Feed aggregator

Feds Issue Emergency Order For Agencies To Patch Critical Windows Flaw

Slashdot.org - Tue, 09/22/2020 - 05:00
The US Department of Homeland Security is giving federal agencies until midnight on Tuesday to patch a critical Windows vulnerability that can make it easy for attackers to become all-powerful administrators with free rein to create accounts, infect an entire network with malware, and carry out similarly disastrous actions. Ars Technica reports: Zerologon, as researchers have dubbed the vulnerability, allows malicious hackers to instantly gain unauthorized control of the Active Directory. An Active Directory stores data relating to users and computers that are authorized to use email, file sharing, and other sensitive services inside large organizations. Zerologon is tracked as CVE-2020-1472. Microsoft published a patch last Tuesday. The flaw, which is present in all supported Windows server versions, carries a critical severity rating from Microsoft as well as a maximum of 10 under the Common Vulnerability Scoring System. Further raising that stakes was the release by multiple researchers of proof-of-concept exploit code that could provide a roadmap for malicious hackers to create working attacks. Officials with the Cybersecurity and Infrastructure Security Agency, which belongs to the DHS, issued an emergency directive on Friday that warned of the potentially severe consequences for organizations that don't patch. [The agency's statement can be found in the article.] CISA, which has authorization to issue emergency directives intended to mitigate known or suspected security threats, is giving organizations until 11:59pm EDT on Monday to either install a Microsoft patch or disconnect the vulnerable domain controller from the organization network. No later than 11:59pm EDT on Wednesday, agencies are to submit a completion report attesting the update has been applied to all affected servers or provide assurance that newly provisioned or previously disconnected servers will be patched.

Read more of this story at Slashdot.

Airbus Reveals Plans For Zero-Emission Aircraft Fueled By Hydrogen

Slashdot.org - Tue, 09/22/2020 - 02:00
Airbus has announced plans for the world's first zero-emission commercial aircraft models that run on hydrogen and could take to the skies by 2035. The Guardian reports: The European aersospace company revealed three different aircraft concepts that would be put through their paces to find the most efficient way to travel long distances by plane without producing the greenhouse gas emissions responsible for global heating. UK holidaymakers and business travellers could fly from London to the Canary Islands, Athens or eastern Europe without producing carbon emissions, should the plans become a commercial reality. All three of the aircraft concepts rely on hydrogen as a fuel because the only emissions produced when it is burned is water vapor, making it a clean fuel option for heavy vehicles such as planes, trains and trucks. The first of the Airbus concepts could carry between 120 and 200 passengers more than 2,000 nautical miles by using a turbofan design that includes a modified gas-turbine engine running on hydrogen, rather than jet fuel, which could be stored in tanks located behind the plane's rear pressure bulkhead. The second concept, a turboprop design, would also use a modified gas engine but could carry up to 100 passengers for 1,000 nautical miles on short-haul trips. The aviation giant's plans also include a plane with an "exceptionally wide" body that blends into the plane's wings to open up multiple options for hydrogen storage and the cabin layout. This plane could carry as many passengers as the turbofan design and travel as far too. [...] Airbus said hydrogen planes would also require airports to install hydrogen transport and refueling infrastructure, and government support to upgrade aircraft fleets to allow airlines to retire their older, less environmentally friendly aircraft sooner than planned.

Read more of this story at Slashdot.

Proposal Would Give EU Power To Boot Tech Giants Out of European Market

Slashdot.org - Mon, 09/21/2020 - 22:30
An anonymous reader quotes a report from Ars Technica: The EU wants to arm itself with new powers to take on big technology companies, including the ability to force them to break up or sell some of their European operations if their market dominance is deemed to threaten the interests of customers and smaller rivals. EU Commissioner Thierry Breton told the Financial Times that the proposed remedies, which he said would only be used in extreme circumstances, also include the ability to exclude large tech groups from the single market altogether. In addition, Brussels is considering a rating system that would allow the public and stakeholders to assess companies' behavior in areas such as tax compliance and the speed with which they take down illegal content. "There is a feeling from end users of these platforms that they are too big to care," said Mr. Breton, who is leading the overhaul of digital rules in the bloc. "[Under] certain conditions we may also have the power to impose structural separation." The new EU legislation would increase Brussels' powers to scrutinize the way technology companies gather information on users, following concerns raised by independent researchers that the voluntary disclosures groups make are often misleading or partial. Mr. Breton confirmed that the EU would not remove the limited liability that companies have for the content published on their platforms. "The safe harbor of the liability exemption will stay," he said. "That's something that's accepted by everyone." Mr. Breton said draft legislation will be ready by the end of the year. Proposals are being finalized, and once they are agreed they will go through the European Parliament and the European Council.

Read more of this story at Slashdot.

Trump Pushes To Reap Biometric Data From Immigrants, Americans

Slashdot.org - Mon, 09/21/2020 - 21:05
Six million would-be U.S. immigrants face expanded collection of their biometric data, including iris scans, palm-, and voice-prints, facial recognition images, and DNA, under a proposed federal rule. The Department of Homeland Security also for the first time would gather that data from American citizens sponsoring or benefiting from a visa application. Bloomberg Law reports: Years in the making, the biometrics immigration rule has garnered more than 160 comments since its Sept. 11 publication. The 30-day comment period closes on Oct 13. A final version could be in place by Inauguration Day. Immigration and privacy advocates have voiced concerns over who will have to comply with the new requirements, why President Donald Trump is making this push so late in his term, and what it means for a federal agency already claiming a lack of resources. The 300-plus-page plan updates current biometrics requirements so that "any applicant, petitioner, sponsor, beneficiary, or individual filing or associated with an immigration benefit or request, including U.S. citizens, must appear for biometrics collection without regard to age unless the agency waives or exempts the requirement." The DHS estimates an additional 2.17 million new biometrics submissions will be collected annually, an increase from the current 3.9 million, under the rule. The DHS already collects fingerprints from some visa applicants. The new rule would expand that biometrics-gathering to iris images, palm- and voice- prints. The agency wants authority to require or request DNA testing to prove familial relationships where kinship is in question. The DNA data could be stored indefinitely, under the proposed rule. The DHS essentially has until Dec. 20 to review and respond to public comments and draft a final proposal, said Doug Rand, who worked on technology and immigration policy in the Obama White House and then joined the Federation of American Scientists. "They're really running out of time. And the fact that you'd put out a final regulation on such a far-ranging new policy that touches the lives of millions of people, you're opening up to huge legal vulnerability because any plaintiff can point to the comment period of only 30 days."

Read more of this story at Slashdot.

Quibi Reportedly Weighs Selling Itself Less Than 6 Months After Launching

Slashdot.org - Mon, 09/21/2020 - 20:25
According to The Wall Street Journal, the mobile streaming service Quibi is exploring strategic options including a possible sale. "It is also considering raising more money or going public through a merger with a specially formed company that could help it fund deals," adds CNET. From the report: It declined to comment directly on the report, but Quibi said in a statement that it "has successfully launched a new business and pioneered a new form of storytelling and state-of-the-art platform." It added that CEO Meg Whitman and founder Jeffrey Katzenberg "are committed to continuing to build the business in the way that gives the greatest experience for customers, greatest value for shareholders and greatest opportunity for employees."

Read more of this story at Slashdot.

The newspaper app helping Japan’s elderly populationThe newspaper app helping Japan’s elderly population

GoogleBlog - Mon, 09/21/2020 - 20:00

Japan’s elderly citizens often live alone, and many have little regular contact with other people. That social isolation not only puts their health at risk, but also makes them more vulnerable during natural disasters, and to scams like fraud and extortion.


Regional newspaper Iwate Nippo wanted to do something to help elderly residents of Iwate (Japan’s second-largest prefecture) access life-saving services and help them feel more of a sense of belonging in their communities. With funding from the Google News Initiative Innovation Challenge, they developed Iwapon, an app created specifically for their older subscribers. 


The app’s safety features include a monitoring system that alerts family members if their relative hasn’t used their phone for more than 24 hours, information on suspicious calls or texts and a disaster information center to notify residents about threat levels and shelter locations during floods, storms, earthquakes and other severe weather. 


But Iwapon also fights social isolation in other ways—for example, by connecting residents to local businesses through virtual coupons, sharing local community and school updates, and giving them the chance to speak to an “on-demand” journalist about any concerns or questions they might have. 


To find out a bit more, we talked to Takuya Watanabe, manager of the digital media strategy division at Iwate Nippo.

How did the idea of Iwapon come to life?

As a local newspaper, we inform people about community problems like social isolation, and we also feel a responsibility to help address them. We already work closely with the police and local government. We regularly receive advance information about natural disasters, evacuation plans and details on fraud and suspicious behaviors to look out for. We thought an easy-to-use app would be a simple way that we could deliver this important information to people at risk, as quickly and accurately as possible.

What has the reaction been to the app?


The app was downloaded thousands of times within only six months. But the impact went beyond that. Monthly new subscribers for the online newspaper increased by more than 50 percent, and local businesses have approached us to become sponsors. Most importantly, the atmosphere within the company has changed. The app has helped increase cooperation within the editorial, advertising and sales departments. It’s also had a huge positive impact on the motivation of younger employees. 

What’s next for Iwate Nippo and Iwapon?

The COVID-19 pandemic affected many local businesses. We are planning to support small- and medium-sized restaurants and shops in the area by promoting them in the app. After the pandemic, the challenges facing our region are changing day by day. Through the app, we will continue to work with the community, tackle local challenges and contribute to protecting the safety and lives of people in our prefecture. 


GNI Innovation Challenge recipient Iwate Nippo on how its new app is helping build a sense of community among elderly Japanese.
Categories: Technology

Pandemic Accelerated Cord Cutting, Making 2020 the Worst-Ever Year For Pay TV

Slashdot.org - Mon, 09/21/2020 - 19:45
According to new research from eMarketer, the cable, satellite and telecom TV industry is on track to lose the most subscribers ever. This year, over 6 million U.S. households will cut the cord with pay TV, bringing the total number of cord-cutter households to 31.2 million. TechCrunch reports: The firm says that by 2024, the number will grow even further, reaching 46.6 million total cord-cutter households, or more than a third of all U.S. households that no longer have pay TV. Despite these significant declines, there are still more households that have a pay TV subscription than those that do not. Today, there are 77.6 million U.S. households that have cable, satellite or telecom TV packages. But that number has declined 7.5% year-over-year â" its biggest-ever drop. The figure is also down from pay TV's peak in 2014, the analysts said. The pay TV losses, as you may expect, are due to the growing adoption of streaming services. But if anything, the pandemic has pushed forward the cord-cutting movement's momentum as the health crisis contributed to a down economy and the loss of live sports during the first part of the year. These trends may have also encouraged more consumers to cut the cord than would have otherwise. "Consumers are choosing to cut the cord because of high prices, especially compared with streaming alternatives," said eMarketer forecasting analyst at Insider Intelligence Eric Haggstrom. "The loss of live sports in H1 2020 contributed to further declines. While sports have returned, people will not return to their old cable or satellite plans," he added.

Read more of this story at Slashdot.

Major Activision Hack Reportedly Compromises Over 500,000 Call of Duty Players

Slashdot.org - Mon, 09/21/2020 - 19:02
An anonymous reader quotes a report from Forbes: According to reports, more than 500,000 Activision accounts may have been hacked with login data being compromised. The eSports site Dexerto has reported that a data breach occurred on Sunday, September 20. The credentials to access these accounts are, Dexerto said, being leaked publicly, and account details changed to prevent easy recovery by the rightful owners. Activision accounts are mostly used by players of the hugely popular Call of Duty franchise. "This is a substantial breach," Martin Jartelius, CSO at Outpost24, said, "in parts, the clean-up will be a large undertaking for Activision, we can only hope backups allow restoring original contact data, resetting access and managing the users who still cannot regain access which should be a smaller group." Changing your password, if you still have access to your account, is vital, as is changing passwords at any other site or service where you use the same password. This should be to something long and strong, the use of a password manager will help you here. Developing...

Read more of this story at Slashdot.

Samsung Cancels Developer Conference Due To Ongoing Pandemic

Slashdot.org - Mon, 09/21/2020 - 18:20
Samsung announced today it has canceled its annual developer conference citing the need to prioritize the safety of its employees during the COVID-19 pandemic. XDA Developers reports: There had been speculation that the South Korean tech giant would axe the show, not just due to the ongoing pandemic but because there isn't much to announce. In previous years, Samsung had used the event to announce updates to its software services like its digital assistant Bixby, but these software additions have never caught on with consumers. There have also been rumblings that Google and Samsung are negotiating a deal to replace many of Samsung's native software apps -- think the Galaxy App store or "Samsung Daily" news feed -- with Google ones.

Read more of this story at Slashdot.

Chinese Leaders Split Over Releasing Blacklist of US Companies

Slashdot.org - Mon, 09/21/2020 - 17:41
Beijing has sped up development of a blacklist that could be used to punish American technology firms, but officials say leaders are hesitating to pull the trigger, with some arguing a decision on the list should wait till after the U.S. election. From a report: The debate highlights Beijing's continued grappling with how to respond to the Trump administration without driving the relationship closer to collapse. So far, the Chinese leadership has tried to respond in kind to Washington's actions but has tried to avoid measures that go beyond those of the U.S. A well-timed strike can sometimes work in Beijing's and Chinese companies' favor. After President Trump's campaign for a U.S. company to take over video-sharing app TikTok, Chinese regulators rolled out new export-control rules that have helped TikTok parent ByteDance set terms that could help it avoid losing control of the platform's U.S. operations or crucial technology. China first announced its plan to create a blacklist of U.S. entities in May 2019, soon after the U.S. restricted telecom giant Huawei Technologies's access to U.S. components and technology. But Beijing refrained from specifying any companies or individuals for the list as both countries' trade negotiators were engaged in the talks that eventually led to the signing of a "phase one" trade agreement in January. As the Trump administration has intensified its attacks on some of China's best-known companies -- also including Tencent Holdings, which runs the WeChat messaging and payments app -- the list has gained urgency. In recent weeks, according to people with knowledge of the matter, an interagency group led by Vice Premier Hu Chunhua, who oversees foreign investment and trade, has stepped up finalization of the "unreliable-entity" list -- China's answer to the U.S.'s list of Chinese entities it is targeting for sanctions.

Read more of this story at Slashdot.

Facebook Will Let People Claim Ownership of Images and Issue Takedown Requests

Slashdot.org - Mon, 09/21/2020 - 17:00
Facebook is going to let people take more control over the images they own and where they end up. The Verge reports: In an update to its rights management platform, the company is starting to work with certain partners today to give them the power to claim ownership over images and then moderate where those images show up across the Facebook platform, including on Instagram. The goal is to eventually open this feature up to everyone, as it already does with music and video rights. The company didn't give a timeline on when it hopes to open this up more broadly. Facebook didn't disclose who its partners are, but this could theoretically mean that if a brand like National Geographic uploaded its photos to Facebook's Rights Manager, it could then monitor where they show up, like on other brands' Instagram pages. From there, the company could choose to let the images stay up, issue a takedown, which removes the infringing post entirely, or use a territorial block, meaning the post stays live but isn't viewable in territories where the company's copyright applies. To claim their copyright, the image rights holder uploads a CSV file to Facebook's Rights Manager that contains all the image's metadata. They'll also specify where the copyright applies and can leave certain territories out. Once the manager verifies that the metadata and image match, it'll then process that image and monitor where it shows up. If another person tries to claim ownership of the same image, the two parties can go back and forth a couple times to dispute the claim, and Facebook will eventually yield it to whoever filed first. If they then want to appeal that decision, they can use Facebook's IP reporting forms.

Read more of this story at Slashdot.

Syndicate content
Comment