsuitable for consumers. Windows 95 was better in both respects, running in as little as 4MB of RAM – though painfully, with 8MB a more realistic minimum – and retaining DOS complete with 16-bit device driver support.

At the time, most PCs ran Windows 3.1 or 3.11 (Windows for Workgroups), and IBM was pushing OS/2 as a "better Windows than Windows". Windows 95 was a considerable improvement on Windows 3.x, with pre-emptive multitasking, mostly 32-bit code, and plug and play hardware detection. There was also new support for "portable computers", with a battery indicator on the taskbar and the ability to suspend the system without turning it off completely.

Perhaps what I'm going to say will be controversial, but I'm of the opinion that Windows 95 is the greatest software engineering feat ever, given the challenge Microsoft faced at that time. Unlike Apple, which continues to make its own computers, Microsoft did not and, therefore, had to do a vast amount of testing in order to ensure that Windows 95 would work on most existing 32-bit Intel machines.

eof writes:

A study by the researchers behind edX, MITx, and HarvardX has discovered the resourcefulness of massive open online course (MOOC) students in cheating to obtain the certificates offered. From a summary on an MIT page:

In a new working paper, researchers at MIT and Harvard University identify a new method of cheating specific to open online courses and recommend a number of strategies that prove effective in preventing such cheating.

[...] In this method of cheating, a user creates multiple accounts, one of which is the primary account that will ultimately earn a certificate. The other accounts are used to find or "harvest" the correct answers to assessment questions for the master account.

As someone who has taken a few MOOCs to see their potential, I thought this form of cheating would have been obvious from the start. The researchers discovered it when they found some users were answering questions "faster than is humanly possible." The method is referred to as CAMEO–"copying answers using multiple existences online". The magnitude of the problem appears to be small:

The researchers examined data gathered from 1.9 million course participants in 115 MOOCs offered by HarvardX and MITx from the fall of 2012 through the spring of 2015. They discovered that in 69 courses where users were found to have been employing the CAMEO strategy, 1.3 percent of the certificates earned (1,237 certificates) appeared to have been obtained through such cheating. Additionally, they found that among earners of 20 or more certificates, 25 percent appear to have used the CAMEO strategy. In some courses CAMEO users may account for as many as 5 percent of certificates earned.

Phoenix666 writes:

A British technology company has claimed a major smartphone breakthrough by developing an iPhone that can go a week without recharging, running instead off a built-in hydrogen fuel cell.

Intelligent Energy has made a working iPhone 6 prototype containing both a rechargeable battery and its own patented technology, which creates electricity by combining hydrogen and oxygen, producing only small amounts of water and heat as waste.

The company is believed to be working closely with Apple. In what it claims is a world first, it has incorporated a fuel cell system into the current iPhone 6 without any alteration to the size or shape of the device. The only cosmetic differences compared with other handsets are rear vents so an imperceptible amount of water vapour can escape.

The plan is to offer the fuel cells as disposable cartridges.

Original Submission

takyon writes:

Two separate U.S. teams have reportedly made progress on creating a universal influenza vaccine, according to the BBC:

Researchers say they are closer to developing a vaccine to give life-long protection against any type of flu, after promising trials in animals. Two separate US teams have found success with an approach that homes in on a stable part of the flu virus. That should remove the problem with current flu vaccines which must be given anew each year because they focus on the mutating part of the virus.

The proof-of-concept work is published in Science journal and Nature Medicine [both paywalled]. Studies are now needed in humans to confirm that the method will work in man.

Original Submission

Celestial writes:

Mozilla CEO Chris Beard has threatened to fire an anonymous person complaining about "social justice bullies" at Mozilla on Reddit, should the person be discovered to be an employee.

Chris Beard stated that the Reddit user aoiyama's complaints "crossed the line" in a series of posts about the women in the company, including recently departed community organizer Christie Koehler. In a series of tweets earlier this month, Koehler complained about Mozilla's lack of diversity in the workplace and its failure to address accessibility issues.

The Reddit user's comments:

"Frankly everyone was glad to see the back of Christie Koehler. She was batshit insane and permanently offended at everything," the user wrote. "When she and the rest of her blue-haired nose-pierced asshole feminists are gone, the tech industry will breathe a sigh of relief." It was that remark that appeared to trigger Beard's warning today. "When I talk about crossing the line from criticism to hate speech, I'm talking about when you start saying 'someone's kind doesn't belong here, and we'll all be happy when they're gone.'"

Original Submission

Arthur T. Knackerbracket writes:

Original URL: http://phys.org/news/2015-08-illegal-movie-downloaders-unprofitable.html

It has been a bad week for companies wanting to build businesses around make money from illegal movie downloaders. Last Friday saw an Australian judge refuse Voltage Pictures the rigth to send downloaders of Dallas Buyers Club a letter demanding an undisclosed payment. Justice Nye Perram decided that Voltage and its lawyers, were engaging in "speculative invoicing", a practice that is a form of legal blackmail: "pay us a large enough sum so that we don't take you to court where you will possibly face an even larger but unspecified fine".

Although this has effectively shut down an avenue of chasing money from downloaders in Australia through threatening letters, the practice continues unabated elsewhere. Alleged downloaders of the movie in Singapore have received letters ending in a settlement demand of around $5,000 Singapore. The letters sent threaten extremely large potential punishment, including prison sentences.

Law firms rushing to handle this work on behalf of Voltage Pictures should look to the case of Rightscorp in the US. Rightscorp is a company whose entire business is based on chasing alleged downloaders of movies and TV shows. They also engage in the practice of speculative invoicing, but so far, have found the business to be far from profitable. In 2014, Rightscorp reported a loss of $3.4 million, and so far this year have lost nearly a $1million in the first quarter alone.

Rightscorp ask for relatively small payments of US $20 and so either they will need to find more downloaders, or ask for more money. The problem with asking for more money is that if the stakes get too high, people might call their bluff and then Rightscorp would be faced with the expensive option of taking them to court.

Rightscorp is also finding that the process of unmasking downloaders is getting harder. In the US this week, a Judge denied an appeal that would have forced ISP Birch Communications to reveal the identities of their customers accused of downloading movies. In this case, Rightscorp has been using the practice of a "DMCA subpoena" to get the identities of downloaders from ISPs, even though this had been previously ruled inappropriate in a previous case involving the Recording Industry Association of America and Verizon in 2002.

Original Submission

Phoenix666 writes:

Microsoft has now released three cumulative updates for Windows 10. These updates combine security fixes with non-security bug fixes, and so far, Microsoft hasn't done a very good job of describing the contents of these cumulative updates. While the security content is quite fully described, explanations of the non-security fixes have been lacking.

Many, including your author, feel that this is undesirable and that a key part of the Windows-as-a-Service concept, in which Microsoft releases a steady stream of fixes and functional improvements, is a clear explanation of what those updates are. This is a new approach for Microsoft, and it seems like reassuring users and administrators that issues are getting fixed—and that functional changes are clearly described—should be important.
...
Unfortunately, it does not seem that the company intends to change this approach. Company representatives told The Register that while the company "may choose" to perform "additional promotion" of new features depending on their "significance," there's no intention of providing full release notes. This means that future patches are going to continue to say nothing more than "This update includes improvements to enhance the functionality of Windows 10."

Anybody want off the Microsoft train yet?

Original Submission

An Anonymous Coward writes in with news of some of the first Ashley Madison related suicides as well as a bounty offered by the site's parent company:

Two individuals associated with the leak of Ashley Madison customer details are reported to have taken their lives, according to police in Canada. The police in Toronto gave no further information about the deaths.

Ashley Madison's Canadian parent company Avid Life Media is offering a C$500,000 (£240,000) reward for information on the hackers, they added.

Scammers have reportedly moved quickly to exploit the leaked database:

[Toronto police's acting staff superintendent Bryce Evans] warned that miscreants were already moving in on panicked users of the websites, offering – for a fee of course – to remove the offending details from the database in exchange for one Bitcoin. This is, of course, impossible because the data is already out there, but Evans said this hadn't stopped the scammers trying it on.

The Canadian police have also discovered cases of scammers contacting people on the database and threatening to expose them to family and work colleagues if a payment wasn't sent. Anyone threatened in this way is urged to get in contact with the police via a special website or telephone number set up by Toronto police.

The investigative team can be reached at (416) 808-2040. Anonymous tips are always welcome through @1800222TIPS #AMcaseTPS

In related news:

• 15,000 U.S. government email addresses were found in the database, and Washington, D.C. reportedly had the highest membership rate of any city on the site.
• Defense Secretary Ashton Carter says that service members found to have used the site may face disciplinary action.
• From the EFF, Ashley Madison's Owners Give In to Temptation To Misuse The DMCA.
• From The Intercept, Email from a Married, Female Ashley Madison User.

Thexalon writes:

A federal judge recently ruled that banning photos of ballots was unconstitutional:

The ruling clears the way for New Hampshire voters to post their ballot selfies during the first-in-the-nation presidential primaries early next year.

New Hampshire's ban went into effect September 2014 and made it illegal for anyone to post a photo of a marked ballot and share it on social media. The violation was punishable by a fine of up to $1,000.

[...] Mashable's Juana Summers adds that the judge found "there was no evidence that vote-buying or voter coercion were current problems in New Hampshire."

This seems like an interesting legal question, with good arguments on both sides:
- For the ban: If a photograph of a marked ballot is taken from the voting booth, then the voter can verify their vote with an interested third party, including those that would seek to purchase or coerce their vote.
- Against the ban: Such a photograph is protected free speech, and thus cannot be legally banned.

What do Soylentils think about this?

Original Submission