Slashdot

Microsoft Announces Windows 10 Build 14328 With Windows Ink, New UI

An anonymous reader writes: Windows Ink is one of the many new features rolling out to beta testers as part of Windows 10 Build 14328. The build includes the new Windows Ink Workspace, providing access to new and improved sticky notes, a sketchpad, and a new screen sketch feature. There's also a new digital ruler you can use to create shapes and draw objects freely. The UI of the Start menu and Start Screen have also been tweaked. The most used apps list and all apps UI have been merged into a single view, creating a less cluttered Start menu. Microsoft also moved power, settings, and file explorer shortcuts so they're always visible. You can now bring back the fullscreen all apps list in the Start Screen, and you can toggle between the all apps view and your regular pinned apps. If you want things to feel less like a desktop PC, you can auto-hide the taskbar in tablet mode. Microsoft has detailed all of the new features found in Build 14328 in their blog post.

Read more of this story at Slashdot.

Earth Day: 175 Nations Sign Historic Paris Climate Deal

An anonymous reader quotes a report from USA Today: World leaders from 175 countries signed the historic Paris climate accord Friday, using Earth Day as a backdrop for the ceremonial inking of a long-fought deal that aims to slow the rise of harmful greenhouse gases. The deal sets a target of limiting global warming by 2100 to "well below" 2 degrees Celsius (3.6 degrees F), as compared to pre-industrial levels. To accomplish that, each nation sets its own target for reducing emissions and updates that mark each year. Friday's signing sets a record for the number of countries signing an agreement on the first available day, the Associated Press reported. The old record goes back to the Law of the Sea in Montego Bay, which was signed by 119 countries in 1982, according to AccuWeather. Signing the accord is only one step in the process. The leaders must now go back to their home countries' governments to ratify and approve the agreement, which could take months or years. The deal goes into effect once 55 countries representing at least 55% of global emissions formally join.

Read more of this story at Slashdot.

Apple Should Pay More Tax, Says Co-Founder Wozniak

mrspoonsi quotes a report from BCC: All companies, including Apple, should pay a 50% tax rate, Apple co-founder Steve Wozniak has told the BBC. He said he doesn't like the idea that Apple does not pay tax at the same rate he does personally. "I don't like the idea that Apple might be unfair -- not paying taxes the way I do as a person. I do a lot of work, I do a lot of travel and I pay over 50% of anything I make in taxes and I believe that's part of life and you should do it." When asked if Apple should pay that amount, he replied: "Every company in the world should." He said he was never interested in money, unlike his former partner Steve Jobs. "Steve Jobs started Apple Computers for money, that was his big thing and that was extremely important and critical and good." Three years ago the company admitted two of its Irish subsidiaries pay a rate of 2%. It has built up offshore cash reserves of around $200 billion -- beyond the reach of U.S. tax officials. In a CBS '60 Minutes' episode, Apple CEO Steve Cook dismissed as "total political crap" the notion that the tech giant was avoiding taxes. And on a semi-related note, presidential candidate Donald Trump said in January he'd like to make Apple "start building their damn computers and things in this country instead of other countries." He said he would impose a 35% business tax on American business manufacturing outside of the U.S if elected president.

Read more of this story at Slashdot.

Uber Will Pay $100 Million To Settle Suits With Drivers Seeking Employee Status

An anonymous reader writes: Two lawsuits posing a threat to Uber's on-demand business model have been settled. Uber has agreed to pay up to $100 million to drivers who sought to be classified as employees of the company. The initial sum paid will be $84 million, which will settle cases in California and Massachusetts to some 385,000 drivers. If the company goes public or gets purchased, Uber said it will pay drivers an additional $16 million. The company is currently valued at $62.5 billion. In addition, new policy changes will force the company to no longer be able to deactivate drivers' accounts at will. They will also stop deactivating drivers who turn down rides frequently. Appeal panels will be created to help drivers form an association so they can contest terminations. The last policy change requires Uber to clearly inform riders that tips are not included in Uber's fares. Drivers will now be able to solicit tips from passengers. "If we chose not to settle this case, we faced risks," plaintiff attorney Liss-Riordan said in a prepared statement. "We faced the risk that a jury in San Francisco (where Uber is everywhere and quite popular) may not side with the drivers over Uber." The settlement still needs to be approved by Judge Edward Chen of the District Court of Northern California, which will probably be a months-long process. The company seems to be waist-deep in legal trouble lately. Two weeks ago, Uber agreed to a settlement of $10 million for misleading advertising about the quality of its background checks for drivers. One week prior, it was reported the CEO of Uber will go to court over price fixing claims in New York.

Read more of this story at Slashdot.

Spy Chief Pressed For Number Of Americans Ensnared In Data Espionage

Dustin Volz, reporting for Reuters: U.S. lawmakers are pressing the nation's top intelligence official to estimate the number of Americans ensnared in email surveillance and other such spying on foreign targets, saying the information was needed to gauge possible reforms to the controversial programs. Eight Democrats and six Republicans made the request to Director of National Intelligence James Clapper in a letter seen by Reuters on Friday, reflecting the continued bipartisan concerns over the scope of U.S. data espionage. "You have willingly shared information with us about the important and actionable intelligence obtained under these surveillance programs," wrote the lawmakers, all members of the U.S. House of Representatives' Judiciary Committee. "Now we require your assistance in making a determination that the privacy protections in place are functioning as designed." They requested that Clapper provide the information about data collected under a statute, known as Section 702, by May 6.

Read more of this story at Slashdot.

San Francisco Adopts Law Requiring Solar Panels On All New Buildings

San Francisco will soon become one of the first major cities in the U.S. to require solar power on new buildings. The rule, which received approval from San Francisco's Board of Supervisors this week, is set to go into effect in January 2017. According to the legislation, all new buildings with 10 stories or fewer -- both residential and commercial -- will have to use either solar panels for electricity or a solar system to heat water. The Guardian notes that smaller Californian cities such as Lancaster and Sebastopol already have similar laws in place, but San Francisco is the first large city to adopt the new standard. "In a dense, urban environment, we need to be smart and efficient about how we maximize the use of our space to achieve goals such as promoting renewable energy and improving our environment," Supervisor Scott Wiener said in a statement. Vox has more details.

Read more of this story at Slashdot.

MongoDB Config Error Exposed 93M Mexican Voter Records

An anonymous reader cites an article on CSOOnline: A 132 GB database, containing the personal information on 93.4 million Mexican voters has finally been taken offline. The database sat exposed to the public for at least eight days after its discovery by researcher Chris Vickery, but originally went public in September 2015. Vickery, who works as a security researcher at Kromtech, discovered the MongoDB instance on April 14, but had difficulty tracking down the person or company responsible for placing the voter data on Amazon's AWS. He first reached out to the U.S. State Department, as well as the Mexican Embassy, but had little success. The database contains all of the information that Mexican citizens need for their government-issued photo IDs that enable them to vote. Along with their municipality, and district information, the database records include the voter's name, address, voter ID number, date of birth, the names of their parents, occupation, and more. [...] Given that the database has been online since September 2015, it isn't clear how many people have accessed the records. Additionally, the actual owner of the account hosting the data remains unknown.

Read more of this story at Slashdot.

Why Movie Trailers Now Begin With Five-Second Ads For Themselves

Chris Plante, reporting for The Verge: Jason Bourne takes off his jacket, punches a man unconscious, looks forlornly off camera, and then a title card appears. The ad -- five seconds of action -- is a teaser for the full Jason Bourne trailer (video), which immediately follows the teaser. In fact, the micro-teaser and trailer are actually part of the same video, the former being an intro for the latter. The trend is the latest example of metahype, a marketing technique in which brands promote their advertisements as if they're cultural events unto themselves. [...] Last year, the studio advertised the teaser for Ant-Man with a ten-second cut of the footage reduced to an imperceptive scale. [...] But where previous metahype promoted key dates in a marketing campaign -- like official trailer releases and fan celebrations -- the burgeoning trend of teasers within trailers exist purely to retain the viewer's attention in that exact moment. The teaser within the trailer speaks to a moment in which we have so many distractions and choices that marketers must sell us on giving a trailer three minutes of our time. This practice isn't limited to movie trailers, though. Next time you're on Facebook, pay attention to how the popular videos in your newsfeed are edited. Is the most interesting image the first thing you see? And does that trick get you to stop scrolling and watch?

Read more of this story at Slashdot.

Amazon Won't Sell Non-Prime Members Certain Popular Movies and Video Games

An anonymous reader writes: If you're not an Amazon Prime subscriber, you will no longer be able to purchase certain popular game titles and movies, according to a report on game blog Videogamer. One of the benefits of Amazon's Prime program is that it gives members exclusive access to some items. This selection includes a rotating roster of popular video games, Blu-rays, and DVDs. Non-Prime members in the US can't buy titles such as Oscar-winning "Birdman" on Blu-ray or "GTA V" for PS4 from Amazon. This initiative, which has been going for quite some time, affects customers in the UK as well (though the selection is different). Non-Prime customers can still buy these titles from third-party sellers on Amazon's platform, but not from Amazon directly.

Read more of this story at Slashdot.

$10 Router, No Firewall Blamed In $80M Bangladesh Bank Hack

Earlier this a year, a spelling mistake in an online bank transfer prevented nearly $1 billion heist at Bangladesh's central bank and the New York Fed. The hackers, however, still had managed to steal about $80 million. Bangladesh government blamed the New York Fed for not spotting the suspicious transactions earlier. As it turns out, they should also be taking some blame, if not all. An anonymous reader writes: Bangladesh's central bank was vulnerable to hackers because it did not have a firewall and used second-hand, $10 switches to network computers connected to the SWIFT global payment network, an investigator into one of the world's biggest cyber heists said. The shortcomings made it easier for hackers to break into the Bangladesh Bank system earlier this year and attempt to siphon off nearly $1 billion using the bank's SWIFT credentials, said Mohammad Shah Alam, head of the Forensic Training Institute of the Bangladesh police's criminal investigation department.

Read more of this story at Slashdot.

Researchers Accidentally Make Batteries That Could Last A Lifetime

Reader Socguy writes: A typical Lithium-ion battery breaks down badly between 5000-7000 cycles. Researchers at the University of California may have discovered a simple way to build a Lithium battery that can withstand 100,000+ cycles. This was a serendipitous discovery as the researcher was playing around with the battery and coated it in a thin gel layer. The researchers believe the gel plasticizes the metal oxide in the battery and gives it flexibility, preventing cracking.Dave Gershgorn, reporting for Popular Science: Instead of lithium, researchers at UC Irvine have used gold nanowires to store electricity, and have found that their system is able to far outlast traditional lithium battery construction. The Irvine team's system cycled through 200,000 recharges without significant corrosion or decline. However, they don't exactly know why. "We started to cycle the devices, and then realized that they weren't going to die," said Reginald Penner, a lead author of the paper. "We don't understand the mechanism of that yet." The Irvine battery technology uses a gold nanowire, no thicker than a bacterium, coated in manganese oxide and then protected by a layer of electrolyte gel. The gel interacts with the metal oxide coating to prevent corrosion. The longer the wire, the more surface area, and the more charge it can hold. Other researchers have been experimenting with nanowires for years, but the introduction of the protective gel separates UC Irvine's work from other research.Also from the report, "Penner suggests that a more common metal, like nickel, could replace the gold if the technology catches on."

Read more of this story at Slashdot.

Drone Believed To Have Hit British Airways Flight 'May Have Been a Plastic Bag'

Reader schwit1 writes: The drone that reportedly hit a British Airways jet earlier this week may have actually been a plastic bag, a minister has said. Transport minister Robert Goodwill admitted authorities had not yet confirmed whether what struck the Airbus A320 was a remote-controlled device. The collision on Sunday night is believed to have been at around 1,700 ft near Richmond Park in south west London, over four times higher than the legal height limit. The Air Accidents Investigation Branch is investigating, alongside the Metropolitan Police. But following his comments today, Mr Goodwill also dismissed calls for tighter rules on drone use to protect against terror threats insisting current rules governing drone use were strong enough.From a Quartz report: Motherboard's Jason Koebler dove into the data the FAA released last August dove into the data the FAA released last August, and found that, among other things, "a 'large vulture,' a 'fast moving gray object,' a 'mini blimp,' a 'red UAS or balloon,' and 'a UFO' were all classified as drones in the FAA's report." This led him to decide that, when it comes to verifiable sightings -- even from trained pilots -- "drones are the new UFOs."

Read more of this story at Slashdot.

Core Windows Utility Can Be Used To Bypass Whitelisting

Reader msm1267 writes: A core Windows command-line utility, Regsvr32, used to register DLLs to the Windows Registry can be abused to run remote code from the Internet, bypassing whitelisting protections such as Microsoft's AppLocker. A researcher who requested anonymity found and recently privately disclosed the issue to Microsoft. It's unknown whether Microsoft will patch this issue with a security bulletin, or in a future release. Regsvr32, also known as Microsoft Register Server, is a Microsoft-signed binary that runs as default on Windows. The researcher's proof-of-concept allows him to download and run JavaScript or VBScript from a URL provided via the command line. "There's really no patch for this; it's not an exploit. It's just using the tool in an unorthodox manner. It's a bypass, an evasion tactic," the researcher said.The Register reports: "It's built-in remote code execution without admin rights and which bypasses Windows whitelisting. I'd say it's pretty bad," said Alex Ionescu, a Windows and ARM kernel guru. The trick -- Smith didn't want to call it an exploit -- is neat because it does not touch the Registry, does not need administrator rights, can be wrapped up in an encrypted HTTP session, and should leave no trace on disk as it's a pure to-memory download. No patch exists for this, although regsvr32 can be firewalled off from the internet. Microsoft was not available for immediate comment.

Read more of this story at Slashdot.

Microsoft, Google Agree To Stop Complaining To Regulators About Each Other

An anonymous reader shares an article on Recode: Microsoft and Google say they have recently reached an agreement under which they will drop pending regulatory complaints against one another across the globe. The two have also agreed that they will try to work among themselves to settle any future issues before running to regulators. "Microsoft has agreed to withdraw its regulatory complaints against Google, reflecting our changing legal priorities," a Microsoft representative said in a statement to Re/code. âoeWe will continue to focus on competing vigorously for business and for customers." Google, meanwhile, offered up a similar statement, affirming that it too will withdraw any regulatory complaints it has made. âoeOur companies compete vigorously, but we want to do so on the merits of our products, not in legal proceedings."Also from the report, "The timing is interesting, coming just as European regulators charge that Google is abusing its position in the Android market. However, both sides say the deal was in the works for some time."

Read more of this story at Slashdot.

UK Intel Agencies Have Been Spying on Millions of People 'Of No Security Interest' Since 1990s

The UK's intelligence agencies such as MI5, MI6, and GCHQ have been collecting personal information from citizens who are "unlikely to be of intelligence or security interest" since the 1990s, a thousand pages of documents published on Thursday revealed. The documents were published as a result of a lawsuit filed by Privacy International, a UK-based registered charity that defends and promotes the right to privacy across the world. According to the documents, GCHQ and others have been collecting bulk personal data sets since 1998 under the provisions of section 94 of the Telecommunications Act 1984. J.M. Porup, reports for Ars Technica: These records can be "anything from your private medical records, your correspondence with your doctor or lawyer, even what petitions you have signed, your financial data, and commercial activities," Privacy International legal officer Millie Graham Wood said in a statement. "The information revealed by this disclosure shows the staggering extent to which the intelligence agencies hoover up our data." Nor, it seems, are BPDs only being used to investigate terrorism and serious crime; they can and are used to protect Britain's "economic well-being" -- including preventing pirate copies of Harry Potter books from leaking before their release date. The so-called "Bulk Personal Datasets," or BPDs are so powerful, in fact, that the normally toothless UK parliament watchdog that oversees intelligence gathering, the Intelligence and Security Committee (ISC), recommended in February that "Class Bulk Personal Dataset warrants are removed from the new legislation." These data sets are so large and collect so much information so indiscriminately that they even include information on dead people.

Read more of this story at Slashdot.

Pro-Clinton Super PAC Caught Spending $1 Million On Social Media Trolls

An anonymous reader quotes a report from US Uncut: A Super PAC headed by a longtime Clinton operative is spending $1 million to hire online trolls to "correct" Bernie Sanders' supporters on social media. Correct The Record (CTR), which is operated by Clinton attack dog and new owner of Blue Nation Review David Brock, launched a new initiative this week called "Barrier Breakers 2016" for the purpose of debating supporters of Senator Bernie Sanders -- or "Bernie Bros," as they're referred to in Correct the Record's press official release -- on Facebook, Twitter, Reddit, and other social media platforms. The "Barrier Breakers" will also publicly thank Hillary Clinton's superdelegates and fans for supporting her campaign. The paid trolls are professional communicators, coming from public relations and media backgrounds. "The task force staff's backgrounds are as diverse as the community they will be engaging with and include former reporters, bloggers, public affairs specialists, designers, Ready for Hillary alumni, and Hillary super fans who have led groups similar to those with which the task force will organize," CTR stated.

Read more of this story at Slashdot.

Turns Out That Snaps Are Not Secure In Ubuntu With X11

prisoninmate quotes a report from Softpedia: According to Matthew Garrett, a renowned CoreOS security developer, and Linux kernel contributor, Canonical's new snap package format is not secure at all when it is used under X.Org Server (X Window System), which, for now, it is still the default display server of the Ubuntu 16.04 LTS (Xenial Xerus) operating system. The fact of the matter is that X11's old design is well-known for being insecure, and Matthew Garrett took the time to demonstrate this by writing a simple snap package that can steal data from any other X11 software, in this case anything you type on the Mozilla Firefox web browser. As more developers will provide snaps for their apps, Canonical needs to do something about the security of snaps in Ubuntu when using X11 or switch to the Mir display server. In the meantime, the security of snaps remains unaffected for the Ubuntu Server operating system, which is usually used without a display server. Canonical has officially released Ubuntu 16.04 LTS, which is now available to download for those interested.

Read more of this story at Slashdot.

Photos Show The Lingering Radioactivity At Chernobyl And Fukushima

mdsolar quotes a report from Mashable: In areas of Russia and Japan that have been decontaminated by the government, allowing for people to move back, life has tried to continue but evidence of radiation remains. Greg McNevin, a photographer working with the environmental group Greenpeace, set out to visualize the radiation that persists in many of these areas. The resulting project juxtaposes radiation data onto long exposure photographs from the affected regions. Using a programmable LED rod that when connected to a Geiger counter (a device that measures ambient radiation) translates the analog signal into a light display, McNevin walked through long exposure photographs he was taking of affected areas, showcasing the live radiation data his counter was reading.

Read more of this story at Slashdot.

NASA Gives Solar Ionic Propulsion A Monster Boost

coondoggie quotes a report from Network World: NASA this week took a giant step toward using solar electric power for future space missions by awarding a $67 million contract to Aerojet Rocketdyne to develop an advanced electric propulsion system. Network World writes, "Specifically, Aerojet Rocketdyne will develop and deliver an integrated electric propulsion system -- known as the Advanced Electric Propulsion System (AEPS) -- consisting of a thruster, power processing unit (PPU), low-pressure xenon flow controller, and electrical harness. Such a system would deploy large solar arrays that can be used to convert sunlight into electrical power that ionizes atoms of xenon which is the propellant for the spacecraftâ(TM)s thrusters. In addition, such a power plant could potentially increase spaceflight fuel efficiency by 10 times over current chemical propulsion technology and more than double thrust capability compared to current electric propulsion systems, NASA said." NASA's plan is to use this propulsion system on its future Asteroid Redirect Mission, as well as on its mission to Mars.

Read more of this story at Slashdot.

Hearing Aid Business Under Pressure From Consumer Electronics

HughPickens.com writes: There's good news for aging Americans who may have damaged their hearing by attending one too many rock concerts when they were young. Andrew Pollack writes at the NYT that the consumer electronics industry is encroaching on the hearing aid business, offering products that are far less expensive and available without the involvement of audiologists or other professionals. The new devices are forcing a re-examination of the entire system for providing hearing aids, which critics say is too costly and cumbersome, hindering access to devices vital for the growing legions of older Americans. "The audiology profession is obviously scared, for good reason, right now," says Abram Bailey. Hearing aids cost an average of nearly $2,400 each, or close to $5,000 a pair, according to a White House advisory group, and Medicare does not pay for them, nor do most insurers. By contrast, the consumer devices are not regulated and sell for a few hundred dollars apiece, at most. Hearing aid manufacturers say that diagnosing and treating hearing loss is too complex for consumers to do using consumer devices, without the aid of a professional. But sound amplifiers have been around for years and they are growing in sophistication, taking advantage of signal processing chips developed for phones, Bluetooth headsets and computers. The devices include the Smart Listening System from Soundhawk, which sells at $400 for a single ear; the Bean from Etymotic Research, at $300; the CS50+ from Sound World Solutions at $350; and the Crystal Ear from NeutronicEar, at $545. "To me it was a reasonable investment to experiment with," says Ira Dolich, 81, who bought the Soundhawk device, which he can adjust by himself using his smartphone. "I've been pretty pleased with it," he said.

Read more of this story at Slashdot.

Pages