Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
China

Investigation: Apple Failing To Protect Chinese Factory Workers 23

Posted by samzenpus
from the HR-needs-to-be-better dept.
mrspoonsi writes with the findings of an investigation into working conditions at a factory that makes Apple products. Poor treatment of workers in Chinese factories which make Apple products has been discovered by an undercover BBC Panorama investigation. Filming on an iPhone 6 production line showed Apple's promises to protect workers were routinely broken. It found standards on workers' hours, ID cards, dormitories, work meetings and juvenile workers were being breached at the Pegatron factories. Apple said it strongly disagreed with the programme's conclusions. Exhausted workers were filmed falling asleep on their 12-hour shifts at the Pegatron factories on the outskirts of Shanghai. One undercover reporter, working in a factory making parts for Apple computers, had to work 18 days in a row despite repeated requests for a day off. Another reporter, whose longest shift was 16 hours, said: "Every time I got back to the dormitories, I wouldn't want to move. Even if I was hungry I wouldn't want to get up to eat. I just wanted to lie down and rest. I was unable to sleep at night because of the stress."
Security

Critical Git Security Vulnerability Announced 31

Posted by samzenpus
from the protect-ya-neck dept.
An anonymous reader writes Github has announced a security vulnerability and has encourage users to update their Git clients as soon as possible. The blog post reads in part: "A critical Git security vulnerability has been announced today, affecting all versions of the official Git client and all related software that interacts with Git repositories, including GitHub for Windows and GitHub for Mac. Because this is a client-side only vulnerability, github.com and GitHub Enterprise are not directly affected. The vulnerability concerns Git and Git-compatible clients that access Git repositories in a case-insensitive or case-normalizing filesystem. An attacker can craft a malicious Git tree that will cause Git to overwrite its own .git/config file when cloning or checking out a repository, leading to arbitrary command execution in the client machine. Git clients running on OS X (HFS+) or any version of Microsoft Windows (NTFS, FAT) are exploitable through this vulnerability. Linux clients are not affected if they run in a case-sensitive filesystem....Updated versions of GitHub for Windows and GitHub for Mac are available for immediate download, and both contain the security fix on the Desktop application itself and on the bundled version of the Git command-line client."
Yahoo!

Marissa Mayer's Reinvention of Yahoo! Stumbles 63

Posted by samzenpus
from the best-laid-plans dept.
schnell writes The New York Times Magazine has an in-depth profile of Marissa Mayer's time at the helm of Yahoo!, detailing her bold plans to reinvent the company and spark a Jobs-ian turnaround through building great new products. But some investors are saying that her product focus (to the point of micromanaging) hasn't generated results, and that the company should give up on trying to create the next iPod, merge with AOL to cut costs and focus on the unglamorous core business that it has. Is it time for Yahoo! to "grow up" and set its sights lower?
AI

Ars Reviews Skype Translator 28

Posted by timothy
from the in-the-future-everyone-will-have-been-in-the-past dept.
Esra Erimez writes Peter Bright doesn't speak a word of Spanish but with Skype Translator he was able to have a spoken conversation with a Spanish speaker as if he was in an episode of Star Trek. He spoke English. A moment later, an English language transcription would appear, along with a Spanish translation. Then a Spanish voice would read that translation.
Hardware Hacking

Extracting Data From the Microsoft Band 33

Posted by timothy
from the buncha-freeloaders dept.
An anonymous reader writes The Microsoft Band, introduced last month, hosts a slew of amazing sensors, but like so many wearable computing devices, users are unable to access their own data. A Brown University professor decompiles the app, finds that the data is transmitted to the Microsoft "cloud", and explains how to intercept the traffic to retrieve the raw minute-by-minute data captured by the Band.
Censorship

"Team America" Gets Post-Hack Yanking At Alamo Drafthouse, Too 145

Posted by timothy
from the meet-your-new-program-director dept.
Slate reports that even old movies are enough to trigger a pretty strong knee jerk: Team America, World Police , selected as a tongue-in-cheek replacement by Dallas's Alamo Drafthouse Theater for the Sony-yanked The Interview after that film drew too much heat following the recent Sony hack, has also been pulled. The theater's tweet, as reprinted by Slate: "due to circumstances beyond our control,” their Dec. 27 Team America screening has also been canceled." If only I had a copy, I'd like to host a viewing party here in Austin for The Interview, which I want to see now more than ever. (And it would be a fitting venue.)
Security

Grinch Vulnerability Could Put a Hole In Your Linux Stocking 64

Posted by timothy
from the pretty-generic-description-there dept.
itwbennett writes In a blog post Tuesday, security service provider Alert Logic warned of a Linux vulnerability, named grinch after the well-known Dr. Seuss character, that could provide attackers with unfettered root access. The fundamental flaw resides in the Linux authorization system, which can inadvertently allow privilege escalation, granting a user full administrative access. Alert Logic warned that Grinch could be as severe as the Shellshock flaw that roiled the Internet in September.
Toys

Ask Slashdot: What Can I Really Do With a Smart Watch? 148

Posted by timothy
from the you-can-measure-the-battery-drain dept.
kwelch007 writes I commonly work in a clean-room (CR.) As such, I commonly need access to my smart-phone for various reasons while inside the CR...but, I commonly keep it in my front pocket INSIDE my clean-suit. Therefore, to get my phone out of my pocket, I have to leave the room, get my phone out of my pocket, and because I have a one track mind, commonly leave it sitting on a table or something in the CR, so I then have to either have someone bring it to me, or suit back up and go get it myself...a real pain. I have been looking in to getting a 'Smart Watch' (I'm preferential to Android, but I know Apple has similar smart-watches.) I would use a smart-watch as a convenient, easy to transport and access method to access basic communications (email alerts, text, weather maps, etc.) The problem I'm finding while researching these devices is, I'm not finding many apps. Sure, they can look like a nice digital watch, but I can spend $10 for that...not the several hundred or whatever to buy a smart-watch. What are some apps I can get? (don't care about platform, don't care if they're free) I just want to know what's the best out there, and what it can do? I couldn't care less about it being a watch...we have these things called clocks all over the place. I need various sorts of data access. I don't care if it has to pair with my smart-phone using Bluetooth or whatever, and it won't have to be a 100% solution...it would be more of a convenience that is worth the several hundred dollars to me. My phone will never be more than 5 feet away, it's just inconvenient to physically access it. Further, I am also a developer...what is the best platform to develop for these wearable devices on, and why? Maybe I could make my own apps? Is it worth waiting for the next generation of smart-watches?
Australia

Australia Moves Toward New Restrictions On Technology Export and Publication 67

Posted by timothy
from the locked-file-cabinet-in-the-basement dept.
An anonymous reader writes Australia is starting a public consultation process for new legislation that further restricts the publication and export of technology on national security grounds. The public consultation starts now (a few days before Christmas) and it is due by Jan 30th while a lot of Australians are on holidays. I don't have the legal expertise to dissect the proposed legislation, but I'd like some more public scrutiny on it. I find particularly disturbing the phrase "The Bill includes defences that reverse the onus of proof which limit the right to be presumed innocent until proven guilty" contained in this document, also available on the consultation web site.
Space

India Successfully Test Fires Its Heaviest Rocket 48

Posted by timothy
from the might-roar dept.
vasanth (908280) writes India on Thursday moved forward in rocket technology with the successful flight testing of its heaviest next generation rocket and the crew module . The 630-tonne three-stage rocket, Geo-Synchronous Satellite Launch Vehicle Mark III, carried active solid boosters, liquid core stage and a passive cryo stage and a crew module to test its re-entry characteristics. This rocket is capable of doubling the capacity of payloads India can carry into space and it can deposit up to four tonne class of communication satellites into space. India also plans to use this rocket for ferrying Indian astronauts into space. For India, ISRO (the Indian space agency) perfecting the cryogenic engine technology is crucial as India can save precious foreign exchange by launching heavy duty communication satellites by itself.
Math

Cause and Effect: How a Revolutionary New Statistical Test Can Tease Them Apart 100

Posted by timothy
from the submission-caused-post dept.
KentuckyFC writes Statisticians have long thought it impossible to tell cause and effect apart using observational data. The problem is to take two sets of measurements that are correlated, say X and Y, and to find out if X caused Y or Y caused X. That's straightforward with a controlled experiment in which one variable can be held constant to see how this influences the other. Take for example, a correlation between wind speed and the rotation speed of a wind turbine. Observational data gives no clue about cause and effect but an experiment that holds the wind speed constant while measuring the speed of the turbine, and vice versa, would soon give an answer. But in the last couple of years, statisticians have developed a technique that can tease apart cause and effect from the observational data alone. It is based on the idea that any set of measurements always contain noise. However, the noise in the cause variable can influence the effect but not the other way round. So the noise in the effect dataset is always more complex than the noise in the cause dataset. The new statistical test, known as the additive noise model, is designed to find this asymmetry. Now statisticians have tested the model on 88 sets of cause-and-effect data, ranging from altitude and temperature measurements at German weather stations to the correlation between rent and apartment size in student accommodation.The results suggest that the additive noise model can tease apart cause and effect correctly in up to 80 per cent of the cases (provided there are no confounding factors or selection effects). That's a useful new trick in a statistician's armoury, particularly in areas of science where controlled experiments are expensive, unethical or practically impossible.
Bitcoin

Will Ripple Eclipse Bitcoin? 120

Posted by timothy
from the ask-the-magic-8-ball dept.
First time accepted submitter groggy.android writes This year's biggest news about Bitcoin may well turn out not to be the repeat of its surge in value last year against the dollar and other state currencies but its impending eclipse by another independent but corporate-backed digital currency. Popularly known as Ripple, XRP shot up in value last year along with other cryptocurrencies that took advantage of the hype around Bitcoin. However, among the top cryptocurrencies listed in Coinmarketcap.com, a site that monitors trading across different cryptocurrency exchanges, Ripple is the only one that not only regained its value after the collapse in the price of Bitcoin but has more than doubled from its peak last year. In September it displaced Litecoin to become the second most valuable cryptocurrency. Even more surpising, a Ripple fork, Stellar, is one of the two other cryptocurrencies in the Coinmarketcap top ten that have risen sharply in value during the last few weeks.

What makes Ripple different from Bitcoin? Strictly speaking, Ripple isn't the name of the digital currency but of the decentralized payment network and protocol created and maintained by the eponymous Ripple Labs. Users of the Ripple system are able to transact in both cryptocurrency and regular fiat currency like the dollar without passing through a central exchange. XRP is the name of the native unit of exchange used in the Ripple network to facilitate conversion between different currency types.
Medicine

After 40 Years As a Double Amputee, Man Gains Two Bionic Arms 58

Posted by timothy
from the about-time-really dept.
MojoKid writes Les Baugh, a Colorado man who lost both arms in an electrical accident 40 years ago, is looking forward to being able to insert change into a soda machine and retrieving the beverage himself. But thanks to the wonders of science and technology — and Johns Hopkins University Applied Physics Laboratory (APL) — he'll regain some of those functions while making history as the first bilateral shoulder-level amputee to wear and simultaneously control two Modular Prosthetic Limbs (MPLs). "It's a relatively new surgical procedure that reassigns nerves that once controlled the arm and the hand," explained Johns Hopkins Trauma Surgeon Albert Chi, M.D. "By reassigning existing nerves, we can make it possible for people who have had upper-arm amputations to control their prosthetic devices by merely thinking about the action they want to perform."
Crime

Did Alcatraz Escapees Survive? Computer Program Says They Might Have 75

Posted by timothy
from the like-to-think-so dept.
In June of 1962, three prisoners escaped the penitentary on Alcatraz, in an elaborate plot that was dramatized in a Clint Eastwood movie. A question that has long puzzled the public is whether these men ever made it to shore; the many factors that made Alcatraz a secure prison include sharks, cold water, and contrary currents. Still, some artifacts from the attempt, and perhaps the appeal of stories about survival against high odds, have led many people to believe that the men actually landed safely and faded into society. coondoggie writes This week Dutch scientists from Delft University of Technology presented findings from a computer modeling program they were working on, unrelated to the mystery, that demonstrated the escapees could have survived the journey. "In hindsight, the best time to launch a boat from Alcatraz was [11:30 am], one and a half hours later than has generally been assumed. A rubber boat leaving Alcatraz at [11:30 am] would most likely have landed just north of the Golden Gate Bridge. The model also shows that debris in that scenario would be likely to wash up at Angel Island, exactly where one of the paddles and some personal belongings were found.
Security

Hackers Compromise ICANN, Access Zone File Data System 96

Posted by timothy
from the that-should-be-a-boss-level dept.
Trailrunner7 writes with this news from ThreatPost: Unknown hackers were able to compromise vital systems belonging to ICANN, the organization that manages the global top-level domain system, and had access to the system that manages the files with data on resolving specific domain names. The attack apparently took place in November and ICANN officials discovered it earlier this month. The intrusion started with a spear phishing campaign that targeted ICANN staffers and the email credentials of several staff members were compromised. The attackers then were able to gain access to the Centralized Zone Data System, the system that allows people to manage zone files. The zone files contain quite bit of valuable information, including domain names, the name server names associated with those domains and the IP addresses for the name servers. CANN officials said they are notifying any users whose zone data might have been compromised." (Here's ICANN's public note on the compromise.)
Censorship

Reaction To the Sony Hack Is 'Beyond the Realm of Stupid' 479

Posted by timothy
from the pretty-jaw-dropping dept.
rossgneumann writes North Korea may really be behind the Sony hack, but we're still acting like idiots. Peter W. Singer, one of the nations foremost experts on cybersecurity, says Sony's reaction has been abysmal. "Here, we need to distinguish between threat and capability—the ability to steal gossipy emails from a not-so-great protected computer network is not the same thing as being able to carry out physical, 9/11-style attacks in 18,000 locations simultaneously. I can't believe I'm saying this. I can't believe I have to say this."
The Almighty Buck

To Fight Currency Mismatches, Steam Adding Region Locking to PC Games 137

Posted by timothy
from the arbitrage-is-everywhere dept.
will_die writes Because of recent currency devaluation Steam has now added region locking for games sold in Russia and CIS. Brazil and local area and Indonesia and local area are also being locked. If you purchase a game from one of those regions you cannot gift it to somone outside of the area. So someone from Russia can gift a game to someone to Georgia [Note: This Georgia, rather than this one, that is.] but not to someone in the USA. You want to see the prices in the Russia store and compare them to the Steam Christmas Sale which should be starting in a few hours.
Transportation

Who's To Blame For Rules That Block Tesla Sales In Most US States? 119

Posted by timothy
from the did-you-get-a-look-at-the-license-plate? dept.
cartechboy writes The common assumption among Tesla fans seems to be that state auto-dealer lobbyists are working with Republican legislators to enact laws banning direct sales of Tesla's electric cars to retail buyers. Is it true? The New York Times published an article with some data points that assesses the supposition. While the article mainly focuses on the conflict between Uber and the Republican party, some quotes could be easily applied to Tesla. For instance, Republican National Committee chairman Reince Preibus said, "It should be consumers, not government bureaucrats or legislators, that deicde what companies get our business." The author of the article, Josh Barro, wrote that 22 states permit direct sales of automobiles by Tesla to retail buyers, and of those the majority--14 of them-- voted for President Obama. He suggested that Democratic California, Illinois, and New York "have freer markets in auto retailing than Texas," which is presently Republican. When looking at a five-year-old article by Nate Silver that looked at political donations by car dealers, fully 88 percent of those donations went to Republican candidates, and just 12 percent to Democrats. That possibly suggests a propensity among Republican state legislators to support the interests for car dealers over those of electric-car buyers. Is the small bit of evidence enough to make a case? Good background on the current system of dealership sinecure can be found in this short 2009 Competition Advocacy Paper from the U.S. Department of Justice, which delves into the history and effects of the dealers-only system which still prevails.
Crime

Councilmen Introduce Bills Strongly Regulating UAV Use in NYC 61

Posted by timothy
from the man-vs-the-state dept.
SternisheFan passes on this excerpt from an Ars Technica article: On Wednesday Councilman Dan Garodnick introduced a bill to the New York City council seeking to ban all use of drones except those operated by police officers who obtain warrants. A second, parallel bill introduced by councilman Paul Vallone would place more stringent restrictions on drone use but stop short of banning drones for hobbyists and companies altogether. Both bills have been passed to the city's committee on public safety. An all-out ban on drones within the metropolis would be a quite wide-reaching step, especially as the Federal Aviation Authority (FAA) seems poised to adopt more permissive rules, with respect to commercial interests in particular. Earlier this year, the FAA formally granted six Hollywood companies exemptions to drone ban rules. A couple of months later, the FAA granted similar exemptions for construction site monitoring and oil rig flare stack inspections. The article explains that Vallone's bill is less restrictive, and rather than propose an outright ban "lists 10 instances where operating a UAV would be illegal, including at night, out of the operator's eyesight, or above 400 ft high. Outside of those conditions, hobbyists and commercial interests would be free to fly drones."
Sony

US Links North Korea To Sony Hacking 175

Posted by samzenpus
from the who's-to-blame dept.
schwit1 writes Speaking off the record, senior intelligence officials have told the New York Times, CNN, and other news agencies that North Korea was "centrally involved" in the hack of Sony Pictures Entertainment. It is not known how the US government has determined that North Korea is the culprit, though it is known that the NSA has in the past penetrated North Korean computer systems. Previous analysis of the malware that brought down Sony Pictures' network showed that there were marked similarities to the tools used in last year's cyber-attack on South Korean media companies and the 2012 "Shamoon" attack on Saudi Aramco. While there was speculation that the "DarkSeoul" attack in South Korea was somehow connected to the North Korean regime, a firm link was never published.

"Anyone attempting to generate random numbers by deterministic means is, of course, living in a state of sin." -- John Von Neumann

Working...