Security

'High-Risk Vulnerabilities' In Oracle File-Processing SDKs Affect Major Third-Party Products (csoonline.com) 11

itwbennett writes: "Seventeen high-risk vulnerabilities out of the 276 flaws fixed by Oracle Tuesday affect products from third-party software vendors," writes Lucian Constantin on CSOonline. The vulnerabilities, which were found by researchers from Cisco's Talos team, are in the Oracle Outside In Technology (OIT), a collection of SDKs that are used in third-party products, including Microsoft Exchange, Novell Groupwise, IBM WebSphere Portal, Google Search Appliance, Avira AntiVir for Exchange, Raytheon SureView, Guidance Encase and Veritas Enterprise Vault.

"It's not clear how many of those products are also affected by the newly patched seventeen flaws, because some of them might not use all of the vulnerable SDKs or might include other limiting factors," writes Constantin. But the Cisco researchers confirmed that Microsoft Exchange servers (version 2013 and earlier) are affected if they have WebReady Document Viewing enabled. In a blog post the researchers describe how an attacker could exploit these vulnerabilities.

TL;DR version: "Attackers can exploit the flaws to execute rogue code on systems by sending specifically crafted content to applications using the vulnerable OIT SDKs."
Government

Is The DOJ Using Obsolete Software To Subvert FOIA Requests? (theguardian.com) 85

"A new lawsuit alleges that the U.S. Department of Justice intentionally conducts inadequate searches of its records using a decades-old computer system when queried by citizens looking for records that should be available to the public," reports The Guardian. Slashdot reader Bruce66423 writes: An MIT PhD student has filed a suit in Federal court alleging that the use of a 21-year-old, IBM green screen controlled search software to search the Department of Justice databases...constitutes a deliberate failure to provide the data that should be being produced.
Ryan Shapiro's lawsuit alleges "failure by design," saying that the Justice Department records are inadequately indexed -- and that they fail to search the full text of their records when responding to requests "When few or no records are returned, Shapiro said, the FBI effectively responds 'sorry, we tried' without making use of the much more sophisticated search tools at the disposal of internal requestors." The FBI has a $425 million software system to handle FOIA requests, but refuses to use it, saying that would be "needlessly duplicative...and wasteful of Bureau resources."
Movies

Netflix Is The Least-Cancelled of All Major Streaming Services, Says Study (exstreamist.com) 72

An anonymous reader writes from a report via Exstreamist: A recent survey from IBM suggests that nearly 70% of streaming service subscribers never canceled their subscriptions. One of the more likely reasons subscribers cancel is because their credit cards expire and they never get around to updating the information in each service. The other most likely reasons subscribers cancel is because of advertisements (27%), which was above price (25%). Netflix is the least likely to get cancelled of the major services, according to the survey. Hulu and Amazon had a larger number of total cancellations. In terms of numbers, 40% of consumers have stated they have cancelled either Hulu or Amazon, with only 30% having cancelled Netflix. Shortly behind advertisements and price, 20% of users said a lack in quality or quantity of content would likely make them cancel their service. More towards the bottom, 17% said technical issues that hinder a smooth viewing experience would cause them to cancel. Roughly 73% of subscribers would download Netflix content, according to one survey. Another survey suggests that a majority of Netflix subscribers would rather cancel their subscription than see advertisements.
Security

Millions Of Xiaomi Phones at Risk Of Remotely Installed Malware (zdnet.com) 29

Zack Whittaker, reporting for ZDNet: Millions of Xiaomi phones are vulnerable to a flaw that could allow an attacker to remotely install malware. The vulnerability, now fixed, was found in the analytics package in Xiaomi's custom-built Android-based operating system. Security researchers at IBM, who found the flaw, discovered a number of apps in the package that were vulnerable to a remote code execution flaw through a man-in-the-middle attack -- one of which would allow an attacker to run arbitrary code at the system-level. In other words, an attacker could inject a link to a malicious Android app package, which is extracted and executed at the system level.
IBM

IBM Engineer Builds a Harry Potter Sorting Hat Using 'Watson' AI (thenextweb.com) 117

An anonymous reader writes: As America celebrates Father's Day, The Next Web reports on an IBM engineer who found a way to combine his daughters' interest in the Harry Potter series with an educational home technology project. Together they built a Hogwarts-style sorting hat -- which assigns its wearer into an appropriate residence house at the school of magic -- and it does it using IBM's cognitive computing platform Watson. "The hat uses Watson's Natural Language Classifier and Speech to Text to let the wearer simply talk to the hat, then be sorted according to what he or she says..." reports The Next Web. "Anderson coded the hat to pick up on words that fit the characteristics of each Hogwarts house, with brainy and cleverness going right into Ravenclaw's territory and honesty a recognized Hufflepuff attribute."
The hat's algorithm would place Stephen Hawking and Hillary Clinton into Ravenclaw, according to the article, while Donald Trump "was assigned to Gryffindor for his boldness -- but only with a 48 percent certainty."

The sorting hat talks, drawing its data directly from the IBM Cloud, and if you're interested in building your own, the IBM engineer has shared a tutorial online.
Security

Slashdot Asks: Does Your Company Have A Breach Response Team? (helpnetsecurity.com) 47

This week HelpNetSecurity reported on a study that found that "the average data breach cost has grown to $4 million, representing a 29 percent increase since 2013.. 'The amount of time, effort and costs that companies face in the wake of a data breach can be devastating, and unfortunately most companies still don't have a plan in place to deal with this process efficiently," said Caleb Barlow, Vice President, of IBM Security."

But the most stunning part of the study was that each compromised record costs a company $158 (on average), and up to $355 per record in more highly-regulated industries like healthcare, according to the study -- $100 more than in 2013. And yet it also found that having an "incident response team" greatly reduces the cost of a data breach. So I'd be curious how many Slashdot readers work for a company that actually has a team in place to handle data breaches. Leave your answers in the comments. Does your company have an incident response team ?
AI

Olli is a 3D Printed, IBM Watson-Powered, Self-Driving Minibus (phys.org) 50

An anonymous reader writes from a report via Phys.Org: Arizona-based startup Local Motors unveiled Olli -- a 3D-printed minibus capable of carrying 12 people. It's powered by IBM's supercomputer platform Watson and is designed as an on-demand transportation solution that passengers can summon with a mobile app. The company claims it can be "printed" to specification in "micro factories" in a matter of hours. They say it is ready to go as soon as regulations allow it to hit the streets. While Local Motors has developed the system to control the driving, IBM's Watson system is used to provide the user interface so passengers can have "conversations" with Olli. "Watson is bringing an understanding to the vehicle," said IBM's Bret Greenstein. "If you have someplace you need to be you can say that in your own words. A vehicle that understands human language, where you can walk in and say, 'I'd like to get to work,' that lets you as a passenger relax and enjoy your journey," he said. The vehicle relies on more than 30 sensors and streams of data from IBM's cloud. Olli will be demonstrated in National Harbor, Maryland, over the next few months with additional trials expected in Las Vegas and Miami.
Security

The Average Cost of a Data Breach Is Now $4 Million (helpnetsecurity.com) 51

Reader Orome1 writes: The average data breach cost has grown to $4 million, representing a 29 percent increase since 2013, according to a report by Ponemon Institute. Cybersecurity incidents continue to grow in both volume and sophistication, with 64 percent more security incidents reported in 2015 than in 2014. As these threats become more complex, the cost to companies continues to rise. In fact, companies lose $158 per compromised record. Breaches in highly regulated industries like healthcare were even more costly, reaching $355 per record -- a full $100 more than in 2013.
China

US Company's China Employee Allegedly Stole Code To Help Local Government (csoonline.com) 49

Reader itwbennett writes: Xu Jiaqiang, a Chinese national, worked as a developer for an unnamed U.S. company's branch in China (a Reuters report says it's IBM) from November 2010 to May 2014, when he resigned voluntarily. A year later he was allegedly caught trying to sell stolen proprietary source code to U.S. undercover agents, who claimed they were starting a large-data storage company. The software is described in the original complaint as a key component of one of the world's largest scientific supercomputers and of commercial applications that require rapid access to large volumes of data. In December 2015, Xu was arrested by the FBI, alleged to have stolen for his own benefit and that of the National Health and Family Planning Commission in China, although no specific charges relating to actual transfer of the code to the National Health and Family Planning Commission are mentioned in the superseding indictment.
Cloud

Oracle Whistleblower Suit Raises Questions Over Cloud Accounting (nbcnews.com) 63

Svetlana Blackburn, a former senior finance manager for Oracle claims that the company has fired her for not "inflating" revenues in its cloud services division. She alleges that her bosses had instructed her to add "millions of dollars of accruals" for expected business "with no concrete or foreseeable billing to support the numbers." Oracle eventually inflated the numbers without her assistance, anyway, she adds. From NBC News report: The lawsuit, filed on Wednesday in U.S. District Court in San Francisco by former Oracle senior finance manager Svetlana Blackburn, also revives longstanding questions about proper accounting when software and computer services are bought on a subscription basis rather than as a single package, analysts said. Those questions are becoming more urgent as companies including Oracle, IBM, Microsoft and SAP race to transform their businesses for an era in which customers no longer own and operate their own information technology systems and instead lease computing services and software from cloud vendors using vast data centers.A spokesperson for Oracle says that Blackburn's claims are wrong, adding, "We are confident that all our cloud accounting is proper and correct."
Patents

IBM Has Been Awarded An Average Of 24 Patents Per Day So Far In 2016 (qz.com) 54

Traditional companies continue to score a huge number of patents, reports Quartz. The publication deep dived into the patent filings to find which company has been awarded the most number of patents this year. According to its finding, IBM has been awarded 3,617 patents so far this year, whereas Samsung comes close with 3,032 patents during the same period. Behind these giants sit Google with 1,530 patents, Intel with 1,293, Qualcomm with 1,262, Microsoft with 1,232, and Apple with 1,060 patents. From the report: Although IBM's patent-producing power slowed somewhat in 2015, the number of patents it's received so far this year is up more than 13% compared to a year earlier. The company is in the middle of a painful reinvention, that sees the company shifting further away from hardware sales into cloud computing, analytics, and AI services. It's also plugging away on a myriad of fundamental scientific research projects -- many of which could revolutionize the world if they can come to fruition -- which is where many of its patent applications originate. IBM accounted for about 1% of all US patents awarded in 2015.
AI

Tech CEOs Declare This the Era of Artificial Intelligence (fortune.com) 178

You will be hearing a lot about AI and machine learning in the coming years. At Recode's iconic conference this week, a number of top executives revealed -- and reiterated -- their increasingly growing efforts to capture the nascent technology category. From a Reuters report (condensed): Sundar Pichai, chief executive of Alphabet's Google, said he sees a "huge opportunity" in AI. Google first started applying the technology through "deep neural networks" to voice recognition software about three to four years ago and is ahead of rivals such as Amazon.com, Apple, and Microsoft in machine learning, Pichai said.
Amazon CEO Jeff Bezos predicted a profound impact on society over the next 20 years. "It's really early but I think we're on the edge of a golden era. It's going to be so exciting to see what happens," he said.
IBM CEO Ginni Rometty said the company has been working on artificial technology, which she calls a cognitive system, since 2005 when it started developing its Watson supercomputer.
Artificial intelligence and machine learning will create computers so sophisticated and godlike that humans will need to implant "neural laces" in their brains to keep up, Tesla Motors and SpaceX CEO Elon Musk told a crowd of tech leaders this week.
Microsoft, which was absent from the event, is also working on bots and AI technologies. One company that is seemingly off the picture is Apple.
IBM

Is Denver The Next High-Tech Center? (newyorker.com) 151

An anonymous reader write: "The spread of the tech industry outside Silicon Valley has helped make Denver the fastest-growing large city in the U.S.," reports the New Yorker, saying it's now growing faster than Austin and Seattle, becoming one of America's 20 most populous cities. Cost-conscious investors and tech executives now are opening offices in cheaper "secondary cities" outside of Silicon Valley, like Salt Lake City, and the good universities near Denver mean a well-educated workforce, coupled with a low cost of living.

"Though the city isn't the headquarters for any big tech companies -- like Dell in the Austin area or Microsoft and Amazon in Seattle -- several of them, including IBM and Oracle, have offices here. The presence of those offices, and of the universities, has also helped create a vibrant startup scene: people get educated here or come here for jobs, and then they graduate or leave those jobs and become entrepreneurs." Last year venture capitalists invested $800 million in Demver's tech, energy, food, and marijuana companies, and in 2014 Oracle paid over a billion dollars to acquire Denver-based Datalogix.

Anyone else live in a burgeoning "secondary" tech city? Scott McNealy said he co-founded his data-analysis startup in Denver because in California "The prices of everything have skyrocketed. The regulations. The pension deficit. The traffic. It's just not a fun place to go start."
IBM

Upcoming OS/2 Release Will Be Called ArcaOS 5.0 (techrepublic.com) 211

At the annual convention of OS/2 users, Arca Noae announced their new OS/2-OEM distribution will be released in the fourth quarter of 2016, and the project, codenamed "Blue Lion", will officially be called ArcaOS 5.0. "The significance of the version number relates to IBM OS/2 4.52 -- the last maintenance release of the platform released by IBM in 2001," reports TechRepublic. martiniturbide writes: The article discusses the features of ArcaOS like USB bootable installer, USB (1.1 and 2) , ACPI, AHCI, and network card drivers, new OS installer, etc. It will be sold in two editions: ArcaOS Commercial Edition [with 12 months of priority support and updates] and ArcaOS Personal Edition...
Anyone have fond members of OS/2? Are there any Slashdot readers who are still using it?
The Military

Department of Homeland Security Still Uses COBOL (softpedia.com) 217

The Department of Defense has promised to finally stop managing the U.S. nuclear arsenal with floppy disks "by the end of 2017". But an anonymous reader shares Softpedia's report about another startling revelation this week from the Government Accountability Office: Another agency that plans to upgrade is the US Department of Veterans Affairs, which uses COBOL, a programming language from the '50s to manage a system for employee time and attendance. Unfortunately for the VA, there were funds only to upgrade that COBOL system, because the agency still uses the antiquated programming language to run another system that tracks claims filed by veterans for benefits, eligibility, and dates of death. This latter system won't be updated this year. Another serious COBOL user is the Department of Homeland Security, who employs it to track hiring operations, alongside a 2008 IBM z10 mainframe and a Web component that uses a Windows 2012 server running Java.
Personnel files are serious business. A 2015 leak of the secret service's confidential personnel files for a Utah Congressman (who was leading a probe into high-profile security breaches and other missteps) led the Department of Homeland Security to discipline 41 secret service agents.
The Military

US Military Uses 8-Inch Floppy Disks To Coordinate Nuclear Force Operations (cnbc.com) 267

An anonymous reader writes from a report via CNBC: A new report reveals the U.S. Defense Department is still using 8-inch floppy disks in a computer system that coordinates the operational functions of the nation's nuclear forces. The Defense Department's 1970s-era IBM Series/1 Computer and long-outdated floppy disks handle functions related to intercontinental ballistic missiles, nuclear bombers and tanker support aircraft, according to the new Governmental Accountability Office report. The report shows how outdated IT systems are being used to handle important functions related to the nation's taxpayers, federal prisoners and military veterans, as well as to the America's nuclear umbrella. "Federal legacy IT systems are becoming increasingly obsolete: Many use outdated software languages and hardware parts that are unsupported," the report found. "Agencies reported using several systems that have components that are, in some cases, at least 50 years old." From the report: "GAO pointed out that aging systems include the Treasury Department's 'individual master file,' which is the authoritative data source for individual taxpayers. It's used to assess taxes and generates refunds. That file 'is written in assembly language code -- a low-level computer code that is difficult to write and maintain -- and operates on an IBM mainframe,' the report said." The report also mentioned that several other departments, such as the departments of Treasury, Commerce, Health and Human Services and the Veterans' Administration, "reported using 1980s and 1990s Microsoft operating systems that stopped being supported by the vendor more than a decade ago."
Data Storage

IBM's Optical Storage Is 50 Times Faster Than Flash, And Also Cheaper (prnewswire.com) 77

Flash storage is not as fast as the main memory (RAM); but RAM can't be used to store your regular files because of its volatile nature (and also because it's expensive). It appears we may soon have the perfect middle ground of the two. Scientists at IBM have demonstrated reliably storing 3 bits of data per cell using a relatively new memory technology known as phase-change memory (PCM). Engadget reports: To store PCM data on a Blu-ray disk, you apply a high current to amorphous (non-crystalline) glass materials, transforming them into a more conductive crystal form. To read it back, you apply a lower voltage to measure conductivity -- when it's high, the state is "1," and when it's low, it's "0." By heating up the materials, more states can be stored, but the problem is that the crystals can "drift" depending on the ambient temperature. IBM's team figured out how to track and encode those variations, allowing them to reliably read 3-bits of data per cell long after it was written. That suddenly makes PCM a lot more interesting -- its speed is currently much better than flash, but the costs are as high as RAM thanks to the low density.
The Almighty Buck

Warren Buffett Buys $1 Billion Stake In Apple (cnn.com) 120

An anonymous reader quotes a report from CNN: Berkshire Hathaway, the conglomerate run by Buffett, disclosed in a regulatory filing Monday that it purchased more than 9.8 million shares in Apple during the first quarter. It marks Berkshire's first investment in Apple. Berkshire acquired its position at an average price of about $109 a share. Apple's stock price has since fallen to just above $90, meaning that Berkshire's stake in Apple is now worth about $888 million. The Apple purchase is the second big tech investment by Berkshire, which has been steadily adding to its stake in IBM during the past few years. Until recently, Buffett had been famous for his lack of investments in the tech sector. But Apple fits perfectly in Buffett's wheelhouse. The company is a leader in its market and the stock is extremely cheap, trading for just 11 times this year's earnings estimates. Apple also has a pristine balance sheet, with $232.9 billion in cash. At the end of April, billionaire investor Carl Icahn sold his entire stake in Apple, citing the risk of China's influence on the stock. Last week, Didi, China's ride-sharing service and rival to Uber, announced Apple invested $1 billion in the company. There's been a lot of money shuffling taking place as of late as Apple tries to reinvigorate the market after it had its first earnings decline in more than a decade.
AI

Professor Surprises Students With AI Teacher Assistant (smh.com.au) 85

An anonymous reader writes: Jill Watson is an artificial intelligence bot, it is also Ashok Goel's teaching assistant. Ashok Goel, a computer science professor at Georgia Tech, hired Jill Watson to answer questions online for his students so that his teaching staff wasn't so overworked. On average, Goel and his staff receive more than 10,000 questions from students online each semester. So he decided to use IBM Watson, an artificial intelligence system designed to answer questions. After training and tweaking it for months, he was able to spit out good enough answers. Originally, Goel didn't reveal Watson's true identity to his students until after the last final exam was turned in at the end of the class. Students were amazed. "I feel like I am part of history because of Jill and this class!" wrote one student in the class's online forum. "Just when I wanted to nominate Jill Watson as an outstanding TA in the CIOS survey!" said another. Goel is now working to bring the bot to as as many education centers are possible. He expects the bot's question-answering abilities to help online classes, where there's little engagement with a human instructor.
AI

BakerHostetler Hires Artificial Intelligent Attorney 'Ross' (fortune.com) 49

An anonymous reader writes: Futurism reports, Ross, the first artificially intelligent attorney, was just hired by the global law firm Baker and Hostetler. The firm announced they hired a robot lawyer created by ROSS Intelligence. Ross was built on IBM's Watson and is fully capable of understanding your questions, responding with a hypothesis backed by references and citations. It provides you with the most relevant information you are looking for rather than thousands of results you'd need to sift though. In addition, it can notify you about recent court decisions that may or may not affect your case, and it will continue to learn based off each experience it encounters. ROSS Intelligence co-founder and CEO says other law firms have also signed licenses with Ross.

Slashdot Top Deals