SoylentNews

realDonaldTrump writes:

Equifax must implement tougher cybersecurity measures following a massive data breach last year, according to an agreement with state regulators.

The consent order will require the credit-reporting agency to bolster its data security defenses, establish an internal audit program and issue a report to state regulators by the end of July.

[...] The hack, which Equifax disclosed in September, exposed names, addresses and Social Security numbers for nearly 148 million Americans. Federal investigators have launched probes into the incident, and a bill recently signed by President Donald Trump includes a provision that requires credit-reporting firms to offer free credit freezes.

States order Equifax to bolster cybersecurity

Also at The New York Times, The Wall Street Journal and MarketWatch

Original Submission

MrPlow writes:

Submitted via IRC for Fnord666

[...] It hasn't previously been feasible to use capacitive sensing on extremely flexible, thin materials because they've needed to resist electrostatic forces that can either damage them or impede their movement.

"Researchers want the sensor to move with small forces from sound, without being affected by the electrostatic forces," Miles said.

In this most recent work, Miles has found a design that allows the thin, flexible sensor -- which could be spider silk or any other material just as thin -- to swing above two fixed electrodes.

"Because the sensor is at a 90-degree angle from the electrodes, the electrostatic forces don't affect its movement," said Miles.

Source: https://www.sciencedaily.com/releases/2018/06/180626113435.htm

Original Submission

c0lo writes:

ArsTechnica

The California Consumer Privacy Act of 2018 was approved unanimously by the state Senate and Assembly today and was signed by Gov. Jerry Brown.

A legislative bill summary says the law will give Californians "the right to know what PI [personal information] is being collected about them and whether their PI is being sold and to whom; the right to access their PI; the right to delete PI collected from them; the right to opt-out or opt-in to the sale of their PI, depending on age of the consumer; and the right to equal service and price, even if they exercise such rights."

The Consumers Union

Consumers Union, the advocacy division of Consumer Reports, was an early supporter of the ballot initiative. While the organization said it was pleased that many of the initiative’s provisions were included in the new law, it urged changes to certain aspects of the law that are different from the ballot initiative, and pledged to work for more substantial reforms.

Justin Brookman, the Director of Consumer Privacy and Technology Policy for Consumers Union, said, “We appreciate that this law advances consumer protections in several ways. It gives people access to the information that companies have about them. It extends the right to control the sale of your data, and it provides new security protections in the wake of the Equifax breach.

“However, we have serious concerns about how this legislation introduces very troubling concepts into law. We oppose a provision in the law that allows companies to charge higher prices to consumers who decline to have their information sold to third parties. The California state constitution grants people an inviolable right to privacy. Consumers should not be charged for exercising that right.

Original Submission

takyon writes:

'OK Google, give everybody in America a free speaker'

Alphabet Inc. should give every household in America a free Google Home Mini smart speaker, a Morgan Stanley analyst suggested Thursday.

The speakers currently retail for $49 each, which would mean spending about $3.3 billion. Morgan Stanley analyst Brian Nowak wrote Thursday that would be a "small price to pay" for Google-parent Alphabet. He estimated that the company could compensate for that cost about five times over through the operating profits it generates more generally from retail search over the next five years.

Nowak worries that Google is losing ground to Amazon.com Inc. when it comes to retail search queries, given that more purchases are being made through voice commands and Amazon is widely thought to have a lead on Google in terms of smart-speaker penetration. He projects that roughly 70% of households will have speakers by 2022, and that Amazon will have 1.3 times more speakers in homes than Google will at that point, absent any dramatic action.

Also at VentureBeat and CNBC.

Related: Amazon Dominates Voice-Controlled Speaker Market
Voice-Powered Smart Speakers to be in 55% of U.S. Homes by 2022
Bluetooth Hack Affects 20 Million Amazon Echo and Google Home Devices

Original Submission

martyb writes:

[Updated 2018/06/30 15:19:00 UTC. I've received word that "certificate renewed, but hasn't been issued" and that it will be installed as soon as we receive the new cert. Original story follows. --martyb]

We've been up front with the community right from the start... and intend to keep doing so in the future.

Where we are at:

We have encountered an issue with Lets Encrypt (LE), the certificate issuer for the majority of our [sub]domains. Even though we can 'see' these domains from any number of different servers... for some unknown reason, LE fails to see them. So, at the moment, we are unable to get them to generate certs for us.

Separately, the cert for soylentnews.org is handled by Gandhi. As far as I understand it (and I'm no sysadmin so take this with a healthy dose of salt) there are only two members of our staff who have the ability to update that cert. (We obviously don't want to let world+dog have access to that, right? My guess is that at that time, having a couple people seemed sufficiently redundant and secure).

What it means to you:

You may encounter a warning from your browser when trying to access the site that a certificate has expired. I cannot speak for all browsers, but I've generally seen that along with the warning is an option to trust the cert anyway. (Note: along with allowing that exception, I've sen at least one browser default a checkbox to make the exception permanent. It's entirely up to you, but I see no reason to make it a permanent exception at this point.)

We are working on it, and obviously hope to have things straightened out sooner than later! On the other hand, should things go sideways, I want to keep the community informed about what's up, what's happening, and what you can expect.

Checking status:

If you would like another means to check on the status of the certs, Comodo makes it easy with queries such as these:

https://crt.sh/?q=soylentnews.org
https://crt.sh/?q=%%25soylentnews.org
https://crt.sh/?q=sylnt.us
https://crt.sh/?q=%%25sylnt.us

tl;dr:

If the site becomes unavailable because of an expired cert, yeah, we know and we're working on it. Accept a temporary exception in your browser and we'll let you now when things are back to normal.

--martyb

P.S. Our Editor-in-Chief, janrinok, is currently undergoing preparations for a medical procedure... it's hard to say at this point, but it's likely he may be unavailable to help with the site for a couple weeks. Please join me in wishing him well for the procedure and for a speedy recovery!

Original Submission

takyon writes:

What Is Doki Doki Literature Club? Parents Warned About Horror Video Game After Teen's Death

Parents and teachers have been warned about the potential mental health risks of a cult "visual novel" video game, with one coroner saying it may "trigger suicidal thoughts" in young people.

One father, Darren Walmsley, 49, believes Doki Doki Literature Club, a free-to-play PC title that is presented with a cartoony art style but has overtones of psychological horror, may have contributed to the death of his son Ben earlier this year. Ahead of an inquest into the passing of the child, officials spoke out about the game's subject matter, which includes violence and suicide.

[...] Detective Inspector Jude Holmes, from the Greater Manchester Police, said: "We believe this game is a risk to children and young people, especially those that are emotionally vulnerable and anyone with existing mental health concerns. It's also really important to discuss with your children which games and apps are suitable, and ensure they understand why others aren't appropriate to use."

Cool story, Sherlock.

Doki Doki Literature Club! Wow, there's a Linux version. Time for another Community Review?

Also at NextShark and Manchester Evening News.

Original Submission

MrPlow writes:

Submitted via IRC for Bytram

Around 13,000 years ago, Earth was emerging from its last great ice age. The vast frozen sheets that had covered much of North America, Europe and Asia for thousands of years were retreating. Giant mammals — steppe bison, woolly mammoths and saber-toothed cats — grazed or hunted across tundra and grasslands. A Paleo-Indian group of hunter-gatherers who eventually gave rise to the Clovis people had crossed a land bridge from Asia hundreds of years earlier and were now spread across North America, hunting mammoth with distinctive spears.

Then, at about 12,800 years ago, something strange happened. Earth was abruptly plunged back into a deep chill. Temperatures in parts of the Northern Hemisphere plunged to as much as 8 degrees Celsius colder than today. The cold snap lasted only about 1,200 years — a mere blip, in geologic time. Then, just as abruptly, Earth began to warm again. But many of the giant mammals were dying out. And the Clovis people had apparently vanished.

Geologists call this blip of frigid conditions the Younger Dryas, and its cause is a mystery. Most researchers suspect that a large pulse of freshwater from a melting ice sheet and glacial lakes flooded into the ocean, briefly interfering with Earth's heat-transporting ocean currents. However, geologists have not yet found firm evidence of how and where this happened, such as traces of the path that this ancient flood traveled to reach the sea

Source: https://www.sciencenews.org/article/younger-dryas-comet-impact-cold-snap

Original Submission

takyon writes:

Instagram Lite Offers Photo Sharing on Android for 1/55th the App Size

Instagram has quietly launched a new app called "Instagram Lite" for Android on the Google Play App Store. It's a lightweight app that provides the joy of photo sharing while barely taking up any storage space on your smartphone. The app has a file size of 573 kilobytes, or about 1/55th the size of the 32 megabytes used by Instagram's popular primary app.

[...] Instagram recently crossed the 1 billion active user threshold, but for continued growth, the Facebook-owned app will need to spread to developing regions of the world in which people use older phones with less storage space and slower Internet connections. TechCrunch reports that this app is Instagram's latest push into the developing world after having launched a revamped minimal mobile website that was also designed with the same market in mind.

BTW, IT'S FACEB...

Also at TechCrunch, Slate, Fortune, and Android Police, where commenters identified some issues with the app, such as incompatibility with the older Android 4.x versions likely to be used in developing countries, and that the app is simply called "Lite" once installed and alphabetized under 'L' instead of 'I' for Instagram.

Original Submission

takyon writes:

Google admits it lost out to Microsoft buying GitHub

A Google executive has admitted the search giant lost out on buying GitHub. Speaking at a Fortune Magazine event yesterday, Diane Greene Google's head of cloud made an interesting admission. "I wouldn't have minded buying them, but it's OK," said Greene, Bloomberg reports.

Previous rumors suggest Google was also trying to acquire GitHub, alongside Microsoft's bids. GitHub founder Chris Wanstrath reportedly chose Microsoft because of his relationship with CEO Satya Nadella. GitHub is a large code repository that has become very popular with developers and companies to host projects, documentation, and code. Apple, Amazon, Facebook, Google, and many other big tech companies use GitHub. There are 85 million repositories hosted on GitHub, and 28 million developers contribute to them.

Also at CNBC and CNET.

Previously: Microsoft Holds Acquisition Talks with Github
Microsoft Agrees to Acquire GitHub... for $7.5 Billion [Updated]

Original Submission

canopic jug writes:

Vint Cerf, the godfather of the Internet, spoke in Sydney, Australia on Wednesday and issued a blunt call to action for a digital preservation regime for content and code to be quickly put in place to counter the existing throwaway culture that denies future generations an essential window into life in the past. He emphasized that this was especially needed for the WWW. Due to the volatile nature of electronic storage media as well as the format in which information is encoded, it is not possible to preserve digital material without prior planning and action.

[...] While the digital disappearance phenomenon is one which has so far mainly vexed official archivists and librarians for some years now, Cerf's take is that as everything goes from creation, the risk of accidental or careless memory loss increases correspondingly.

Archivists have for decades fought publicly for open document formats to hedge against proprietary and vendor risks – especially when classified material usually can only be made public after 30 to 50 years, sometimes longer.

From iTnews : Internet is losing its memory: Cerf

Original Submission

MrPlow writes:

Submitted via IRC for Bytram

[...] Last weekend, we were on hand to witness French racing driver Romain Dumas and car maker Volkswagen stamp their authority on all 12.4-miles (19.99km) of the [Pikes Peak International Hill Climb] course, destroying the course's existing record and setting the first sub-eight minute time in race history. What makes the feat even more interesting around Ars is that the car in the record books is all-electric, marking perhaps the first time in major motorsport that a battery electric vehicle has beaten the internal combustion engine fair and square.

In retrospect, if any car has an advantage at Pikes Peak it's the EV. The start line is already at 9,390 feet (2,862m) above sea level; the finish line is an even higher 14,110 feet (4,300m) and much of the course is above the tree line where there's 40 percent less oxygen to breathe. Consequently, internal combustion engines will lose power—significantly—as they climb the route, even with the aid of forced induction or crafty fuel mixtures.

But electric motors don't care about partial pressures of oxygen, and these will output the same power and torque whether they're at the top of the mountain or the bottom.

Source: https://arstechnica.com/cars/2018/06/757148-volkswagen-makes-racing-history-with-record-breaking-electric-race-car/

More about the course can be found at Wikipedia and the Official Site.

Original Submission

MrPlow writes:

Submitted via IRC for BoyceMagooglyMonkey

Botnets have tended to hide in the nooks and crevices of servers and endpoint devices. Now a growing number are hiding in the palms of users' hands. That's one of the conclusions of a new report detailing the evolving state of malicious bots.

"Mobile Bots: The Next Evolution of Bad Bots" examined requests from 100 million mobile devices on the Distil network from six major cellular carriers during a 45-day period. The company found that 5.8% of those devices hosted bots used to attack websites and apps – which works out to 5.8 million devices humming away with activity that their owners know nothing about.

"The volume was a surprise," says Edward Roberts, senior director of product marketing at Distil Networks. The research team even took another sampling run to verify the number, he says. In all, "one in 17 network requests was a bad bot request," Roberts says.

Source: Botnets Evolving to Mobile Devices

Original Submission

Gentoo Linux GitHub Mirror Compromised, Taken Offline

DarkMorph writes:

From https://www.gentoo.org/news/2018/06/28/Github-gentoo-org-hacked.html

Today 28 June at approximately 20:20 UTC unknown individuals have gained control of the Github Gentoo organization, and modified the content of repositories as well as pages there. We are still working to determine the exact extent and to regain control of the organization and its repositories. All Gentoo code hosted on github should for the moment be considered compromised.

This does NOT affect any code hosted on the Gentoo infrastructure. Since the master Gentoo ebuild repository is hosted on our own infrastructure and since Github is only a mirror for it, you are fine as long as you are using rsync or webrsync from gentoo.org.

Also, the gentoo-mirror repositories including metadata are hosted under a separate Github organization and likely not affected as well.

All Gentoo commits are signed, and you should verify the integrity of the signatures when using git.

File-Wiping Malware Placed Inside Gentoo Linux Code After GitHub Account Hack

MrPlow writes:

Submitted via IRC for BoyceMagooglyMonkey

An unknown hacker has temporarily taken control over the GitHub account of the Gentoo Linux organization and embedded malicious code inside the operating system's distributions that would delete user files.

Source: File-Wiping Malware Placed Inside Gentoo Linux Code After GitHub Account Hack

Original Submission #1  Original Submission #2 

cubancigar11 writes:

Bitcoin Bloodbath Nears Dot-Com Levels as Many Tokens Go to Zero

Bitcoin's meteoric rise last year had many observers calling it one of the biggest speculative manias in history. The cryptocurrency's 2018 crash may help cement its place in the bubble record books.

Down 70 percent from its December high after sliding for a fourth straight day on Friday, Bitcoin is getting ever-closer to matching the Nasdaq Composite Index's 78 percent peak-to-trough plunge after the U.S. dot-com bubble burst. Hundreds of other virtual coins have all but gone to zero -- following the same path as Pets.com and other red-hot initial public offerings that flamed out in the early 2000s.

While Bitcoin has bounced back from bigger losses before, it's far from clear that it can repeat the feat now that much of the world knows about cryptocurrencies and has made up their mind on whether to invest. Bulls point to the Nasdaq's eventual recovery and say institutional investors represent a massive pool of potential cryptocurrency buyers, but regulatory and security concerns have so far kept most big money managers on the sidelines.

The story sounds alarming but I would like to know the take of Soylentils.

Also at Quartz, CNBC, Fortune, and Cointelegraph.

See also: El-Erian calls bitcoin a buy if its price falls below $5,000
Bitcoin Hasn't Lost Its Way – It's Just Getting Started
All the Ways You Can Lose Your Bitcoin
Op-Ed: Challenge of Mining Centralization Unveils Bitcoin's Elegant Design

Original Submission

An Anonymous Coward writes:

https://www.bbc.co.uk/news/business-44604280

Harley-Davidson plans to shift some motorcycle production away from the US to avoid the "substantial" burden of European Union tariffs.

Last week, the EU imposed retaliatory tariffs on US goods, including bourbon, orange juice and motorcycles.

The measures are a response to new US duties on steel and aluminium imports.

Wisconsin-based Harley-Davidson said the increased cost from the tariffs threaten its international sales, which it has been trying to expand.

The company has assembly plants in Australia, Brazil, India and Thailand as well as in the US.

It said it would raise investment in its international plants, though it did not say which ones.

"To address the substantial cost of this tariff burden long-term, Harley-Davidson will be implementing a plan to shift production of motorcycles for EU destinations from the US to its international facilities to avoid the tariff burden," the company said.

Harley-Davidson said it expected the ramp-up in production to take nine to 18 months.

Original Submission