Slashdot.org

Syndicate content Slashdot
News for nerds, stuff that matters
Updated: 1 hour 43 min ago

Why New York's Subway Still Uses OS/2

Sun, 06/16/2019 - 23:34
Every day 5.7 million people ride the subway in New York City -- and are subjected to both "the whims of the Metropolitan Transit Authority and the unheard-of reliability of a marginally successful operating system from the early 1990s." martiniturbide shared this report from Tedium: OS/2 and MTA consultant Neil Waldhauer said in an email, "For a few years, you could bet your career on OS/2." To understand why, you need to understand the timing. Waldhauer continues, "The design is from a time before either Linux or Windows was around. OS/2 would have seemed like a secure choice for the future." So for a lack of options, the MTA went with its best one. And it's worked out for decades, as one of the key software components of a quite complex system... Despite the failure of OS/2 in the consumer market, it was hilariously robust, leading to a long life in industrial and enterprise systems -- with one other famous example being ATMs. Waldhauer said, "Thinking about all the operating systems in use [in the MTA], I'd have to say that OS/2 is probably the most robust part of the system, except for the mainframe." It's still in use in the NYC subway system in 2019. IBM had long given up on it, even allowing another company to maintain the software in 2001. (These days, a firm named Arca Noae sells an officially supported version of OS/2, ArcaOS, though most of its users are in similar situations to the MTA.)

Read more of this story at Slashdot.

Upgrade Your Memory With A Surgically Implanted Brain Chip

Sun, 06/16/2019 - 21:01
Bloomberg reports on a five-year, $77 million project by America's Department of Defense to create an implantable brain device that restores memory-generation capacity for people with traumatic brain injuries. A device has now been developed by Michael Kahana, a professor of psychology at the University of Pennsylvania, and the medical technology company Medtronic Plc, and successfully tested with funding from America's Defense Advanced Research Projects Agency (Darpa). Connected to the left temporal cortex, it monitors the brain's electrical activity and forecasts whether a lasting memory will be created. "Just like meteorologists predict the weather by putting sensors in the environment that measure humidity and wind speed and temperature, we put sensors in the brain and measure electrical signals," Kahana says. If brain activity is suboptimal, the device provides a small zap, undetectable to the patient, to strengthen the signal and increase the chance of memory formation. In two separate studies, researchers found the prototype consistently boosted memory 15 per cent to 18 per cent. The second group performing human testing, a team from Wake Forest Baptist Medical Center in Winston-Salem, N.C., aided by colleagues at the University of Southern California, has a more finely tuned method. In a study published last year, their patients showed memory retention improvement of as much as 37 per cent. "We're looking at questions like, 'Where are my keys? Where did I park the car? Have I taken my pills?'â" says Robert Hampson, lead author of the 2018 study... Both groups have tested their devices only on epileptic patients with electrodes already implanted in their brains to monitor seizures; each implant requires clunky external hardware that won't fit in somebody's skull. The next steps will be building smaller implants and getting approval from the U.S. Food and Drug Administration to bring the devices to market... Justin Sanchez, who just stepped down as director of Darpa's biological technologies office, says veterans will be the first to use the prosthetics. "We have hundreds of thousands of military personnel with traumatic brain injuries," he says. The next group will likely be stroke and Alzheimer's patients.

Read more of this story at Slashdot.

Twitch Sues Troll Streamers Who Flooded Site With Violent Videos and Pornography

Sun, 06/16/2019 - 19:01
An anonymous reader quotes Bloomberg: Twitch Interactive, the livestreaming platform owned by Amazon.com, has sued anonymous trolls who flooded the site last month with pornography, violent content and copyrighted movies and television shows... Twitch says it works to remove offensive posts and ban the accounts of the users who post them, but that the videos quickly reappear, apparently posted by bots, while other bots work to drive users to the impermissible content. Twitch temporarily suspended new creators from streaming after a May 25 attack by trolls. The company said that if it learns the identities of the anonymous streamers who have abused its terms of service -- named in the lawsuit as "John and Jane Does 1-100" -- it will ask the court to prohibit their using the platform and order them to pay restitution and damages.

Read more of this story at Slashdot.

A New Hidden Way of Web Browser Profiling, Identification and Tracking

Sun, 06/16/2019 - 18:05
Researchers from Austria's Graz University of Technology "have devised an automated system for browser profiling using two new side channel attacks that can help expose information about software and hardware," reports The Register. The researchers recently presented a paper titled "JavaScript Template Attacks: Automatically Inferring Host Information for Targeted Exploits," which The Register says "calls into question the effectiveness of anonymized browsing and browser privacy extensions... " Long-time Slashdot reader Artem S. Tashkinov shared their report: One of the side-channel attacks developed for JavaScript Template Attacks involve measuring runtime differences between two code snippets to infer the underlying instruction set architecture through variations in JIT compiler behavior. The other involves measuring timing differences in the memory allocator to infer the allocated size of a memory region. The boffins' exploration of the JavaScript environment reveals not only the ability to fingerprint via browser version, installed privacy extension, privacy mode, operating system, device microarchitecture, and virtual machine, but also the properties of JavaScript objects. And their research shows there are far more of these than are covered in official documentation. This means browser fingerprints have the potential to be far more detailed -- have more data points -- than they are now. The Mozilla Developer Network documentation for Firefox, for example, covers 2,247 browser properties. The researchers were able to capture 15,709. Though not all of these are usable for fingerprinting and some represent duplicates, they say they found about 10,000 usable properties for all browsers.

Read more of this story at Slashdot.

Researcher Publishers 7 Million (Still Public) Venmo Transactions on GitHub

Sun, 06/16/2019 - 16:44
Remember the outrage last year when a researcher discovered that for Venmo's 40 million users, all transactions are "public" by default and broadcast on Venmo's API? More than a year later, computer science student Dan Salmon has demonstrated that it's still incredibly easy to download millions of transactions through Venmo's developer API without obtaining user permissions (without even using the Venmo app). He proved this by downloading 7 million of them," TechCrunch reports: Dan Salmon said he scraped the transactions during a cumulative six months to raise awareness and warn users to set their Venmo payments to private... Using that data, anyone can look at an entire user's public transaction history, who they shared money with, when, and in some cases for what reason -- including illicit goods and substances. "There's truly no reason to have this API open to unauthenticated requests," he told TechCrunch. "The API only exists to provide like a scrolling feed of public transactions for the home page of the app, but if that's your goal then you should require a token with each request to verify that the user is logged in." He published the scraped data on his GitHub page.

Read more of this story at Slashdot.

'Genius' Site Said It Used Morse Code To Catch Google Stealing Song Lyrics

Sun, 06/16/2019 - 15:54
"Genius.com says its traffic is dropping because, for the past several years, Google has been publishing lyrics on its own platform, with some of them lifted directly from the music site," reports the Wall Street Journal: Google denies doing anything nefarious. Still, Genius's complaints offer a window into the challenges small tech companies can face when the unit of Alphabet Inc. starts offering competing services on its platform... Genius said it notified Google as far back as 2017, and again in an April letter, that copied transcriptions appear on Google's website. The April letter, a copy of which was viewed by the Journal, warned that reuse of Genius's transcriptions breaks the Genius.com terms of service and violates antitrust law. "Over the last two years, we've shown Google irrefutable evidence again and again that they are displaying lyrics copied from Genius," said Ben Gross, Genius's chief strategy officer, in an email message.... Genius said it found more than 100 examples of songs on Google that came from its site. Starting around 2016, Genius made a subtle change to some of the songs on its website, alternating the lyrics' apostrophes between straight and curly single-quote marks in exactly the same sequence for every song. When the two types of apostrophes were converted to the dots and dashes used in Morse code, they spelled out the words "Red Handed." Genius is a privately held company, and its investors include Andreessen Horowitz, Emagen Investment Group and the rapper Nas... Genius clients include the music streaming website Spotify Technology SA and Apple Inc. The article also notes March study from web-analytics firm Jumpshot Inc. which found 62% of mobile searches on Google now don't result in the user clicking through to a non-Google web site.

Read more of this story at Slashdot.

Google's Login Chief: Apple's Sign-In Button Is Better Than Using Passwords

Sun, 06/16/2019 - 14:34
After Apple announced a single sign-on tool last week, The Verge interviewed Google product management director Mark Risher. Though Google offers its own single sign-on tool, The Verge found him "surprisingly sunny about having a new button to compete with. While the login buttons are relatively simple, they're much more resistant to common attacks like phishing, making them much stronger than the average password -- provided you trust the network offering them." RISHER: I honestly do think this technology will be better for the internet and will make people much, much safer. Even if they're clicking our competitor's button when they're logging into sites, that's still way better than typing in a bespoke username and password, or more commonly, a recycled username and password... Usually with passwords they recommend the capital letters and symbols and all of that, which the majority of the planet believes is the best thing that they should do to improve their security. But it actually has no bearing on phishing, no bearing on password breaches, no bearing on password reuse. We think that it's much more important to reduce the total number of passwords out there... People often push back against the federated model, saying we're putting all our eggs into one basket. It sort of rolls off the tongue, but I think it's the wrong metaphor. A better metaphor might be a bank. There are two ways to store your hundred dollars: you could spread it around the house, putting one dollar in each drawer, and some under your mattress and all of that. Or you could put it in a bank, which is one basket, but it's a basket that is protected by 12-inch thick steel doors. That seems like the better option!

Read more of this story at Slashdot.

Michigan Town Approves Fiber Internet Despite Intense Lobbying

Sun, 06/16/2019 - 13:34
Long-time Slashdot reader Proudrooster writes: Fiber Internet is coming to Traverse City, Michigan in the hopes of attracting high tech startups and helping the city become a high-tech hub. Even in the face of intense lobbying by [commercial high-speed internet provider] Charter, The Mackinaw Center for Public Policy, and a barrage of pop up ads opposing it, the project is moving ahead into phase one. It was more than apparent that Charter did everything it could to try and sow fear, uncertainty, and doubt to try and kill this project as other incumbent providers have done across the USA. [Citation needed -- though Traverse City officials did report high-powered anonymous lobbying.] Kudos to the board of Traverse City Light and Power and the residents of Traverse City for being brave and making this investment in their community. Even though the decision is not finalized, the network may be an open network, allowing customers to purchase from a variety of providers. This project will undoubtedly be watched nationwide and possibly serve as a new model for other community fiber builds.

Read more of this story at Slashdot.

America Planted Malware In Russia's Power Grid, Says NYT

Sun, 06/16/2019 - 12:34
"The U.S. military's Cyber Command has gotten more aggressive than ever against Russia in the past year, placing 'potentially crippling malware' in systems that control the country's electrical grid," according to CNET, citing a report in the New York Times: Made possible by little-noticed legal authority granted last summer by Congress, Cyber Command's strategy shift from a defensive to offensive posture is meant in part as a warning shot, but it's also designed to enable paralysing cyberattacks in the event of a conflict, The New York Times said Saturday, quoting unnamed officials... [T]he recent moves appear to have taken place under a military authorization bill Congress passed in 2018 that gives the go-ahead for "clandestine military activity" in cyberspace to "deter, safeguard or defend against attacks or malicious cyberactivities against the United States...." The Times said Cyber Command is concerned Russia could trigger selective power outages in key states during the 2020 election and that it needs a way to discourage such attacks. But the agency and the U.S. have to consider their moves carefully in this international game of cyberchess. "The question now is whether placing the equivalent of land mines in a foreign power network is the right way to deter Russia," the Times report says. "While it parallels Cold War nuclear strategy, it also enshrines power grids as a legitimate target...." In related news, Bloomberg reported Friday that a Russia-linked hacking group that shut down an oil and gas facility in Saudi Arabia in 2017 has been probing utilities in the U.S. since late last year.

Read more of this story at Slashdot.

Why 'Ambient Computing' Is Just A Marketing Buzzword -- For Now

Sun, 06/16/2019 - 11:34
An anonymous reader quotes Computerworld columnist Mike Elgan: Ambient computing is real. It's the next megatrend in computing.... To interact in an "ambient computing" context means to not care and not even necessarily know where exactly the devices are that you're interacting with. When IoT devices and sensors are all around us, and artificial intelligence can understand human contexts for what's happening and act accordingly and in our interests, then ambient computing will have arrived... As with many technology revolutions, including augmented reality and AI, the buzzword ambient will precede the actual technology by many years. In fact, the marketing buzzword is suddenly here in full force. The actual technologies? Not so much. Instead, we're on the brink of a revolution in what you might call "semi-ambient computing...." Rumors are circulating that Google's next smartphones, the Pixel 4 line, may come with Soli built in. I told you in January about Google's Project Soli, which may be called the "Aware" sensor or feature in the Pixel 4 -- again, according to unconfirmed rumors. Soli or Aware capability means the Pixel 4 may accept in-the-air hand gestures, such as "skip" and "silence" during music playback. The new Google "wave" is a hand gesture. The ability to wave away music with a hand gesture brings the smartphone into the semi-ambient computing era. It basically adds natural hand gestures to natural-language processing.... Google also briefly talked last year about a healthcare assistant called Dr. Liz., which was described by former Google CEO Eric Schmidt as an ambient computing virtual assistant for doctors. We'll see if Google ever ships a Dr. Liz product... Yes, ambient computing is real, and the Next Big Thing, showing up first in business, enterprises and healthcare. But for now, the term ambient computing will be misapplied. It's a buzzword that will be stapled to every semi-ambient computing product and service that comes out over the next few years. The article predicts we'll eventually see ambient computing arriving in cars, grocery stores, smart glasses -- and notes a Microsoft job listing for its "Ambient Computing & Robotics team" describing "the era where computer vision, AI-based cognition, and autonomous electro-mechanicals pervade the workplace." Computerworldd adds that Microsoft "was mocked for its 'Clippy' assistant, which the company released in 1996 as a way to provide friendly help for people using Microsoft Office. In the future, Microsoft may release what will essentially be a Clippy that works, because it will understand human context through AI."

Read more of this story at Slashdot.

Massive Electrical Failure Cuts Power To Nearly All Of Argentina On Election Day -- and Uruguay

Sun, 06/16/2019 - 10:34
Iwastheone quotes the BBC: A massive electrical failure has left almost all of Argentina and Uruguay without power, according to a major Argentine electricity provider. Authorities say the cause of the blackout is still unclear. Argentine media said the power cut occurred shortly after 07:00 [03:00 PST, 11:00 BST], causing trains to be halted and failures with traffic signalling. It came as people in parts of Argentina were preparing to go to the polls for local elections. "A massive failure in the electrical interconnection system left all of Argentina and Uruguay without power," electricity supply company Edesur said in a tweet. Alejandra Martinez, a spokeswoman for the company, described the power cut as unprecedented. "This is the first time something like this has happened across the entire country." Argentina's energy secretary, Gustavo Lopetegui, said the cause of the power failure had not yet been determined. The Ministry of Civil Protection estimated that parts of the service could be restored in about seven or eight hours. Edesur said that power had been restored over 75,00 clients in parts of Buenos Aires and local media reported that two airports were operating on generators in the capital. Uruguay's energy company, UTE, said in a series of tweets that power had been restored to coastal areas and to areas north of Rio Negro. The combined population of Argentina and Uruguay is about 48 million people.... Tierra del Fuego in the far south is the only area that remains unaffected because it is not connected to the power grid. "Local media have been showing voters casting their ballots in the dark, with mobile phones being used as lanterns."

Read more of this story at Slashdot.

Facebook's Photorealistic Simulator For AI Runs At 10,000 FPS

Sun, 06/16/2019 - 09:34
malachiorion writes: Facebook just open sourced a simulator for testing and training embodied AI systems -- like virtual robots. They worked with AR/VR researchers to release the simulator along with what they say are the most photorealistic 3D reconstructions of real world places available. [Facebook Reality Labs have named this "the Replica data set".] The crazy part: Because more frames are always better for training computer vision in simulators, it can run at 10,000 FPS! The simulator's ability to hit 10K frames per second prompted an interesting follow-up on the original submission. "It's a totally useless framerate for humans -- just absolute overkill for our brains/eyeballs -- but it's apparently a benefit for AI systems." "As more researchers adopt the platform, we can collectively develop embodied AI techniques more quickly," explains Facebook's blog post, "as well as realize the larger benefits of replacing yesterday's training data sets with active environments that better reflect the world we're preparing machine assistants to operate in." And if you're worried about privacy, Facebook assures readers that "The data used to generate Replica scans was anonymized to remove any personal details (such as family photos) that could identify an individual. The overall reconstruction process was meticulous, with researchers manually filling in the small holes that are inevitably missed during scanning and using a 3D paint tool to apply annotations directly onto meshes."

Read more of this story at Slashdot.

Uber's Plan To Deliver McDonald's Hamburgers By Drone

Sun, 06/16/2019 - 08:34
An anonymous reader quotes the Washington Post: The company's new initiative -- a collaborative effort between its Uber Eats and Uber Elevate divisions -- began with tests in San Diego using fast food meals from McDonald's, but could expand to include a local fine-dining restaurant called Juniper and Ivy, the company said. Uber intends to roll out commercial food delivery using drones in the same city this summer, with a fee structure that mimics Uber Eats current pricing, according to Bloomberg Businessweek, which first reported the company's plan... "We've been working closely with the FAA to ensure that we're meeting requirements and prioritizing safety," Uber Elevate's Luke Fischer, the company's head of flight operations, said in a statement. "From there, our goal is to expand Uber Eats drone delivery so we can provide more options to more people at the tap of a button. We believe that Uber is uniquely positioned to take on this challenge as we're able to leverage the Uber Eats network of restaurant partners and delivery partners as well as the aviation experience and technology of Uber Elevate." How will Uber's drone delivery service work? After a restaurant loads a meal into a drone and the robot takes to the air, the company's technology will notify a nearby Uber Eats driver at a designated drop-off location, the company said. The driver will pick up and hand deliver the meal to the customer the same way the service currently operates. But in the future, Uber said, the company would like to land drones atop parked vehicles near delivery locations "through QR code correspondence." Once that happens, the last-mile leg of delivery would be completed by the Uber Eats driver who would hand-deliver the order.

Read more of this story at Slashdot.

Do Google and Facebook Threaten Our 'Ambient Privacy'?

Sun, 06/16/2019 - 06:34
This week Pinboard founder Maciej Ceglowski (also a web developer and social critic) asked readers of his blog to consider an emerging threat to ambient privacy. He defines it as "the understanding that there is value in having our everyday interactions with one another remain outside the reach of monitoring, and that the small details of our daily lives should pass by unremembered." Until recently, ambient privacy was a simple fact of life. Recording something for posterity required making special arrangements, and most of our shared experience of the past was filtered through the attenuating haze of human memory. Even police states like East Germany, where one in seven citizens was an informer, were not able to keep tabs on their entire population. Today computers have given us that power. Authoritarian states like China and Saudi Arabia are using this newfound capacity as a tool of social control. Here in the United States, we're using it to show ads. But the infrastructure of total surveillance is everywhere the same, and everywhere being deployed at scale.... Because our laws frame privacy as an individual right, we don't have a mechanism for deciding whether we want to live in a surveillance society. Congress has remained silent on the matter, with both parties content to watch Silicon Valley make up its own rules. The large tech companies point to our willing use of their services as proof that people don't really care about their privacy. But this is like arguing that inmates are happy to be in jail because they use the prison library. Confronted with the reality of a monitored world, people make the rational decision to make the best of it. That is not consent... Our discourse around privacy needs to expand to address foundational questions about the role of automation: To what extent is living in a surveillance-saturated world compatible with pluralism and democracy? What are the consequences of raising a generation of children whose every action feeds into a corporate database? What does it mean to be manipulated from an early age by machine learning algorithms that adaptively learn to shape our behavior? That is not the conversation Facebook or Google want us to have. Their totalizing vision is of a world with no ambient privacy and strong data protections, dominated by the few companies that can manage to hoard information at a planetary scale. They correctly see the new round of privacy laws as a weapon to deploy against smaller rivals, further consolidating their control over the algorithmic panopticon.

Read more of this story at Slashdot.

'How Close Are We to Self-Driving Cars, Really?'

Sun, 06/16/2019 - 02:34
Chris Urmson helped pioneer self-driving car technology at Google before founding Aurora (which sells self-driving car software to automakers, and this week announced a new partnership with Chrysler and a new round of investment by Hyundai). In a new interview, Urmson "says he expects that in about five to 10 years, Americans will start seeing robots cruising down the road in a handful of cities and towns across the country," reports Slate. "It will be about 30 to 50 years, he says, until they're everywhere. " I think within the next five years we'll see small-scale deployment. That'll be a few hundred or a few thousand vehicles. Really this is the, it's Silicon Valley speak, this is the zero-to-one moment of proving that the technology actually works, understanding how customers want to use it, convincing ourselves that -- and when I say ourselves, I mean as a society -- that these are sufficiently safe, that we trust them on the roadway, and that's that first phase... [W]hen the technology actually starts to become scaled, then we can ask the question what have we learned, what are the ways that we can make this a little bit safer, a little bit incrementally more efficient, and that's what I think local and state governments and federal government would invest in infrastructure... The statistic I heard was 30 percent of traffic in San Francisco is people looking for parking. I heard a more alarming statistic that was 80 percent of traffic in Paris was people looking for parking. So imagine you have automated vehicles that take you to a location, you hop out, then it just drives down the block and picks up the next person and takes them where they're going. Suddenly, you've alleviated a massive chunk of the congestion in a city. Similarly, if you look at the floor plan of a city today, somewhere between 30â"40 percent of cities is dedicated to parking and roads. And so again, if you have automated vehicles operating as a transportation service, whether it's private or public transportation networks in the city, you don't need that real estate to be dedicated for parking. That real estate now can be recaptured, and it can be used for park space, it can be used for residential space, yeah, it can be used for mixed residential-commercial office space... Certainly for urban centers, I think it's much more likely that this technology is a shared platform that people get on and get off. It's an even more convenient version of a bus or of a taxi service.

Read more of this story at Slashdot.

Security Cameras + AI = Dawn of Non-Stop Robot Surveillance

Sat, 06/15/2019 - 23:34
AmiMoJo shared this post from one of the ACLU's senior technology policy analysts about what happens when security cameras get AI upgrades: [I]magine that all that video were being watched -- that millions of security guards were monitoring them all 24/7. Imagine this army is made up of guards who don't need to be paid, who never get bored, who never sleep, who never miss a detail, and who have total recall for everything they've seen. Such an army of watchers could scrutinize every person they see for signs of "suspicious" behavior. With unlimited time and attention, they could also record details about all of the people they see -- their clothing, their expressions and emotions, their body language, the people they are with and how they relate to them, and their every activity and motion... The guards won't be human, of course -- they'll be AI agents. Today we're publishing a report on a $3.2 billion industry building a technology known as "video analytics," which is starting to augment surveillance cameras around the world and has the potential to turn them into just that kind of nightmarish army of unblinking watchers.... Many or most of these technologies will be somewhere between unreliable and utterly bogus. Based on experience, however, that often won't stop them from being deployed -- and from hurting innocent people... We are still in the early days of a revolution in computer vision, and we don't know how AI will progress, but we need to keep in mind that progress in artificial intelligence may end up being extremely rapid. We could, in the not-so-distant future, end up living under armies of computerized watchers with intelligence at or near human levels. These AI watchers, if unchecked, are likely to proliferate in American life until they number in the billions, representing an extension of corporate and bureaucratic power into the tendrils of our lives, watching over each of us and constantly shaping our behavior... Policymakers must contend with this technology's enormous power. They should prohibit its use for mass surveillance, narrow its deployments, and create rules to minimize abuse. They argue that the threat is just starting to emerge. "It is as if a great surveillance machine has been growing up around us, but largely dumb and inert -- and is now, in a meaningful sense, 'waking up.'"

Read more of this story at Slashdot.

Are Open Source Developers Being Underfunded and Exploited?

Sat, 06/15/2019 - 20:34
Donation-based open source programmer Andre Staltz recently collected data from GitHub, Patreon, and OpenCollective to try to calculate how much money is being donated to popular projects. The results? Out of 58 projects checked, "there were two clearly sustainable open source projects, but the majority (more than 80%) of projects that we usually consider sustainable are actually receiving income below industry standards or even below the poverty threshold." More than 50% of projects are red: they cannot sustain their maintainers above the poverty line. 31% of the projects are orange, consisting of developers willing to work for a salary that would be considered unacceptable in our industry. 12% are green, and only 3% are blue: Webpack and Vue.js... The median donation per year is $217, which is substantial when understood on an individual level, but in reality includes sponsorship from companies that are doing this also for their own marketing purposes... The total amount of money being put into open source is not enough for all the maintainers. If we add up all of the yearly revenue from those projects in this data set, it's $2.5 million. The median salary is approximately $9k, which is below the poverty line. If split up that money evenly, that's roughly $22k, which is still below industry standards. The core problem is not that open source projects are not sharing the money received. The problem is that, in total numbers, open source is not getting enough money... GitHub was bought by Microsoft for $7.5 billion. To make that quantity easier to grok, the amount of money Microsoft paid to acquire GitHub -- the company -- is more than 3000x what the open source community is getting yearly. In other words, if the open source community saved up every penny of the money they ever received, after a couple thousand years they could perhaps have enough money to buy GitHub jointly... If Microsoft GitHub is serious about helping fund open source, they should put their money where their mouth is: donate at least $1 billion to open source projects. Even a mere $1.5 million per year would be enough to make all the projects in this study become green. The article suggests concrete actions to stop this "exploitation," including donating to open source projects, as well as more scrutiny of how well open source projects are funded, and "pressuring Microsoft to donate millions to open source projects." It also suggests considering alternative licenses for new projects, and unionizing. But Chris Aniszczyk, the CTO of the Cloud Native Computing Foundation, responded on Twitter that the donation-based approach is "a path to ruin for sustainability... you solve this problem by having companies hire folks or help maintainers build businesses around their projects... let's not turn open source into a gig economy and demand more of companies instead." So what do Slashdot's readers think? Are open source developers being underfunded and exploited? And if so -- what's the solution?

Read more of this story at Slashdot.

News Industry Argues Google and Facebook 'Rob Journalism of Its Revenue', Seek Government Help

Sat, 06/15/2019 - 18:34
This week USA Today's former editor-in-chief argued that "Tech overlords Google and Facebook have used monopoly to rob journalism of its revenue," in an op-ed shared by schwit1: Over the past decade, the news business has endured a bloodbath, with tens of thousands of journalists losing their jobs amid mass layoffs. The irony is, more people than ever are consuming news... Why the disconnect? Look no further than a new study by the News Media Alliance, which found that in 2018, Google made $4.7 billion off of news content -- almost as much as every news organization in America combined made from digital ads last year. Yet Google paid a grand total of zero for the privilege. News industry revenue, meanwhile, has plunged... Google and Facebook command about 60% of all U.S. digital advertising revenue, and have siphoned off billions of dollars that once were the lifeblood of the news media. Let's be perfectly clear: Journalism's primary revenue source has been hijacked. It's time that news providers are compensated for the journalism they produce. That's why passage of the bipartisan Journalism Competition and Preservation Act is crucial... Toward that end, "News industry officials, including Atlanta Journal-Constitution Editor Kevin Riley, testified Tuesday on Capitol Hill in favor of legislation they say would help recover advertising revenue lost in recent years to tech behemoths such as Google and Facebook." The bipartisan bill would provide a four-year reprieve from federal antitrust laws, allowing print and digital publishers to collectively bargain with tech companies about how their content is used -- and what share of ad dollars they'll receive.... Federal antitrust laws bar news organizations from banding together to negotiate more favorable terms from social media and search sites. And individual outlets are deterred from acting alone, according to Chavern's group, because large tech companies could tank a news organization's traffic by demoting or excluding its stories from searches. The bill's proponents say it could help turn the tide for an industry that's been harmed over the past two decades by declining print subscriptions and ad revenue streams that have dried up and increasingly headed online. As tech sites' share of advertising revenue has grown -- Google's skyrocketed from $3.8 billion in 2005 to $52.4 billion in 2017 -- U.S. newspapers have watched their's nosedive from more than $49 billion to $16.5 billion during the same 12-year period, according to the Pew Research Center.

Read more of this story at Slashdot.

These Are the Internet of Things Devices That Are Most Targeted By Hackers

Sat, 06/15/2019 - 17:34
ZDNet reports: Internet-connected security cameras account for almost half of the Internet of Things devices that are compromised by hackers even as homes and businesses continue to add these and other connected devices to their networks. Research from cybersecurity company SAM Seamless Network found that security cameras represent 47 percent of vulnerable devices installed on home networks. According to the data, the average U.S. household contains 17 smart devices while European homes have an average of 14 devices connected to the network... Figures from the security firm suggest that the average device is the target of an average of five attacks per day, with midnight the most common time for attacks to be executed -- it's likely that at this time of the night, the users will be asleep and not paying attention to devices, so won't be witness to a burst of strange behavior. The anonymous reader who submitted this story suggests a possible solution: government inspectors should examine every imported IoT device at the border. "The device gets rejected if it has non-essential ports open, hard-coded or generic passwords, no automated patching for at least four years, etc."

Read more of this story at Slashdot.

Target Experiences A 'Massive' Nationwide Cash Register Outage

Sat, 06/15/2019 - 16:34
CBS News reports: Target acknowledged nationwide "system issues" affecting its stores on Saturday that prevented its customers from checking out at registers. The outage caused long checkout lines at Target locations, with upset customers posting images and video on social media. Slashdot reader McGruber shared an article reporting more than 5,000 posts on Downdetector.com about problems at Target stores Saturday -- and noting that Target is America's eighth-largest retailer. (CBS reports Target has 1,800 stores scattered across the country.) "This is how you bring America to a standstill," a Minnesota news producer joked on Twitter (where the phrase #targetdown is now trending...) "At least Target kept me fed," the news producer added later. "They brought out candy and popcorn and wings. I'm thinking they should set up a TV next and pop in a movie. Maybe we can play bean bag toss, too..."

Read more of this story at Slashdot.

Comment