Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Google

Google Reveals Its Servers All Contain Custom Security Silicon (theregister.co.uk) 89

Google has published an Infrastructure Security Design Overview that explains how it secures the cloud it uses for its own operations and for public cloud services. From a report on The Register: The document outlines six layers of security and reveals some interesting factoids about the Alphabet subsidiary's operations, none more so than the disclosure that: "We also design custom chips, including a hardware security chip that is currently being deployed on both servers and peripherals. These chips allow us to securely identify and authenticate legitimate Google devices at the hardware level." That silicon works alongside cryptographic signatures employed "over low-level components like the BIOS, bootloader, kernel, and base operating system image." "These signatures can be validated during each boot or update," the document says, adding that "the components are all Google-controlled, built, and hardened. With each new generation of hardware we strive to continually improve security: for example, depending on the generation of server design, we root the trust of the boot chain in either a lockable firmware chip, a microcontroller running Google-written security code, or the above mentioned Google-designed security chip."
Privacy

Tor Onion Browser's Creator Explains Free Version For iOS (mike.tig.as) 26

The free iOS version of the Tor browser "sparked a tidal wave of interest" after its release in December, according to Silicon.co. Mickeycaskill writes: The cost has been scrapped due to developer Mike Tigas' worries that the price was limiting access to anonymous browsing for those who need it most. "Given recent events, many believe it's more important than ever to exercise and support freedom of speech, privacy rights, and digital security," Tigas wrote in a blog post. "I think now is as good a time as ever to make Onion Browser more accessible to everyone."
"I'm still a little terrified that I've made this change," Tigas adds. For four years the Tor Onion browser was available on the Apple App Store for $0.99, the lowest non-free price allowed by Apple, providing a "reliable" income to Tigas which helped him move to New York for a new job while allowing him "the economic freedom to continue working on side projects that have a positive impact in the world." Tigas also writes that "there's now a Patreon page and other ways to support the project."

Last month the Tor Project also released the first alpha version of the sandboxed Tor Browser.
Advertising

Drone Maker Lily Robotics Faked Promotional Video, Gets Sued For False Advertising and Misleading Business Practices (theregister.co.uk) 37

Dotnaught quotes a report from The Register: Lily Robotics says its decision on Thursday to shut down and return pre-order payments for a never-delivered drone, which came on the same day that San Francisco District Attorney George Gascon charged the company with false advertising and misleading business practices, was purely coincidental. According to a source familiar with the complaint filed against the company, Lily Robotics has known about the DA's investigation for several months. On the strength of a promotional video on YouTube in May 2015, embedded below, Lily Robotics raised more than $34 million in pre-order sales over the course of that year for a drone called Lily Camera. The flying gadget, when built, would be capable of being launched with a throw, following people, and recording them. But after pushing the delivery date back multiple times, Lily Robotics has yet to ship a single drone to its 60,000 prospective customers, according to the lawsuit filed against the company. In theory, Lily Robotics could face a fine of more than a hundred million dollars, depending upon the outcome of a trial, if it comes to that. The company faces potential fines for at least two business code violations subject to a civil penalty of $2,500 per violation, and there are some 60,000 individuals affected. In practice, however, such fines are usually orders of magnitude less, particularly if both sides agree on a settlement. The complaint against Lily, obtained by The Register, alleges that the company knowingly misled customers by creating a promotional video that purported to show video footage captured with a Lily drone prototype. "In fact, none of the video in the Promotional Video was shot by a Lily Camera," the complaint says. "Most notably, the POV footage used in the promotional video was filmed using a professional camera drone called the DJI Inspire." Among the Lily Camera prototypes present at the video shoot, the complaint says, the ones that could actually record video were able to do so because they had Go-Pro cameras mounted on them.
Cellphones

Faulty Phone Battery May Have Caused Fire That Brought Down EgyptAir Flight MS80 (ibtimes.co.uk) 138

New submitter drunkdrone writes: "French authorities investigating the EgyptAir crash that killed 66 people last year believe that the plane may have been brought down by an overheating phone battery," reports International Business Times. Investigators say the fire that broke out on the Airbus A320 in May 2016 started in the spot where the co-pilot had stowed his iPad and iPhone 6S, which he placed on top of the instrument panel in the plane's cockpit. From the report: "EgyptAir flight MS804 was traveling from Paris to Cairo when it disappeared from radar on 19 May 2016. Egyptian investigators have speculated that the crash, which killed all 56 passengers, seven crew members and three security personnel on board, was caused by an act of terrorism due to traces of explosives reported to be found on some the victims. Investigators in France have disputed these claims, saying that data recorded from the aircraft around the time it disappeared points to an accidental fire on the right-hand side of the flight deck, next to the co-pilot. According to The Times, CCTV pulled from cameras at Paris' Charles de Gualle airport show that the co-pilot stored a number of personal items above the dashboard, where the first signs of trouble were detected. This included an automated alert indicating a series of malfunctions on the right-hand flight deck window, followed by smoke alerts going off in a toilet and in the avionics area below the cockpit, minutes before the plane vanished."
Republicans

Trump's Cyber Security Advisor Rudy Giuliani Runs Ancient, Utterly Hackable Website (theregister.co.uk) 272

mask.of.sanity writes from a report via The Register: U.S. president-elect Donald Trump's freshly minted cyber tsar Rudy Giuliani runs a website so insecure that its content management system is five years out of date, unpatched and is utterly hackable. Giulianisecurity.com, the website for Giuliani's eponymous infosec consultancy firm, runs Joomla! version 3.0, released in 2012, and since found to carry 15 separate vulnerabilities. More bugs and poor secure controls abound. The Register report adds: "Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server. This seemingly insecure system also has a surprising number of network ports open -- from MySQL and anonymous LDAP to a very out-of-date OpenSSH 4.7 that was released in 2007. It also runs a rather old version of FreeBSD. 'You can probably break into Giuliani's server,' said Robert Graham of Errata Security. 'I know this because other FreeBSD servers in the same data center have already been broken into, tagged by hackers, or are now serving viruses. 'But that doesn't matter. There's nothing on Giuliani's server worth hacking.'"
Privacy

Switzerland Agrees To Its Own New Data Sharing Pact With the US (silicon.co.uk) 15

Mickeycaskill quotes a report from Silicon.co.uk: Switzerland has agreed its own new data transfer agreement with the United States, basing the framework on the deal struck by the European Union (EU) following the invalidation of Safe Harbour. The previous arrangement was invalidated because of concerns about U.S. mass surveillance but Switzerland says the new Swiss-U.S. Privacy Shield will allow Swiss companies to transfer customer data without the need for additional contractual guarantees. The Swiss Federal Council, a seven member executive council that is effectively the head of government in Switzerland, claim citizens will benefit from additional protections and the ability to contact an ombudsman about data issues. Although not part of the EU, Switzerland is a member of the European Economic Area (EEA) and has several bilateral agreements with the EU that sees it adopt many of the bigger bloc's policies. The Federal Council says the alignment between the EU and the Swiss transatlantic data sharing partnerships is good news for multinational organizations.
Music

Cassettes Are Back, and Booming (fastcompany.com) 562

Long time reader harrymcc writes: By now, it isn't news that vinyl albums continue to sell, even in the Spotify era. But a new report says that sales of music on cassette are up 140 percent. The antiquated format is being embraced by everyone from indie musicians to Eminem and Justin Bieber. Fast Company's John Paul Titlow took a look at tape's unexpected revival, and why it's not solely about retro hipsterism.
United Kingdom

Regulators Criticize Banks For Lending Uber $1.15 Billion (venturebeat.com) 134

Federal regulators criticized several Wall Street banks over the handling of a $1.15 billion loan they helped arrange for Uber this past summer, reports Reuters, citing people with knowledge of the matter. From the report: Led by Morgan Stanley, the banks helped the ride-sharing network tap the leveraged loan market in July for the first time, persuading institutional investors to focus on its lofty valuation and established markets rather than its losses in countries such as China and India. The Federal Reserve and the Office of the Comptroller of the Currency (OCC), which are trying to reign in risky lending across Wall Street, took issue with the way in which the banks carved out Uber's more mature operations from the rest of the business, the people said.
Earth

Alcohol Switches the Brain Into Starvation Mode In Mice, Increasing Hunger and Appetite, Study Finds (bbc.com) 130

An anonymous reader quotes a report from BBC: In tests on mice, alcohol activated the brain signals that tell the body to eat more food. The UK researchers, who report their findings in the journal Nature Communications, believe the same is probably true in humans. The mice were given generous doses of alcohol for three days -- a dose being equivalent to around 18 units or a bottle-and-a-half of wine for a person. The alcohol caused increased activity in neurons called AGRP. These are the neurons that are fired when the body experiences starvation. The mice ate more than normal too. When the researchers repeated the experiment but blocked the neurons with a drug, the mice did not eat as much which, the researchers say, suggests that AGRP neurons are responsible for the alcohol-induced eating. The study authors, Denis Burdakov and colleagues, say understanding how alcohol changes the body and our behavior could help with managing obesity. Around two-thirds of adults in the UK are overweight or obese.
Medicine

'Tooth Repair Drug' May Replace Fillings (bbc.com) 130

Teeth can be encouraged to repair themselves in a way that could see an end to fillings, according to scientists. From a report on BBC: The team at King's College London showed that a chemical could encourage cells in the dental pulp to heal small holes in mice teeth. A biodegradable sponge was soaked in the drug and then put inside the cavity. The study, published in Scientific Reports, showed it led to "complete, effective natural repair." Teeth have limited regenerative abilities. They can produce a thin band of dentine -- the layer just below the enamel -- if the inner dental pulp becomes exposed, but this cannot repair a large cavity. [...] Scientists discovered that a drug called Tideglusib heightened the activity of stem cells in the dental pulp so they could repair 0.13mm holes in the teeth of mice. A drug-soaked sponge was placed in the hole and then a protective coating was applied over the top. As the sponge broke down it was replaced by dentine, healing the tooth.
Businesses

Volkswagen Unveils 'ID Buzz' Electric Microbus Concept (ibtimes.co.uk) 52

New submitter drunkdrone quotes a report from International Business Times: Given the emissions scandal that rocked Volkswagen in 2015, we reckon Scooby Doo and the gang would opt for something a little more environmentally-sound were they to be reinvented for the 21st Century. VW's new ID Buzz electric concept car, unveiled at the International Auto Show in Detroit on 8 January, is exactly the sort of thing we can imagine the overbearing talking dog and four meddlesome kids driving around in today. The ID Buzz is the second electric concept vehicle to come from Volkswagen in recent months, following the VW I.D. concept car unveiled at the Paris Motor Show in September 2016. The ID Buzz is a re-imagining of sorts of the German automaker's classic VW Microbus, with 'Buzz' being a phonetic play on 'bus' and, according to VW, "refers to the silent buzzing of the drive system." The all-electric van boasts a driving range of up to 270 miles, which VW says is comparable to traditional petrol-powered vehicles, and features a "fully-autonomous" mode that allows the driver's seat to swing round 180 degrees for a more social seating arrangement. Additional cutting-edge features include a heads-up display that projects navigational information as augmented reality images, which can appear as directional cues as much as 49 feet ahead of the car. This provides a more visual system that marks directions on the road itself, rather than having to rely on a 2D image as in the case with traditional sat-navs. VW calls the effect "astonishingly realistic."
IBM

IBM Is First Company To Get 8,000 US Patents In One Year, Breaking Record (silicon.co.uk) 94

Reader Mickeycaskill writes: For the 24th year in a row, IBM received the most patents of any company in the US. But for the first time it got more than 8,000 -- the first firm in any industry to do so. In total, its inventors were granted 8,088 patents in 2016, covering areas as diverse as artificial intelligence (AI), cognitive computing, cloud, health and cyber security.
That's equal to more than 22 patents a day generated by its researchers, engineers and designers, with more than a third of the patents relating to AI, cognitive computing and cloud computing alone. IBM is betting big on cloud and other services, having spun off its hardware units like servers and PCs to Lenovo. The other nine companies in the top ten list of 2016 US patent recipients consist of: Samsung electronics (with 5,518 patents), Canon (3,665), Qualcomm (2,897), Google (2,835), Intel (2,784), LG Electronics (2,428), Microsoft (2,398), Taiwan Semiconductor Manufacturing Co. (2,288) and Sony (2,181).

Privacy

Lawyer Rewrites Instagram's Privacy Policy So Kids and Parents Can Have a Meaningful Talk About Privacy (qz.com) 95

Kids, of age between 12 and 15, are increasingly joining Facebook's Instagram service, but according to a research, they likely don't even understand what they are signing up for. Jenny Afia, a privacy law expert at Schillings, a UK-based law firm, rewrote Instagram's terms of service in child-friendly language, so that not only the kids but their parents are able to understand what things are at stake. Highlighted are the changes the lawyer has made: Officially you own any original pictures and videos you post, but we are allowed to use them, and we can let others use them as well, anywhere around the world. Other people might pay us to use them and we will not pay you for that. [...] We may keep, use and share your personal information with companies connected with Instagram. This information includes your name, email address, school, where you live, pictures, phone number, your likes and dislikes, where you go, who your friends are, how often you use Instagram, and any other personal information we find such as your birthday or who you are chatting with, including in private messages (DMs). [...] We might send you adverts connected to your interests which we are monitoring. You cannot stop us doing this and it will not always be obvious that it is an advert.
Toys

Ask Slashdot: What's The Most Useful 'Nerd Watch' Today? 232

He's worn the same watch for two decades, but now Slashdot reader students wants a new one. For about 20 years I've used Casio Databank 150 watches. They were handy because they kept track of my schedule and the current time. They were very cheap. They required very little maintenance, since the battery lasts more than a year and the bands last even longer. Since they were waterproof, I don't even have to take them off (or remember where I put them!) They were completely immune to malicious software, surveillance, and advertising. However, their waterproof gaskets have worn out so they no longer work for me. Casio no longer makes them or any comparable product (their website is out of date).
Today's watches include everything from heart rate monitors to TV remote controls, and Casio even plans to release a new version of their Android Wear watch with a low-power GPS chip and mapping software. But what's your best suggestion? "I don't want a watch that duplicates the function of my cell phone or computer," adds the original submission -- so leave your best answers in the comments. What's the most useful nerd watch today?
Medicine

New Study Finds 'Mediterranean' Diet Significantly Reduces Brain Shrinkage (bbc.com) 176

schwit1 writes that 562 elderly research subjects cut their brain shrinkage in half just by changing their diet. (Paywalled article here). The BBC reports: A study of pensioners in Scotland found that those with a diet rich in fresh fruit, vegetables and olive oil had healthier brains than those with different eating habits. They suffered less brain shrinkage than those who regularly ate meat and dairy products. The study was carried out by University of Edinburgh researchers.... Scientists found that those who adhered most closely to the diet retained significantly greater brain volume after three years than those who did not... Lead researcher Dr Michelle Luciano said: "As we age, the brain shrinks and we lose brain cells, which can affect learning and memory. This study adds to the body of evidence that suggests the Mediterranean diet has a positive impact on brain health."
Bitcoin

Bitcoin Was 2016's Best-Performing Currency (newsweek.com) 104

The co-founder of Blockchain published an opinion piece in Newsweek today mocking predictions about the death of bitcoin, saying "each is more wrong than the last... Bitcoin was again declared the world's best performing currency in 2016 by Bloomberg. In fact, it's held that title every year since 2010, with the notable exception of 2014, when it was the worst." An anonymous reader writes: Bitcoin president Nicolas Cary writes that bitcoin has become more stable than many of the world's top currencies, while the British pound "has dropped by more than 17% in a colossal collapse of confidence... In Africa, the Egyptian pound dropped 59% and the Nigerian naira fell 37%. In South America, the Argentine peso plummeted over 17% and the Venezuelan bolivar tumbled so far off a cliff it's difficult to measure -- even bricks of cash are worthless for everyday purchases there. Perhaps most dramatically of all, India, the world's second most populated country, introduced a stunning policy of demonetization declaring banknotes illegal overnight...

"During this time period, and partially in response to it, the price of bitcoin surged... Bitcoin also trounced the stock market from a performance perspective. Brand names like McDonald's, Home Depot and Disney grew at a paltry 1.6% or less; bitcoin outpaced them by over 70 times."

In 2009 one man in Norway bought $27 worth of bitcoin while writing a thesis on encryption, then forgot about them. Six years later, he discovered they were worth nearly $500,000.
Android

Fake Malware-Filled Super Mario Run Apps Take Advantage of Android Absence (silicon.co.uk) 34

Mickeycaskill writes: Nintendo's Super Mario Run was downloaded more than 40 million times in the first four days it was available. But an Android version has yet to materialize. An official release is on the way, but cybercriminals are taking advantage of this vacuum by spreading malicious apps masquerading as the real thing. The "Android Marcher trojan" appears as a fake landing page advertising the release of the game, where it can be downloaded onto users' devices. It then targets financial and banking apps and can modify your settings and read your contacts. The popularity of Pokemon GO last year saw similar scams emerge as users waited for the game.
Transportation

Uber Drivers Deemed To Be Employees By Swiss Insurance Provider (techcrunch.com) 121

An anonymous shares a TechCrunch article: Uber has suffered another setback to its operational model in Europe after a Swiss insurance agency ruled that Uber drivers are employees, not freelance contractors as the company claims -- meaning it must pay social security contributions. This follows a similar ruling by a UK employment tribunal in October which found that the two Uber drivers bringing the claim were employed as workers by Uber, rather than being freelance contractors. Swiss broadcaster SRF says the Suva agency made its decision on the status of Uber drivers in the market on account of their inability to set price or payment type, and because they are threatened with consequences from Uber if they do not fulfill its requirements. The Suva described its decision on the classification as a "clear conclusion." The public sector insurer is involved in determining whether workers are freelance or not as a provider of compulsory on-the-job accident insurance which is required for certain high risk professions.
Earth

New Analysis Shows Lamar Smith's Accusations On Climate Data Are Wrong (arstechnica.com) 502

Layzej writes from a report via Ars Technica: In 2015, NOAA released version 4 of their marine temperature dataset called ERSST. The new dataset accounted for a known cooling bias introduced when ocean temperature measurements transitioned from being taken in ship engine intake valves to buoy-based measurements. The warming of the last couple decades increased ever so slightly in NOAA's new analysis. This was a red flag for U.S. House Science Committee Chair Lamar Smith (R-TX), who rejects the conclusions of climate science -- like the fact that the Earth's climate is warming. Suddenly he wanted to see the researchers' e-mails and echoed the accusations of contrarian blogs about scientists' supposedly nefarious adjustments to sea surface temperature measurements. Rather than invoking scientific conspiracies, issues like this should be settled by analyzing the data. A new study, led by University of California Berkeley's Zeke Hausfather, does just that -- and Rep. Smith won't like these results, either. To test the NOAA dataset, Zeke's team created instrumentally homogeneous temperature records from sensors available only over the last couple decades. As it happens, the Argo float data, the buoy data, and the satellite data each hew closer to the updated dataset that NOAA used. The older version (3b) gives a global average that is too cool in recent years, growing to an offset of about 0.06 degrees Celsius. The researchers repeat this same analysis for two more major sea surface datasets that are used by the UK Met Office and the Japanese Meteorological Agency for their global temperature records. Both of those datasets also drift cooler than the comparison data, but less so than NOAA's old dataset.
IT

CloudFlare Was Hit By Leap Second, Causing Its RRDNS Software To 'Panic' (silicon.co.uk) 119

Reader Mickeycaskill writes: The extra leap second added on to the end of 2016 may not have had an effect on most people, but it did catch out a few web companies who failed to factor it in. Web services and security firm CloudFlare was one such example. A small number of its servers went down at midnight UTC on New Year's Day due to an error in its RRDNS software, a domain name service (DNS) proxy that was written to help scale CloudFlare's DNS infrastructure, which limited web access for some of its customers. As CloudFlare explained, a number went negative in the software when it should have been zero, causing RRDNS to "panic" and affect the DNS resolutions to some websites. The issue was confirmed by the company's engineers at 00:34 UTC on New Year's Day and the fix -- which involved patching the clock source to ensure it normalises if time ever skips backwards -- was rolled out to the majority of the affected data centres by 02:50 UTC. Cloudflare said the outage only hit customers who use CNAME DNS records with its service. Google works around leap seconds with a so-called "smearing" technique -- running clocks slightly slower than usual on its Network Time Protocol servers.

Slashdot Top Deals