Linux fréttir

Chairman tells MPs its budget may need revising upwards in future

The UK government's Centre for Data Ethics and Innovation has £2.5m for its first year of work, in which it will probe microtargeting and algorithmic bias – but its chair has warned it might need more cash in future.…

At some point in the future, Chrome may gain a new feature, dubbed 'Never-Slow Mode', which would trim heavy web pages to keep browsing fast. From a report: The prototype feature is referenced in a work-in-progress commit for the Chromium open-source project. With Never-Slow Mode enabled, it would "enforce per-interaction budgets designed to keep the main thread clean." The design document for Never-Slow Mode hasn't been made public. However, the feature's owner, Chrome developer Alex Russell, has provided a rough outline of how it would work to speed up web pages with large scripts. "Currently blocks large scripts, sets budgets for certain resource types (script, font, css, images), turns off document.write(), clobbers sync XHR, enables client-hints pervasively, and buffers resources without 'Content-Length' set," wrote Russell.

Read more of this story at Slashdot.

Hosting outfit wants to get up close and personal

Manchester-based hosting outfit UKFast has squeezed out a developer platform in the hopes of fending off the relentless march of cloud giants Amazon and Microsoft.…

25 bugs, three apps – endless pwnage

Security firm Check Point has found some 25 security vulnerabilities in three of the most popular remote desktop protocol (RDP) tools for Windows and Linux.…

There are no 5G iPhones, and there probably won't be 5G iPhones for a while. But that isn't stopping Apple and AT&T: they are reportedly rolling out AT&T's fake "5G E" branding with its upcoming iOS 12.2 update. From a report: Much like when the two companies pulled this scam with 4G and LTE back in 2012, if you can't beat them, you roll out a software update to make it look like you did even though the phones and network are still exactly the same. Multiple users on Twitter are now reporting that they're seeing the new 5G E icon on devices running the latest iOS 12.2 beta 2, which was released earlier today. The new icon isn't there for everyone, presumably because it will only appear in cities where AT&T's 5G Evolution network -- the company's intentionally misleading name for its LTE network that it seems to hope customers will confuse for actual, next-generation 5G networks -- is active.

Read more of this story at Slashdot.

Colossal intercepts are just the Bombe

Bletchley Park's National Museum of Computing will be exhibiting original, freshly discovered decrypted WWII messages to coincide with the 75th anniversary of D-Day this June – messages that were broken by the Colossus machines based on the museum's site.…

An anonymous reader quotes a report from ZDNet: For the first time, EU authorities have announced plans to recall a product from the European market because of a data privacy issue. The product is Safe-KID-One, a children's smartwatch produced by German electronics vendor ENOX. According to the company's website, the watch comes with a trove of features, such as a built-in GPS tracker, built-in microphone and speaker, a calling and SMS text function, and a companion Android mobile app that parents can use to keep track and contact their children. The product is what most parents regularly look in a modern smartwatch but in a RAPEX (Rapid Alert System for Non-Food Products) alert published last week and spotted by Dutch news site Tweakers, European authorities ordered a mass recall of all smartwatches from end users citing severe privacy lapses. "The mobile application accompanying the watch has unencrypted communications with its backend server and the server enables unauthenticated access to data," said authorities in the RAPEX alert. "As a consequence, the data such as location history, phone numbers, serial number can easily be retrieved and changed." On top of this, authorities also said that "a malicious user can send commands to any watch making it call another number of his choosing, can communicate with the child wearing the device or locate the child through GPS."

Read more of this story at Slashdot.

I really neeeeed to learn. 'Cos buyers aren't draining high-cap drive pools

Seagate was caught out by an unexpectedly deep drop in disk drive demand and saw its revenues fall 7 per cent. Along with the rest of the tech world, it talked about a recovery mid-year, and promised world+dog at least one more lousy quarter.…

Grey area in comms law needs a tad more black and white

Can the UK Home Secretary order Ofcom to ignore its own legal duties? A court case that effectively began with the trial of a GSM gateway operator will soon decide the answer to that difficult, and potentially expensive, question.…

Plus: Lucy in the sky with Trojans, and ISS 'nauts splash around in a water party

Roundup Over the past week in space, SpaceX pressed go on the first flight Raptor, the Lucy mission inched closer, and the ISS crew battled with some dodgy plumbing.…

Grant Thompson, the teenager that reported the FaceTime bug last week, will be eligible for the Apple bug bounty program. "Apple's bug bounty system is typically invite-only and limited to specific categories of security flaws, like accessing iCloud account data or demonstrating ways for iPhone apps to escape the security sandbox of iOS," reports 9to5Mac. "It appears the company is making an exception here given the embarrassingly public nature of the case, although further details about the reward have yet to be discussed." From the report: The FaceTime bug that made waves as result of 9to5Mac's coverage last week was actually first reported to Apple by Grant Thompson and his mother in Arizona a week earlier. However, deficiencies in the Apple bug reporting process meant that the report was not acted upon by the company. Instead, the teenager made headlines when his mother shared their Apple communications on Twitter. Their claims were later proved to be legitimate. Around January 22, Apple Support directed them to file a Radar bug report, which meant the mother had to first register a developer account as an ordinary customer. Even after following the indicated steps, it does not appear that Apple's product or engineering teams were aware of the problem until its viral explosion a week later. CNBC reports that an unnamed "high-level Apple executive" met with the Thompsons at their home in Tucson, Arizona on Friday. They apparently discussed how Apple could improve its bug reporting process and indicated that Grant would be eligible for the Apple bug bounty program.

Read more of this story at Slashdot.

Predictive plod practices bake bias into systems people don't understand, says Liberty

Human right group Liberty is urging UK cops to stop using predictive policing programs that put a "technological veneer of legitimacy" on existing biased practices.…

Lots of unanswered questions remain – and nobody's talking

Retro Computers Ltd, which absorbed £513,000 of backers' money to produce ZX Spectrum-themed game consoles it then failed to deliver, has been wound up – by Planet Computing, makers of the Gemini PDA.…

Boffins scrape together a dataset to aid in the fight against modern day slavery

AI is the latest recruit in the ongoing efforts to stamp out the scourge of human trafficking – by helping police figure out which hotels victims are being held.…

Elon Musk took to Twitter Sunday evening to announce the "first firing of Starship Raptor flight engine." While SpaceX has fired individual components before and experimented with various designs, this is the first time the now-completed design has been assembled and fired in its intended spaceflight configuration. ExtremeTech reports: Raptor has gone through a number of design changes -- originally, SpaceX planned to mount it to the ITS launch vehicle back in 2016 (powered by 42 Raptor engines), before changing gears and unveiling its BFR rocket concept (officially known as "Super Heavy" for the first stage, and Starship for the second). The Super Heavy mounts 31 Raptor engines, while the Starship has seven. The engine has been designed with a priority on lowering overall wear and tear and removing failure points that could limit its reusability or increase long-term operating costs. Unlike SpaceX's Merlin engine, which runs on a mixture of RP-1 and LOX, the Raptor engine is fueled by cryogenic liquid methane and LOX. The Raptor uses subcooled methane (subcooling refers to keeping the temperature of the liquid well below its boiling point). Subcooling the methane allows SpaceX to increase the amount of propellant stored in the rocket. It increases specific impulse and reduces cavitation. The actual test burn only goes on for a few seconds, but yields tremendously valuable information about the actual performance of the rocket and its ability to ignite in a controlled fashion. The green glow in the exhaust near the end of the firing indicates the copper liner in the engine chamber burned by accident. While this should not have happened, it's precisely to find these pain points that engineers conduct test firings in the first place. There is no substitute for this kind of test-firing and, as Ars Technica notes, "any 'first' test firing of a new, full-scale rocket engine that doesn't end in an uncontrolled explosion is a good thing." Ars also states that this specific engine may be deployed for "hopper" flights this year when SpaceX attempts to fly the Starship roughly 5km high, then land it again.

Read more of this story at Slashdot.

Seismometer looking for whole lot of shakin' going on

Pic NASA’s InSight lander has been revamped to let scientists study the interior of Mars for the first time.…

An anonymous reader quotes a report from The New York Times: Rising temperatures in the Himalayas, home to most of the world's tallest mountains, will melt at least one-third of the region's glaciers by the end of the century (Warning: source may be paywalled; alternative source) even if the world's most ambitious climate change targets are met, according to a report released Monday. If those goals are not achieved, and global warming and greenhouse gas emissions continue at their current rates, the Himalayas could lose two-thirds of its glaciers by 2100, according to the report, the Hindu Kush Himalaya Assessment. Under those more dire circumstances, the Himalayas could heat up by 8 degrees Fahrenheit (4.4 degrees Celsius) by century's end, bringing radical disruptions to food and water supplies, and mass population displacement. Glaciers in the Hindu Kush Himalayan Region, which spans over 2,000 miles of Asia, provide water resources to around a quarter of the world's population. One of the most complete studies on mountain warming, the Hindu Kush Himalaya Assessment was put together over five years by 210 authors. The report includes input from more than 350 researchers and policymakers from 22 countries.

Read more of this story at Slashdot.

Costs on the rise but still added $99m a day to its bottom line in Q4 2018

Google parent company Alphabet says it logged a 23 per cent jump in revenues in the final quarter of 2018, even as losses from its various side projects continue to mount.…

Google hired gig economy workers to help build out a controversial AI program that the company had paired with the Pentagon to build, according to a new report from The Intercept. "The workers were hired through a crowdsourcing gig company outfit called Figure Eight, which pays as little at $1 an hour for people to perform short, seemingly mindless tasks," reports The Verge. "Whether the individuals were identifying objects in CAPTCHA-like images, or other simple tasks, the workers were helping to train Google's AI that was created as part of a Defense Department initiative known as Project Maven." From the report: Project Maven is a Pentagon project intended to use machine learning and artificial intelligence in order to differentiate people and objects in thousands of hours of drone footage. By employing these crowdsourced microworkers, Google was able to use them to teach the algorithms it was running how to distinguish between human targets and surrounding objects. According to The Intercept, these workers had no idea who their work was benefitting or what they were building. Figure Eight, which was previously known as Crowdflower, is one of the largest platforms that employs microworkers. On its website, Figure Eight says its platform "combines human intelligence at scale with cutting-edge models to create the highest quality training data for your machine learning (ML) projects." By partnering with these microworker outfits, Google could quickly and cheaply build out its AI. "You upload your data to our platform and we provide the annotations, judgments, and labels you need to create accurate ground truth for your models," the website reads. Google decided against renewing its contract with the Defense Department last June after over 3,000 employees signed a petition in protest of the company's involvement in Project Maven. The deal is set to end in March 2019.

Read more of this story at Slashdot.

The Electronic Frontier Foundation argues that police should not be allowed to force you to turn over your passcode or unlock your device. "The Fifth Amendment states that no one can be forced to be 'a witness against himself,' and we argue that the constitutional protection applies to forced decryption," writes the EFF. Last week, the non-profit digital rights group filed a brief making that case to the Indiana Supreme Court, which is set to decide if you can be forced to unlock your phone. From the report: The case began when Katelin Eunjoo Seo reported to law enforcement outside of Indianapolis that she had been the victim of a rape and allowed a detective to examine her iPhone for evidence. But the state never filed charges against Seo's alleged rapist, identified by the court as "D.S." (Courts often refer to minors using their initials.) Instead, the detective suspected that Seo was harassing D.S. with spoofed calls and texts, and she was ultimately arrested and charged with felony stalking. Along with a search warrant, the state sought a court order to force Seo to unlock her phone. Seo refused, invoking her Fifth Amendment rights. The trial court held her in contempt, but an intermediate appeals court reversed. When the Indiana Supreme Court agreed to get involved, it took the somewhat rare step of inviting amicus briefs. EFF got involved because, as we say in our brief filed along with the ACLU and the ACLU of Indiana, the issue in Seo is "no technicality; it is a fundamental protection of human dignity, agency, and integrity that the Framers enshrined in the Fifth Amendment." Our argument to the Indiana Supreme Court is that compelling Seo to enter her memorized passcode would be inherently testimonial because it reveals the contents of her mind. Obviously, if she were forced to verbally tell a prosecutor her password, it would be a testimonial communication. By extension, the act of forced unlocking is also testimonial. First, it would require a modern form of written testimony, the entry of the passcode itself. Second, it would rely on Seo's mental knowledge of the passcode and require her to implicitly acknowledge other information such as the fact that it was under her possession and control. The lower appellate court in Seo added an intriguing third reason: "In a very real sense, the files do not exist on the phone in any meaningful way until the passcode is entered and the files sought are decrypted. . . . Because compelling Seo to unlock her phone compels her to literally recreate the information the State is seeking, we consider this recreation of digital information to be more testimonial in nature than the mere production of paper documents." Because entering a passcode is testimonial, that should be the end of it, and no one should be ordered to decrypt their device, at least absent a grant of immunity that satisfies the Fifth Amendment. The case gets complicated when you factor in a case from 1976 called Fisher v. United States, where the Supreme Court recognized an exception to the Fifth Amendment privilege for testimonial acts of production. "State and federal prosecutors have invoked it in nearly every forced decryption case to date," writes the EFF. "In Seo, the State argued that all that compelling the defendant to unlock her phone would reveal is that she knows her own passcode, which would be a foregone conclusion once it 'has proven that the phone belongs to her.'" "As we argue in our amicus brief, this would be a dangerous rule for the Indiana Supreme Court to adopt. If all the government has to do to get you to unlock your phone is to show you know the password, it would have immense leverage to do so in any case where it encounters encryption."

Read more of this story at Slashdot.