BLACK FRIDAY DEAL: Trust the World's Fastest VPN with Your Internet Security & Freedom--A Lifetime Subscription of PureVPN at $48 with coupon code "BFRIDAY20" ×
United Kingdom

Living In Nuclear Disaster Fallout Zone Would Be No Worse Than Living In London, Research Suggests (bristol.ac.uk) 38

An anonymous reader quotes a report from University of Bristol, England: New research suggests that few people, if any, should be asked to leave their homes after a big nuclear accident, which is what happened in March 2011 following the Fukushima Daiichi nuclear disaster. Professor Thomas's team used the Judgement or J-value to balance the cost of a safety measure against the increase in life expectancy it achieves. The J-value is a new method pioneered by Professor Thomas that assesses how much should be spent to protect human life and the environment. The researchers found that it was difficult to justify relocating anyone from Fukushima Daiichi, where four and a half years after the accident around 85,000 of the 111,000 people who were moved out by the Japanese government had still not returned. After the world's worst nuclear accident at Chernobyl in 1986, in what was then part of the Ukrainian Soviet Socialist Republic of the Soviet Union (USSR), the J-value method supported relocation when nine months' or more life expectancy would be lost due to radiation exposure by remaining. Using the J-value method, 31,000 people would have needed to be moved, with the number rising to 72,000 if the whole community was evacuated when five per cent of its residents were calculated to lose nine months of life or more.

Philip Thomas, Professor of Risk Management in the Department of Civil Engineering at the University of Bristol, said: "Mass relocation is expensive and disruptive. But it is in danger of becoming established as the prime policy choice after a big nuclear accident. It should not be. Remediation should be the watchword for the decision maker, not relocation." For comparison, the average Londoner loses four and a half months to air pollution, while the average resident of Manchester lives 3.3 years less than his/her counterpart in Harrow, North London. Meanwhile, boys born in Blackpool lose 8.6 years of life on average compared with those born in London's borough of Kensington and Chelsea.
The results are published in a special issue of Process Safety and Environmental Protection, a journal from the Institution of Chemical Engineers.
United Kingdom

Pornhub Owner May Become the UK's Gatekeeper of Online Porn (yahoo.com) 28

An anonymous reader quotes a report from Yahoo News: Mindgeek may be the most powerful company that you've never heard of, or at least, a company you'll claim never to have heard about in polite company. It's the conglomerate that owns some of the world's most visited porn sites, including Pornhub, RedTube and YouPorn. Far from simply being a popular and free way for people to consume adult content, it may soon have a powerful political role in the UK that will ensure its dominance for decades to come. That's because, within the next year, Mindgeek may become the principal gatekeeper between the country's internet users and their porn. In April, the UK passed the Digital Economy Act 2017, legislation that mandated that any website showing adult content must verify the ages of its visitors. It was pushed through in response to concerns that children were being corrupted by easy access to and exposure to adult content at an early age. Section 15(1) of the bill requires that "pornographic material" not be published online, on a "commercial basis," unless it is "not normally accessible by those under 18." The bill has several flaws, not least the number of vague proposals it contains, and the ad hoc definition of what pornography actually is. Section 17 of the same act outlined the creation of an "age-verification regulator," the digital equivalent of a bouncer standing between you and your porn. This gatekeeper will have the right, and duty, to demand you show proof of age, or else refuse you access. In addition, the body will be able to impose fines and enforcement notices on those who either neglect or circumvent the policy. [...] The Open Rights Group believes that the BBFC will then hand over the actual mechanisms of the age verification platform to a third party in the private sector. Mindgeek has had several conversations with officials and is currently pushing its own age verification platform, AgeID. If selected, this platform could become the principal wall between Britons and their pornography -- giving Mindgeek enormous power in the market.
Businesses

Belgium Denounces Loot Boxes as Gambling; Hawaiian Legislator Calls Them 'Predatory' (arstechnica.co.uk) 193

Peter Bright, writing for ArsTechnica: Belgium's Gaming Commission has ruled that loot boxes -- in-game purchases where what you receive is randomized and only known once you open the box -- are gambling. The country's minister of justice, Koen Geens, has said that he wants to see them banned Europe-wide, reports PC Gamer. Amid outcry over the use of loot boxes in Overwatch and Star Wars Battlefront 2, the Belgian Gaming Commission decided last week to look into the issue, with Commission Director Peter Naessens specifically saying that the combination of paying money and receiving something "dependent on chance" prompted the investigation. Rather swiftly, it seems, the Commission has made its decision. In October, the US' Entertainment Software Rating Board (ESRB) rejected calls to classify loot boxes as gambling. It told Kotaku that since players receive some reward from opening the loot box -- even if it's useless or unwanted -- that it's not gambling. As such, loot box games will receive neither ESRB's "Real Gambling" nor "Simulated Gambling" labels, the former of which automatically gives a game an "Adults Only" rating. Many retailers refuse to sell A-O games, so giving every title that uses loot boxes such a rating would likely be harmful to their sales. The question of whether loot boxes are gambling may see some new scrutiny in the US. Hawaiian Democratic State Representative Chris Lee has described loot boxes as predatory behavior.
Communications

Broadband Firms in UK Must Ditch 'Misleading' Speed Ads (bbc.com) 68

An anonymous reader shares a report: Broadband firms will no longer be able to advertise their fast net services based on the speeds just a few customers get, from May next year. Currently ISPs are allowed to use headline speeds that only 10% of customers will actually receive. In future, adverts must be based on what is available to at least half of customers at peak times. It follows research that suggested broadband advertising can be misleading for consumers. The Advertising Standards Authority (ASA) looked into consumers' understanding of broadband speed claims and found that many were confused by headline speeds that they would never actually get in their own homes. The concerns were passed on to the Committees of Advertising Practice (Cap) which consulted with ISPs, consumer groups and Ofcom to find a better way to advertise fast net services. Most argued that the fairest and clearest way would be to use the average speeds achieved at peak time by 50% of customers.
Programming

More Than Half of GitHub Is Duplicate Code, Researchers Find (theregister.co.uk) 107

Richard Chirgwin, writing for The Register: Given that code sharing is a big part of the GitHub mission, it should come at no surprise that the platform stores a lot of duplicated code: 70 per cent, a study has found. An international team of eight researchers didn't set out to measure GitHub duplication. Their original aim was to try and define the "granularity" of copying -- that is, how much files changed between different clones -- but along the way, they turned up a "staggering rate of file-level duplication" that made them change direction. Presented at this year's OOPSLA (part of the late-October Association of Computing Machinery) SPLASH conference in Vancouver, the University of California at Irvine-led research found that out of 428 million files on GitHub, only 85 million are unique. Before readers say "so what?", the reason for this study was to improve other researchers' work. Anybody studying software using GitHub probably seeks random samples, and the authors of this study argued duplication needs to be taken into account.
Math

Devs Working To Stop Go Math Error Bugging Crypto Software (theregister.co.uk) 66

Richard Chirgwin, writing for The Register: Consider this an item for the watch-list, rather than a reason to hit the panic button: a math error in the Go language could potentially affect cryptographic libraries. Security researcher Guido Vranken (who earlier this year fuzzed up some bugs in OpenVPN) found an exponentiation error in the Go math/big package. Big numbers -- particularly big primes -- are the foundation of cryptography. Vranken posted to the oss-sec mailing list that he found the potential issue during testing of a fuzzer he wrote that "compares the results of mathematical operations (addition, subtraction, multiplication, ...) across multiple bignum libraries." Vranken and Go developer Russ Cox agreed that the bug needs specific conditions to be manifest: "it only affects the case e = 1 with m != nil and a pre-allocated non-zero receiver."
Security

Uber Hackers May Have Been Russian (thetimes.co.uk) 58

Mark Bridge, reporting for The Times: Thousands of Uber customers are believed to have had their accounts hacked by Russians after users of the app (Editor's note: the link is paywalled; alternative source) reported being billed in roubles for taxi journeys they had not taken in Moscow and St Petersburg. More than 800 people in Britain and the United States have complained on Twitter that their accounts were taken over in the past year, The Times found, with the number of reports spiking in April and May. Experts said this number of Twitter reports suggested that the true figure would be much higher.
Google

CNBC: Google's New 'Pixel Buds' Suck (yahoo.com) 100

Google's new Pixel Buds "are really bad" and "not worth buying," according to CNBC's technology products editor: The stand-out feature of Google Pixel Buds is that they're supposed to be able to translate spoken languages in near real-time. In my real-world tests, however, that wasn't the case at all. I took the Pixel Buds out on the streets of Manhattan, speaking to a Hungarian waiter in Little Italy, multiple vendors in Chinatown and more. If you press the right earbud and say "help me speak Chinese," for example, the buds will launch Google Translate, you can speak what you'd like to ask someone in another language, and a voice will read out the translated speech through your smartphone's speakers. Then, when someone replies, you'll hear that response through the Pixel Buds.

The microphone on the Pixel Buds is really bad, so it barely picked up my voice queries that I wanted to translate. I stood on the side of the road in Chinatown repeating myself at least 10 times trying to get the phone to pick up my speech in order to begin translation. It barely worked, even if I took the buds out and spoke directly into the microphone on the right earbud, and often only translated half of what I was trying to ask. In a quiet place, I was able to allow someone to respond to me, after which I'd hear the English translation through the headphones. That was neat, but it barely ever actually worked that way. To mitigate this, I found it was just easier to manually open the Google translate app, speak into my phone's microphone, and then let someone else also speak right into my phone. This executed the translation nearly perfectly, and meant that I didn't need the Pixel Buds at all.

The article ends by answering the question, Should you buy them? "Nope. There's nothing I recommend about the Pixel Buds.

"They're cheap-feeling and uncomfortable, and you're better off using the Google Translate app on a phone instead of trying to fumble with the headphones while trying to translate a conversation. The idea is neat, but it just doesn't work well enough to recommend to anyone on any level."
The Courts

FOSS Community Criticizes SFLC over SFC Trademark War (lunduke.com) 64

Earlier this month Bruce Perens notified us that "the Software Freedom Law Center, a Linux-Foundation supported organization, has asked USPTO to cancel the trademark of the name of the Software Freedom Conservancy, an organization that assists and represents Free Software/Open Source developers." Now Slashdot reader curcuru -- director of the Apache Software Foundation -- writes: No matter how you look at it, this kind of lawsuit is a loss for software freedom and open source in general, since this kind of USPTO trademark petition (like a lawsuit) will tie up both organizations, leaving less time and funds to help FOSS projects. There's clearly more to the issue than the trademark issue; the many community members' blog posts make that clear.

GNOME executive director Neil McGovern
Apache Software Foundation director Shane Curcuru
Google security developer Matthew Garrett
Linux industry journalist Bryan Lunduke


The key point in this USPTO lawsuit is that the legal aspects aren't actually important. What's most important is the community reaction: since SFLC and Conservancy are both non-profits who help serve free software communities, it's the community perception of what organizations to look to for help that matters. SFLC's attempt to take away the Conservancy's very name doesn't look good for them.

Bryan Lunduke's video covers the whole case, including his investigation into the two organizations and their funding.

The Military

Massive US Military Social Media Spying Archive Left Wide Open In AWS S3 Buckets (theregister.co.uk) 84

An anonymous reader quotes a report from The Register: Three misconfigured AWS S3 buckets have been discovered wide open on the public internet containing "dozens of terabytes" of social media posts and similar pages -- all scraped from around the world by the U.S. military to identify and profile persons of interest. The archives were found by veteran security breach hunter UpGuard's Chris Vickery during a routine scan of open Amazon-hosted data silos, and these ones weren't exactly hidden. The buckets were named centcom-backup, centcom-archive, and pacom-archive. CENTCOM is the common abbreviation for the U.S. Central Command, which controls army operations in the Middle East, North Africa and Central Asia. PACOM is the name for U.S. Pacific Command, covering the rest of southern Asia, China and Australasia.

"For the research I downloaded 400GB of samples but there were many terabytes of data up there," he said. "It's mainly compressed text files that can expand out by a factor of ten so there's dozens and dozens of terabytes out there and that's a conservative estimate." Just one of the buckets contained 1.8 billion social media posts automatically fetched over the past eight years up to today. It mainly contains postings made in central Asia, however Vickery noted that some of the material is taken from comments made by American citizens. The databases also reveal some interesting clues as to what this information is being used for. Documents make reference to the fact that the archive was collected as part of the U.S. government's Outpost program, which is a social media monitoring and influencing campaign designed to target overseas youths and steer them away from terrorism.

Music

Apple's HomePod Gets Delayed Until 2018 (theverge.com) 49

Apple has reportedly delayed the release of its HomePod smart speaker until 2018. In a statement to The Verge, Apple says that it needs more time to work on the device. "We can't wait for people to experience HomePod, Apple's breakthrough wireless speaker for the home, but we need a little more time before it's ready for our customers," an Apple spokesperson said. "We'll start shipping in the U.S., UK and Australia in early 2018." From the report: The speaker was originally set to be released in December. Priced at $349, the HomePod is slated to take on higher-end sound systems like Sonos, as well as smart assistants like the Amazon Echo and Google Home. The cylindrical speaker features a seven-speaker array of tweeters, a four-inch subwoofer, and a six-microphone array, which puts it right on par spec-wise with the best speakers in its price range, but where it may fall short is Siri, which isn't really in the same class as Alexa or Google Assistant. That challenge is likely why Apple's focus at the launch of the HomePod back at WWDC in June was music first and smart features second.
Piracy

Hollywood Strikes Back Against Illegal Streaming Kodi Add-ons (engadget.com) 77

An anonymous reader shares a report: An anti-piracy alliance supported by many major US and UK movie studios, broadcasters and content providers has dealt a blow to the third-party Kodi add-on scene after it successfully forced a number of popular piracy-linked streaming tools offline. In what appears to be a coordinated crackdown, developers including jsergio123 and The_Alpha, who are responsible for the development and hosting of add-ons like urlresolver, metahandler, Bennu, DeathStreams and Sportie, confirmed that they will no longer maintain their Kodi creations and have immediately shut them down.
Education

Is American English Going To Take Over British English Completely? (scroll.in) 526

Paul Baker, writing for The Conversation: Brits can get rather sniffy about the English language -- after all, they originated it. But a Google search of the word "Americanisms" turns up claims that they are swamping, killing and absorbing British English. If the British are not careful, so the argument goes, the homeland will soon be the 51st State as workers tell customers to "have a nice day" while "colour" will be spelt without a "u" and "pavements" will become "sidewalks." My research examined how both varieties of the language have been changing between the 1930s and the 2000s and the extent to which they are growing closer together or further apart. So do Brits have cause for concern? Well, yes and no. On the one hand, most of the easily noticeable features of British language are holding up. Take spelling, for example -- towards the 1960s it looked like the UK was going in the direction of abandoning the "u" in "colour" and writing "centre" as "center." But since then, the British have become more confident in some of their own spellings. In the 2000s, the UK used an American spelling choice about 11% of the time while Americans use a British one about 10% of the time, so it kind of evens out. Automatic spell-checkers which can be set to different national varieties are likely to play a part in keeping the two varieties fairly distinct. [...] But when we start thinking of language more in terms of style than vocabulary or spelling, a different picture emerges. Some of the bigger trends in American English are moving towards a more compact and informal use of language. American sentences are on average one word shorter in 2006 than they were in 1931. Americans also use a lot more apostrophes in their writing than they used to, which has the effect of turning the two words "do not" into the single "don't." They're getting rid of certain possessive structures, too -- so "the hand of the king" becomes the shorter "the king's hand." Another trend is to avoid passive structures such as "a paper was written," instead using the more active form, "I wrote a paper."
Businesses

Munich Council: To Hell With Linux, We're Going Full Windows in 2020 (theregister.co.uk) 544

The German city of Munich, which received much popularity back in the day when it first ditched Microsoft's services in favor of open-source software, has now agreed to stop using Linux and switch back to Windows. If the decision is ratified by the full council in two weeks, Windows 10 will start rolling out across the city in 2020. From a report: A coalition of Social Democrats and Conservatives on the committee voted for the Windows migration last week, Social Democrat councillor Anne Hubner told The Register. Munich rose to fame in the open-source world for deciding to use Linux and LibreOffice to make the city independent from the claws of Microsoft. But the plan was never fully realised -- mail servers, for instance, eventually wound up migrating to Microsoft Exchange -- and in February the city council formally voted to end Linux migration and go back to Microsoft. Hubner said the city has struggled with LiMux adoption. "Users were unhappy and software essential for the public sector is mostly only available for Windows," she said. She estimated about half of the 800 or so total programs needed don't run on Linux and "many others need a lot of effort and workarounds." Hubner added, "in the past 15 years, much of our efforts were put into becoming independent from Microsoft," including spending "a lot of money looking for workarounds" but "those efforts eventually failed." A full council vote on Windows 10 2020 migration is set for November 23, Hubner said. However, the Social Democrats and Conservatives have a majority in the council, and the outcome is expected to be the same as in committee.
Bug

Researchers Run Unsigned Code on Intel ME By Exploiting USB Ports (thenextweb.com) 171

Slashdot user bongey writes: A pair of security researchers in Russia are claiming to have compromised the Intel Management Engine just using one of the computer's USB ports. The researchers gained access to a fully functional JTAG connection to Intel CSME via USB DCI. The claim is different from previous USB DCI JTAG examples from earlier this year. Full JTAG access to the ME would allow making permanent hidden changes to the machine.
"Getting into and hijacking the Management Engine means you can take full control of a box," reports the Register, "underneath and out of sight of whatever OS, hypervisor or antivirus is installed."

They add that "This powerful God-mode technology is barely documented," while The Next Web points out that USB ports are "a common attack vector."
AI

Study Finds Robot Surgeons Are Actually Slower and More Expensive (theregister.co.uk) 44

"Robot-assisted surgery costs more time and money than traditional methods, but isn't more effective, for certain types of operations," reports the Register, in an article shared by schwit1: In a study of almost 24,000 laparoscopic surgeries just published in The Journal of American Medicine, researchers from Stanford University School of Medicine analyzed data from 416 hospitals around the U.S. from 2003 to 2015. Robotic assistance provides 3D-visualization, a broader range of motion for instruments, and better ergonomics for physicians, according to the study. While it has advantages in scenarios where a high-degree of precision is required or where improved outcomes have been demonstrated (like radical prostatectomy), it appears to be a waste of resources for the two operations examined... But the patient outcomes were more or less the same.

A thematically-related economic study presented by the National Bureau for Economic Research on Monday suggests that while AI and machine learning have received substantial investment over the past five years and have been widely touted as a transformative technologies, "there is little sign that they have yet affected aggregate productivity statistics... The simplest possibility is that the optimism about the potential technologies is misplaced and unfounded," muse Erik Brynjolfsson and Daniel Rock (MIT), Chad Syverson (University of Chicago) in the paper.

But instead the paper's author suggest that fully realizing the benefits of AI "will require effort and entrepreneurship to develop the needed complements, and adaptability at the individual, organizational, and societal levels to undertake the associated restructuring."
Businesses

Uber Drivers Have Rights on Wages and Time Off, UK Panel Rules (apnews.com) 125

Uber suffered a blow on Friday to its operations in its biggest market outside the United States when a British panel ruled in London rejected the company's argument that its drivers were self employed. The decision, which affirmed a ruling made last year, means that Uber will have to ensure its drivers in Britain are paid a minimum wage and entitled to time off, casting doubt on a common hiring model in the so-called gig economy that relies on workers who do not have a formal contract as permanent employees. From a report: Judge Jennifer Eady rejected Uber's argument that the men were independent contractors, because the drivers had no opportunity to make their own agreements with passengers and the company required them to accept 80 percent of trip requests when they were on duty. The tribunal, Eady wrote in her decision, found "the drivers were integrated into the Uber business of providing transportation services." The ride-hailing service said it has never required drivers in the U.K. to accept 80 percent of the trips offered to them and that drivers make well above the minimum wage. Employment lawyers expect the case to be heard by higher courts as early as next year.
NASA

NASA: We're Not Building Flying Taxi Software For Uber (theregister.co.uk) 24

News outlets reported on Wednesday that Uber had signed a contract with NASA to develop software for the ride-hailing company's autonomous "flying taxis." A day later, the space agency has clarified its involvement in the project and the specifics of the contract. From the report: Uber's chief product officer Jeff Holden spoke at the Web Summit in Lisbon yesterday where he was promoting the fledgling autonomous taxi project, revealed last year, Uber Elevate. And of course he never claimed that NASA was working on software for his firm, merely explaining that it had inked an agreement to work with the public body on the latter's air traffic control project. Uber told us that while NASA was not "committing funding or anything like that", it said "having their decades of aeronautic experience actively collaborating with our engineers is a huge help for tackling the aviation traffic management hurdles." A NASA spokesperson, meanwhile, told us Uber had indeed signed what it described as a "generic Space Act Agreement" for participation in the programme back in January, joining a "multitude" of others. The project and its members are "researching prototype technologies for a UAS Traffic Management (UTM) system that could develop airspace integration requirements for enabling safe, efficient low-altitude operations," according to NASA's website. So no new news on the software front.
Open Source

Apache OpenOffice: We're OK With Not Being Super Cool (theregister.co.uk) 106

The Register's Thomas Claburn, interviews Jim Jagielski, Apache Software Foundation President and Apache OpenOffice project mentor. From the story: Despite being the subject of a deathwatch -- perhaps mainly by fans of rival LibreOffice -- AOO appears to be rather popular, with the 4.1.4 update racking up at least 1.6 million downloads. [...] While AOO and the ASF formulate a formal statement of direction for the project, Jagielski said more or less that all's well. "AOO is not, and isn't designed to be, the 'super coolest open source office suite with all the latest bells and whistles,'" Jagielski continued. "Our research shows that a 'basic,' functional office suite, which is streamlined with a 'simple' and uncluttered, uncomplicated UI, serves an incredible under-represented community. "Other office suites are focusing on the 'power user' which is a valuable market, for sure, but the real power and range for an open-source office suite alternative is the vast majority which is the 'rest of us. Sometimes we all forget how empowering open source is to the entire world."
Businesses

Paradise Papers Leak Reveals Apple's Secret Tax Bolthole (bbc.com) 174

An anonymous reader quotes a report from BBC: The world's most profitable firm has a secretive new structure that would enable it to continue avoiding billions in taxes, the Paradise Papers show. They reveal how Apple sidestepped a 2013 crackdown on its controversial Irish tax practices by actively shopping around for a tax haven. It then moved the firm holding most of its untaxed offshore cash, now $252 billion, to the Channel Island of Jersey. Apple said the new structure had not lowered its taxes. It said it remained the world's largest taxpayer, paying about $35 billion in corporation tax over the past three years, that it had followed the law and its changes "did not reduce our tax payments in any country."

Leaked emails also make it clear that Apple wanted to keep the move secret. One email sent between senior partners at Appleby says: "For those of you who are not aware, Apple [officials] are extremely sensitive concerning publicity. They also expect the work that is being done for them only to be discussed amongst personnel who need to know." Apple chose Jersey, a UK Crown dependency that makes its own tax laws and which has a 0% corporate tax rate for foreign companies. Paradise Papers documents show Apple's two key Irish subsidiaries, Apple Operations International (AOI), believed to hold most of Apple's massive $252 billion overseas cash hoard, and Apple Sales International (ASI), were managed from Appleby's office in Jersey from the start of 2015 until early 2016. This would have enabled Apple to continue avoiding billions in tax around the world.
The report notes that Apple paid just $1.65 billion in taxes to foreign governments, despite making $44.7 billion outside the U.S. That's a tax rate of 3.7%, which is less than a sixth of the average rate of corporation tax in the world.

Slashdot Top Deals