Just a few days ago, Razer's awesome Project Valerie laptops -- the one with three 4K displays -- were stolen. Now it looks like whoever stole them is trying to sell them. From a report: It turns out that the thief (or thieves) didn't just nab one Project Valerie prototype. They actually got ahold of a pair. Razer CEO Min-Liang Tan understandably wants them back, really, really badly. The company was willing to offer $25,000 to anyone who could offer information that led to the prototypes' return. So where did the laptops end up? Somewhere behind the Great Wall, apparently. Whoever has them isn't trying to quietly fence them in some dark Beijing alleyway, either. They've actually been listed on the immensely popular Chinese e-commerce site Taobao -- where they were spotted by writers at Engadget Chinese and Wccftech.
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
An anonymous reader quotes a report from Ars Technica: President-elect Donald Trump is just a week away from taking office. From the start of his campaign, he has promised big changes to the US immigration system. For both Trump's advisers and members of Congress, the H-1B visa program, which allows many foreign workers to fill technology jobs, is a particular focus. One major change to that system is already under discussion: making it harder for companies to use H-1B workers to replace Americans by simply giving the foreign workers a raise. The "Protect and Grow American Jobs Act," introduced last week by Rep. Darrell Issa, R-Calif. and Scott Peters, D-Calif., would significantly raise the wages of workers who get H-1B visas. If the bill becomes law, the minimum wage paid to H-1B workers would rise to at least $100,000 annually, and be adjusted it for inflation. Right now, the minimum is $60,000. The sponsors say that would go a long way toward fixing some of the abuses of the H-1B program, which critics say is currently used to simply replace American workers with cheaper, foreign workers. In 2013, the top nine companies acquiring H-1B visas were technology outsourcing firms, according to an analysis by a critic of the H-1B program. (The 10th is Microsoft.) The thinking goes that if minimum H-1B salaries are brought closer to what high-skilled tech employment really pays, the economic incentive to use it as a worker-replacement program will drop off. "We need to ensure we can retain the world's best and brightest talent," said Issa in a statement about the bill. "At the same time, we also need to make sure programs are not abused to allow companies to outsource and hire cheap foreign labor from abroad to replace American workers." The H-1B program offers 65,000 visas each fiscal year, with an additional 20,000 reserved for foreign workers who have advanced degrees from US colleges and universities. The visas are awarded by lottery each year. Last year, the government received more than 236,000 applications for those visas.
Dotnaught quotes a report from The Register: Lily Robotics says its decision on Thursday to shut down and return pre-order payments for a never-delivered drone, which came on the same day that San Francisco District Attorney George Gascon charged the company with false advertising and misleading business practices, was purely coincidental. According to a source familiar with the complaint filed against the company, Lily Robotics has known about the DA's investigation for several months. On the strength of a promotional video on YouTube in May 2015, embedded below, Lily Robotics raised more than $34 million in pre-order sales over the course of that year for a drone called Lily Camera. The flying gadget, when built, would be capable of being launched with a throw, following people, and recording them. But after pushing the delivery date back multiple times, Lily Robotics has yet to ship a single drone to its 60,000 prospective customers, according to the lawsuit filed against the company. In theory, Lily Robotics could face a fine of more than a hundred million dollars, depending upon the outcome of a trial, if it comes to that. The company faces potential fines for at least two business code violations subject to a civil penalty of $2,500 per violation, and there are some 60,000 individuals affected. In practice, however, such fines are usually orders of magnitude less, particularly if both sides agree on a settlement. The complaint against Lily, obtained by The Register, alleges that the company knowingly misled customers by creating a promotional video that purported to show video footage captured with a Lily drone prototype. "In fact, none of the video in the Promotional Video was shot by a Lily Camera," the complaint says. "Most notably, the POV footage used in the promotional video was filmed using a professional camera drone called the DJI Inspire." Among the Lily Camera prototypes present at the video shoot, the complaint says, the ones that could actually record video were able to do so because they had Go-Pro cameras mounted on them.
mask.of.sanity writes from a report via The Register: U.S. president-elect Donald Trump's freshly minted cyber tsar Rudy Giuliani runs a website so insecure that its content management system is five years out of date, unpatched and is utterly hackable. Giulianisecurity.com, the website for Giuliani's eponymous infosec consultancy firm, runs Joomla! version 3.0, released in 2012, and since found to carry 15 separate vulnerabilities. More bugs and poor secure controls abound. The Register report adds: "Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server. This seemingly insecure system also has a surprising number of network ports open -- from MySQL and anonymous LDAP to a very out-of-date OpenSSH 4.7 that was released in 2007. It also runs a rather old version of FreeBSD. 'You can probably break into Giuliani's server,' said Robert Graham of Errata Security. 'I know this because other FreeBSD servers in the same data center have already been broken into, tagged by hackers, or are now serving viruses. 'But that doesn't matter. There's nothing on Giuliani's server worth hacking.'"
iPhone app purchasers may sue Apple over allegations that the company monopolized the market for iPhone apps by not allowing users to purchase them outside the App Store, leading to higher prices, a U.S. appeals court ruled. From a report on Reuters: The 9th U.S. Circuit Court of Appeals ruling revives a long-simmering legal challenge originally filed in 2012 taking aim at Apple's practice of only allowing iPhones to run apps purchased from its own App Store. A group of iPhone users sued saying the Cupertino, California, company's practice was anticompetitive. Apple had argued that users did not have standing to sue it because they purchased apps from developers, with Apple simply renting out space to those developers. Developers pay a cut of their revenues to Apple in exchange for the right to sell in the App Store.
For the first time for a bumblebee and a bee species in the U.S., the U.S. Fish and Wildlife Service has designated the bumblebee an endangered species. The protected status goes into effect on February 10, and includes requirements for federal protections and the development of a recovery plan. NPR reports: "Today's Endangered Species listing is the best -- and probably last -- hope for the recovery of the rusty patched bumble bee," NRDC Senior Attorney Rebecca Riley said in a statement from the Xerces Society, which advocates for invertebrates. "Bumble bees are dying off, vanishing from our farms, gardens, and parks, where they were once found in great numbers." Large parts of the Eastern and Midwestern United States were once crawling with these bees, Bombus affinis, but the bees have suffered a dramatic decline in the last two decades due to habitat loss and degradation, along with pathogens and pesticides. Indeed, the bee was found in 31 states and Canadian provinces before the mid- to late-1990s, according to the final rule published in the Federal Register. But since 2000, it has been reported in only 13 states and Ontario, Canada. It has seen an 88 percent decline in the number of populations and an 87 percent loss in the amount of territory it inhabits. This means the species is vulnerable to extinction, the rule says, even without further habitat loss or insecticide exposure. Canada designated the species as endangered in 2012.
Mickeycaskill quotes a report from Silicon.co.uk: Switzerland has agreed its own new data transfer agreement with the United States, basing the framework on the deal struck by the European Union (EU) following the invalidation of Safe Harbour. The previous arrangement was invalidated because of concerns about U.S. mass surveillance but Switzerland says the new Swiss-U.S. Privacy Shield will allow Swiss companies to transfer customer data without the need for additional contractual guarantees. The Swiss Federal Council, a seven member executive council that is effectively the head of government in Switzerland, claim citizens will benefit from additional protections and the ability to contact an ombudsman about data issues. Although not part of the EU, Switzerland is a member of the European Economic Area (EEA) and has several bilateral agreements with the EU that sees it adopt many of the bigger bloc's policies. The Federal Council says the alignment between the EU and the Swiss transatlantic data sharing partnerships is good news for multinational organizations.
An anonymous reader quotes a report from BleepingComputer: A team of researchers from universities across the U.S. has identified different fingerprinting techniques that can track users when they use different browsers installed on the same machine. Named "cross-browser fingerprinting" (CBF), this practice relies on new technologies added to web browsers in recent years, some of which had been previously considered unreliable for cross-browser tracking and only used for single browser fingerprinting. These new techniques rely on making browsers carry out operations that use the underlying hardware components to process the desired data. For example, making a browser apply an image to the side of a 3D cube in WebGL provides a similar response in hardware parameters for all browsers. This is because the GPU card is the one carrying out this operation and not the browser software. According to the three-man research team led by Assistant Professor Yinzhi Cao from the Computer Science and Engineering Department at Lehigh University, the following browser features could be (ab)used for cross-browser fingerprinting operations: [Screen Resolution, Number of CPU Virtual Cores, AudioContext, List of Fonts, Line, Curve, and Anti-Aliasing, Vertex Shader, Fragment Shader, Transparency via Alpha Channel, Installed Writing Scripts (Languages), Modeling and Multiple Models, Lighting and Shadow Mapping, Camera and Clipping Planes.] Researchers used all these techniques together to test how many users they would be able to pin to the same computer. For tests, researchers used browsers such as Chrome, Firefox, Edge, IE, Opera, Safari, Maxthon, UC Browser, and Coconut. Results showed that CBF techniques were able to correctly identify 99.24% of all test users. Previous research methods achieved only a 90.84% result.
To combat the robot revolution, the European Parliament's legal affairs committee has proposed that robots be equipped with emergency "kill switches" to prevent them from causing excessive damage. Legislators have also suggested that robots be insured and even be made to pay taxes. "A growing number of areas of our daily lives are increasingly affected by robotics," said Mady Delvaux, the parliamentarian who authored the proposal. "To ensure that robots are and will remain in the service of humans, we urgently need to create a robust European legal framework." CNNMoney reports: The proposal calls for a new charter on robotics that would give engineers guidance on how to design ethical and safe machines. For example, designers should include "kill switches" so that robots can be turned off in emergencies. They must also make sure that robots can be reprogrammed if their software doesn't work as designed. The proposal states that designers, producers and operators of robots should generally be governed by the "laws of robotics" described by science fiction writer Isaac Asimov. The proposal also says that robots should always be identifiable as mechanical creations. That will help prevent humans from developing emotional attachments. "You always have to tell people that robot is not a human and a robot will never be a human," said Delvaux. "You must never think that a robot is a human and that he loves you." The report cites the example of care robots, saying that people who are physically dependent on them could develop emotional attachments. The proposal calls for a compulsory insurance scheme -- similar to car insurance -- that would require producers and owners to take out insurance to cover the damage caused by their robots. The proposal explores whether sophisticated autonomous robots should be given the status of "electronic persons." This designation would apply in situations where robots make autonomous decisions or interact with humans independently. It would also saddle robots with certain rights and obligations -- for example, robots would be responsible for any damage they cause. If advanced robots start replacing human workers in large numbers, the report recommends the European Commission force their owners to pay taxes or contribute to social security.
An anonymous reader quotes a report from Schneier on Security: President Obama has changed the rules regarding raw intelligence, allowing the NSA to share raw data with the U.S.'s other 16 intelligence agencies. The new rules significantly relax longstanding limits on what the N.S.A. may do with the information gathered by its most powerful surveillance operations, which are largely unregulated by American wiretapping laws. These include collecting satellite transmissions, phone calls and emails that cross network switches abroad, and messages between people abroad that cross domestic network switches. The change means that far more officials will be searching through raw data. Essentially, the government is reducing the risk that the N.S.A. will fail to recognize that a piece of information would be valuable to another agency, but increasing the risk that officials will see private information about innocent people. Here are the new procedures. This rule change has been in the works for a while. Here are two blog posts from April discussing the then-proposed changes.
An anonymous reader shares a TechCrunch report: The Arizona attorney general is soliciting outside legal counsel to pursue a consumer fraud lawsuit against the beleaguered blood testing startup Theranos, according to a document posted on the state's procurement website. AZ's AG has so far declined to comment on any action, but the document contends Theranos may have defrauded customers in the state and the office is now seeking proposals to assist it in possible legal action "against Theranos, Inc. and its closely related subsidiaries for violations of the Arizona Consumer Fraud Act arising out of Theranos Inc.'s long-running scheme of deceptive acts and misrepresentations relating to the capabilities and operation of Theranos blood testing equipment." Theranos ran its consumer portion of the business in Arizona and even worked with the state government to change laws allowing consumers to request blood tests without a doctor's permission. But, as the document cites, a myriad bad test results, including those raised in a series of Wall street Journal articles, raised concerns with the attorney general's office.
An anonymous reader shares a GeekWire report: Amazon just made a big statement about its continued growth aspirations, announcing that it plans to add another 100,000 full-time jobs in the U.S. over the next 18 months, an increase of more than 55 percent in its domestic workforce. The growth would push Amazon's U.S. workforce to more than 280,000 people by mid 2018. Amazon said in an announcement that the jobs will be available to people "all across the country and with all types of experience, education and skill levels -- from engineers and software developers to those seeking entry-level positions and on-the-job training."
An anonymous reader shares a Motherboard report: Motherboard has obtained 900 GB of data related to Cellebrite, one of the most popular companies in the mobile phone hacking industry. The cache includes customer information, databases, and a vast amount of technical data regarding Cellebrite's products. The breach is the latest chapter in a growing trend of hackers taking matters into their own hands, and stealing information from companies that specialize in surveillance or hacking technologies. Cellebrite is an Israeli company whose main product, a typically laptop-sized device called the Universal Forensic Extraction Device (UFED), can rip data from thousands of different models of mobile phones. That data can include SMS messages, emails, call logs, and much more, as long as the UFED user is in physical possession of the phone.
Some deals are too good to be true. And, for Amazon, they will cost the company. From a report on Recode: A Canadian enforcement agency announced today that Amazon Canada will pay a $1 million fine for what could be construed as misleading pricing practices. The investigation centered on the practice of Amazon displaying its prices compared to higher "list prices" -- suggested manufacturer prices (MSRPs) designed as marketing gimmicks to make people think they are getting a deal, even though it's often the case that no shopper ever pays that price. "The Bureau's investigation concluded that these claims created the impression that prices for items offered on www.amazon.ca were lower than prevailing market prices," Canada's Competition Bureau said in a statement. "The Bureau determined that Amazon relied on its suppliers to provide list prices without verifying that those prices were accurate."
An anonymous reader quotes a report from The Verge: Just a week and a half before he is set to leave office, FCC Chairman Tom Wheeler has issued a new report stating that the zero-rated video services offered by ATT and Verizon may violate the FCC's Open Internet Order. Assembled by the FCC's Wireless Telecommunications Bureau, the report focuses on sponsored data programs, which allow companies to pay carriers to exempt exempt their data from customers' data caps. According to the report, many of those packages simply aren't playing fair. "While observing that ATT provided incomplete responses to staff inquires," Wheeler wrote to Senators, "the report states that the limited information available supports a conclusion that ATT offers Sponsored Data to third-party content providers at terms and conditions that are effectively less favorable than those it offers to its affiliate, DirecTV." In theory, sponsored data should be an even playing field, with providers bearing the costs and making the same charges regardless of who's footing the bill. But according to the report, ATT treats the DirectTV partnership very differently from an unaffiliated sponsored data system, giving the service a strong advantage over competitors. "ATT appears to view the network cost of Sponsored Data for DIRECTV Now as effectively de minimis," the report concludes. While ATT still bears some cost for all that free traffic, it's small enough that the carrier doesn't seem to care. The report raises similar concerns regarding Verizon's Go90 program, although it concludes Verizon's program may be less damaging. Notably, the letter does not raise the same concerns about T-Mobile's BingeOn video deal, since it "charges all edge providers the same zero rate for participating."
Tulsa_Time quotes a report from Phys.Org: Could flashing the "peace" sign in photos lead to fingerprint data being stolen? Research by a team at Japan's National Institute of Informatics (NII) says so, raising alarm bells over the popular two-fingered pose. Fingerprint recognition technology is becoming widely available to verify identities, such as when logging on to smartphones, tablets and laptop computers. But the proliferation of mobile devices with high-quality cameras and social media sites where photographs can be easily posted is raising the risk of personal information being leaked, reports said. The NII researchers were able to copy fingerprints based on photos taken by a digital camera three meters (nine feet) away from the subject.
An anonymous reader writes: The latest Adobe Acrobat Reader security update (15.023.20053), besides delivering security updates, also secretly installs the Adobe Acrobat extension in the user's Chrome browser. There is no mention of this "special package" on Acrobat's changelog, and surprise-surprise, the extension comes with anonymous data collection turned on by default. Bleeping Computer reports: "This extension allows users to save any web page they're on as a PDF file and share it or download it to disk. The extension is also Windows-only, meaning Mac and Linux Chrome users will not receive it. The extension requests the following permissions: Read and change all your data on the websites you visit; Manage your downloads; Communicate with cooperating native applications. According to Adobe, extension users 'share information with Adobe about how [they] use the application. The information is anonymous and will help us improve product quality and features,' Adobe also says. 'Since no personally identifiable information is collected, the anonymous data will not be meaningful to anyone outside of Adobe.'"
An anonymous reader shares with us a report from The Daily Beast: When former Microsoft employees complained of the horrific pornography and murder films they had to watch for their jobs, the software giant told them to just take more smoke breaks, a new lawsuit alleges. Members of Microsoft's Online Safety Team had "God-like" status, former employees Henry Soto and Greg Blauert allege in a lawsuit filed on Dec. 30. They "could literally view any customer's communications at any time." Specifically, they were asked to screen Microsoft users' communications for child pornography and evidence of other crimes. But Big Brother didn't offer a good health care plan, the Microsoft employees allege. After years of being made to watch the "most twisted" videos on the internet, employees said they suffered severe psychological distress, while the company allegedly refused to provide a specially trained therapist or to pay for therapy. The two former employees and their families are suing for damages from what they describe as permanent psychological injuries, for which they were denied worker's compensation. "Microsoft applies industry-leading, cutting-edge technology to help detect and classify illegal images of child abuse and exploitation that are shared by users on Microsoft Services," a Microsoft spokesperson wrote in an email. "Once verified by a specially trained employee, the company removes the image, reports it to the National Center for Missing and Exploited Children, and bans the users who shared the images from our services. We have put in place robust wellness programs to ensure the employees who handle this material have the resources and support they need." But the former employees allege neglect at Microsoft's hands.
An anonymous reader quotes a report from The Verge: Microsoft is working on a new Windows 10 feature that will automatically lock and secure a PC when the operating system detects someone has moved away from the machine. The feature is labelled as Dynamic Lock in recent test builds of Windows 10, and Windows Central reports that Microsoft refers to this as "Windows Goodbye" internally. Microsoft currently uses special Windows Hello cameras to let Windows 10 users log into a PC with just their face. Big corporations teach employees to use the winkey+L combination to lock machines when they're idle, but this new feature will make it an automatic process. It's not clear exactly how Microsoft will detect inactivity, but it's possible the company could use Windows Hello-compatible machines or detect idle activity and lock the machine accordingly. Windows can already be configured to do this after a set time period, but it appears Microsoft is streamlining this feature into a simple setting for anyone to enable. Microsoft is planning to deliver Dynamic Lock as part of the Windows 10 Creators Update, expected to arrive in April.
Federal regulators criticized several Wall Street banks over the handling of a $1.15 billion loan they helped arrange for Uber this past summer, reports Reuters, citing people with knowledge of the matter. From the report: Led by Morgan Stanley, the banks helped the ride-sharing network tap the leveraged loan market in July for the first time, persuading institutional investors to focus on its lofty valuation and established markets rather than its losses in countries such as China and India. The Federal Reserve and the Office of the Comptroller of the Currency (OCC), which are trying to reign in risky lending across Wall Street, took issue with the way in which the banks carved out Uber's more mature operations from the rest of the business, the people said.