You are here

Feed aggregator

HP Laptops Found To Have Hidden Keylogger

Slashdot - Mon, 12/11/2017 - 15:00
Hidden software that can record every letter typed on a computer keyboard has been discovered pre-installed on hundreds of HP laptop models, BBC reported on Monday citing the findings of a security researcher. From the report: Security researcher Michael Myng found the keylogging code in software drivers preinstalled on HP laptops to make the keyboard work. HP said more than 460 models of laptop were affected by the "potential security vulnerability." It has issued a software patch for its customers to remove the keylogger. The issue affects laptops in the EliteBook, ProBook, Pavilion and Envy ranges, among others. HP has issued a full list of affected devices, dating back to 2012. Mr Myng discovered the keylogger while inspecting Synaptics Touchpad software, to figure out how to control the keyboard backlight on an HP laptop. He said the keylogger was disabled by default, but an attacker with access to the computer could have enabled it to record what a user was typing. According to HP, it was originally built into the Synaptics software to help debug errors. It acknowledged that could lead to "loss of confidentiality" but it said neither Synaptics nor HP had access to customer data as a result of the flaw.

Read more of this story at Slashdot.

Categories: Tech/Science News

Ask Slashdot: What's the Best Way to Retrain Old IT Workers?

Slashdot - Mon, 12/11/2017 - 12:34
A medium-sized company just hired a new IT manager who wants advice from the Slashdot community about their two remaining IT "gofers": These people have literally been here their entire "careers" and are now near retirement. Quite honestly, they do not have any experience other than reinstalling Windows, binding something to the domain and the occasional driver installation -- and are more than willing to admit this. Given many people are now using Macs and most servers/workstations are running Linux, they have literally lost complete control over the company, with most of these machines sitting around completely unmanaged. Firing these people is nearly impossible. (They have a lot of goodwill within other departments, and they have quite literally worked there for more than 60 years combined.) So I've been tasked with attempting to retrain these people in the next six months. Given they still have to do work (imaging computers and fixing basic issues), what are the best ways of retraining them into basic network, Windows, Mac, Linux, and "cloud" first-level help desk support? Monster_user had some suggestions -- for example, "Don't overtrain. Select and target areas where they will be able to provide a strong impact." Any other good advice? Leave your best answers in the comments. What's the best way to retrain old IT workers?

Read more of this story at Slashdot.

Categories: Tech/Science News

CodeSOD: A Type of Standard

The Daily WTF - Mon, 12/11/2017 - 12:30

I’ve brushed up against the automotive industry in the past, and have gained a sense about how automotive companies and their suppliers develop custom software. That is to say, they hack at it until someone from the business side says, “Yes, that’s what we wanted.” 90% of the development time is spent doing re-work (because no one, including the customer, understood the requirements) and putting out fires (because no one, including the customer, understood the requirements well enough to tell you how to test it, so things are going wrong in production).

Mary is writing some software that needs to perform automated testing on automotive components. The good news is that the automotive industry has adopted a standard API for accomplishing this goal. The bad news is that the API was designed by the automotive industry. Developing standards, under ideal conditions, is hard. Developing standards in an industry that is still struggling with software quality and hasn’t quite fully adopted the idea of cross-vendor standardization in the first place?

You’re gonna have problems.

The specific problem that led Mary to send us this code was the way of defining data types. As you can guess, they used an XML schema to lay out the rules. That’s how enterprises do this sort of thing.

There are a bunch of “primitive” data types, like UIntVariable or BoolVariable. There are also collection types, like Vector or Map or Curve (3D plot). You might be tempted to think of the collection types in terms of generics, or you might be tempted to think about how XML schemas let you define new elements, and how these make sense as elements.

If you are thinking in those terms, you obviously aren’t ready for the fast-paced world of developing software for the automotive industry. The correct, enterprise-y way to define these types is just to list off combinations:

<xs:simpleType name="FrameworkVarType"> <xs:annotation> <xs:documentation>This type is an enumeration of all available data types on Framework side.</xs:documentation> </xs:annotation> <xs:restriction base="xs:string"> <xs:enumeration value="UIntVariable"/> <xs:enumeration value="IntVariable"/> <xs:enumeration value="FloatVariable"/> <xs:enumeration value="BoolVariable"/> <xs:enumeration value="StringVariable"/> <xs:enumeration value="UIntVectorVariable"/> <xs:enumeration value="IntVectorVariable"/> <xs:enumeration value="FloatVectorVariable"/> <xs:enumeration value="BoolVectorVariable"/> <xs:enumeration value="StringVectorVariable"/> <xs:enumeration value="UIntMatrixVariable"/> <xs:enumeration value="IntMatrixVariable"/> <xs:enumeration value="FloatMatrixVariable"/> <xs:enumeration value="BoolMatrixVariable"/> <xs:enumeration value="StringMatrixVariable"/> <xs:enumeration value="FloatIntCurveVariable"/> <xs:enumeration value="FloatFloatCurveVariable"/> <xs:enumeration value="FloatBoolCurveVariable"/> <xs:enumeration value="FloatStringCurveVariable"/> <xs:enumeration value="StringIntCurveVariable"/> <xs:enumeration value="StringFloatCurveVariable"/> <xs:enumeration value="StringBoolCurveVariable"/> <xs:enumeration value="StringStringCurveVariable"/> <xs:enumeration value="FloatFloatIntMapVariable"/> <xs:enumeration value="FloatFloatFloatMapVariable"/> <xs:enumeration value="FloatFloatBoolMapVariable"/> <xs:enumeration value="FloatFloatStringMapVariable"/> <xs:enumeration value="FloatStringIntMapVariable"/> <xs:enumeration value="FloatStringFloatMapVariable"/> <xs:enumeration value="FloatStringBoolMapVariable"/> <xs:enumeration value="FloatStringStringMapVariable"/> <xs:enumeration value="StringFloatIntMapVariable"/> <xs:enumeration value="StringFloatFloatMapVariable"/> <xs:enumeration value="StringFloatBoolMapVariable"/> <xs:enumeration value="StringFloatStringMapVariable"/> <xs:enumeration value="StringStringIntMapVariable"/> <xs:enumeration value="StringStringFloatMapVariable"/> <xs:enumeration value="StringStringBoolMapVariable"/> <xs:enumeration value="StringStringStringMapVariable"/> </xs:restriction> </xs:simpleType>

So, not only is this just awkward, it’s not exhaustive. If you, for example, wanted a curve that plots integer values against integer values… you can’t have one. If you want a StringIntFloatMapVariable, your only recourse is to get the standard changed, and that requires years of politics, and agreement from all of the other automotive companies, who won’t want to change anything out of fear that their unreliable, hacky solutions will break.

hljs.initHighlightingOnLoad(); [Advertisement] Atalasoft’s imaging SDKs come with APIs & pre-built controls for web viewing, browser scanning, annotating, & OCR/barcode capture. Try it for 30 days with included support.
Categories: Fun/Other

Google's Machine Learning Is Analyzing Data From NASA's Kepler Space Telescope

Slashdot - Mon, 12/11/2017 - 09:34
NASA writes: NASA will host a media teleconference at 1 p.m. EST Thursday, Dec. 14, to announce the latest discovery made by its planet-hunting Kepler space telescope. The discovery was made by researchers using machine learning from Google. Machine learning is an approach to artificial intelligence, and demonstrates new ways of analyzing Kepler data... When Kepler launched in March 2009, scientists didn't know how common planets were beyond our solar system. Thanks to Kepler's treasure trove of discoveries, astronomers now believe there may be at least one planet orbiting every star in the sky. Space.com adds: Kepler spots alien worlds by noticing the tiny brightness dips they cause when they cross the face of their host star from the spacecraft's perspective. Kepler is the most accomplished planet hunter in history. It has found more than 2,500 confirmed alien worlds -- about 70 percent of all known exoplanets -- along with a roughly equal number of "candidates" that await confirmation by follow-up observations or analyses. The vast majority of these discoveries have come via observations that Kepler made during its original mission, which ran from 2009 to 2013. Study of these data sets is ongoing; over the past few years, researchers have used improved analysis techniques to spot many exoplanets in data that Kepler gathered a half-decade ago or more. Space.com describes Thursday's announcement as an exoplanet discovery. (Earlier they reported on the discovery of "a possibly habitable alien world" about 2.2 times the size of earth orbiting a dwarf star "within the range of distances where liquid water could exist on a world's surface".) Slashdot reader schwit1 points out that other less-credible sites speculate NASA's announcement will be "a major discovery about life beyond earth."

Read more of this story at Slashdot.

Categories: Tech/Science News

Does Systemd Makes Linux Complex, Error-Prone, and Unstable?

Slashdot - Mon, 12/11/2017 - 05:32
"Systemd developers split the community over a tiny detail that decreases stability significantly and increases complexity for not much real value." So argues Nico Schottelius, talking about his experiences as the CEO of a Swiss company providing VM hosting, datacenters, and high-speed fiber internet. Long-time Slashdot reader walterbyrd quotes Nico's essay: While I am writing here in flowery words, the reason to use Devuan is hard calculated costs. We are a small team at ungleich and we simply don't have the time to fix problems caused by systemd on a daily basis. This is even without calculating the security risks that come with systemd. Our objective is to create a great, easy-to-use platform for VM hosting, not to walk a tightrope... [W]hat the Devuan developers are doing is creating stability. Think about it not in a few repeating systemd bugs or about the insecurity caused by a huge, monolithic piece of software running with root privileges. Why do people favor Linux on servers over Windows? It is very easy: people don't use Windows, because it is too complex, too error prone and not suitable as a stable basis. Read it again. This is exactly what systemd introduces into Linux: error prone complexity and instability. With systemd the main advantage to using Linux is obsolete. The essay argues that while Devuan foisted another choice into the community, "it is not their fault. Creating Devuan is simply a counteraction to ensure Linux stays stable. which is of high importance for a lot of people."

Read more of this story at Slashdot.

Categories: Tech/Science News

After Automating Order-Taking, Fast Food Chains Had to Hire More Workers

Slashdot - Mon, 12/11/2017 - 03:27
An anonymous reader quotes the Atlantic: Blaine Hurst, the CEO and president of Panera, told me that because of its new [self-service] kiosks, and an app that allows online ordering, the chain is now processing more orders overall, which means it needs more total workers to fulfill customer demand. Starbucks patrons who use the chain's app return more frequently than those who don't, the company has said, and the greater efficiency that online ordering allows has boosted sales at busy stores during peak hours. Starbucks employed 8 percent more people in the U.S. in 2016 than it did in 2015, the year it launched the app... James Bessen, an economist at Boston University School of Law, found that as the number of ATMs in America increased fivefold from 1990 to 2010, the number of bank tellers also grew. Bessen believes that ATMs drove demand for consumer banking: No longer constrained by a branch's limited hours, consumers used banking services more frequently, and people who were unbanked opened accounts to take advantage of the new technology. Although each branch employed fewer tellers, banks added more branches, so the number of tellers grew overall. And as machines took over many basic cash-handling tasks, the nature of the tellers' job changed. They were now tasked with talking to customers about products -- a certificate of deposit, an auto loan -- which in turn made them more valuable to their employers. "It's not clear that automation in the restaurant industry will lead to job losses," Bessen told me.

Read more of this story at Slashdot.

Categories: Tech/Science News

Researchers Say Human Lifespans Have Already Hit Their Peak

Slashdot - Mon, 12/11/2017 - 01:22
An anonymous reader quotes Newsweek: We have reached our peak in terms of lifespan, athletic performance and height, according to a new survey of research and historical records... "These traits no longer increase, despite further continuous nutritional, medical, and scientific progress," said Jean-FranÃois Toussaint, a physiologist at Paris Descartes University, France, in a press release... For the study, published in the journal Frontiers in Physiology, a team of French scientists, including Toussaint, from a range of fields analyzed 120 years' worth of historical records and previous research to gauge the varying pace of changes seen in human athletic performance, human lifespan and human height. While, as they observe, the 20th century saw a surge in improvements in all three areas that mirrored industrial, medical and scientific advances, the pace of those advances has slowed significantly in recent years. The team looked at world records in a variety of sports, including running, swimming, skating, cycling and weight-lifting. Olympic athletes in those sports continually toppled records by impressive margins from the early 1900s to the end of the 20th century, according the study. But since then, Olympic records have shown just incremental improvements. We have stopped not only getting faster and stronger, according to the study, but also growing taller... [D]ata from the last three decades suggest that heights have plateaued among high-income countries in North America and Europe... As for our human lifespan, life expectancy in high-income countries rose by about 30 years from 1900 to 2000, according to a National Institutes of Health study cited by the authors, thanks to better nutrition, hygiene, vaccines and other medical improvements. But we may have maxed out our biological limit for longevity. The researchers found that in many human populations, says Toussaint, "it's more and more difficult to show progress in lifespan despite the advances of science."

Read more of this story at Slashdot.

Categories: Tech/Science News

Launch of Bitcoin Futures Trading Crashes CBOE Site

Slashdot - Mon, 12/11/2017 - 00:17
"5PM CT is the start of Bitcoin futures trading and the $CBOE website appears to be down," one market watcher posted on Twitter (and his observation was quickly confirmed by other cryptocurrency-watching accounts and confirmed by CBOE). "I'm guessing watching Bitcoin futures start trading is a more popular spectator sport than anticipated." Bitcoin futures will also begin trading on the Chicago Mercantile Exchange in eight days. The Street report that the anticipation of that "has triggered wild swings in bitcoin prices over the last week." Overall, trading bitcoin futures is a positive development for the cryptocurrency says the research team at Fundstrat... The introduction of derivatives lays the necessary market structure for institutions to allocate cash towards cryptocurrencies, points out Fundstrat... Short sellers may now express negative views on bitcoin, which could lead to short-term pricing pressure. But the ability for short sellers to hate on bitcoin could be viewed as a longer term positive, Fundstrat says. Shorting essentially creates true price discovery and means that hedge funds could take bitcoin more seriously. This should improve the long-term prospects of bitcoin as it broadens sponsorship, Fundstrat believes.

Read more of this story at Slashdot.

Categories: Tech/Science News

Top iOS Apps of 2017: Bitmoji Beats Snapchat, YouTube, and Facebook Messenger

Slashdot - Sun, 12/10/2017 - 23:27
An anonymous reader quotes CNN: Apple has unveiled its list of most downloaded iOS apps of the year, and topping the list is free custom emoji app Bitmoji... Bitmoji soared to the top of the list, thanks to an integration with Snapchat. (Snapchat's parent company acquired Bitmoji last year for an unknown amount)... Users must download the Bitmoji app to use it with Snapchat. Fittingly, the main Snapchat app took second place, despite a tough year on Wall Street that was attributed to slow user growth. Snapchat was the most downloaded app of 2016. Google's YouTube took the number three spot this year, while Facebook's Messenger and Instagram placed fourth and fifth, respectively.

Read more of this story at Slashdot.

Categories: Tech/Science News

Coinbase Warns During Times of High Volatility, Access Could Become 'Unavailable'

Slashdot - Sun, 12/10/2017 - 22:22
An anonymous reader quotes City AM: A leading bitcoin exchange has warned that customers may be unable to get their money out quickly in the event of a crash in the cryptocurrency's price. Writing in a blog post last week, Coinbase's co-founder and chief executive Brian Armstrong, said despite "sizeable and ongoing" increases in the firm's technical infrastructure and engineering staff, access to Coinbase services could become "degraded or unavailable during times of significant volatility or volume. This could result in the inability to buy or sell for period of time," he said. Armstrong added that there would be restrictions on how much customers could sell, or sell limits, to "protect client accounts and assets"... Bitcoin's market capitalisation rose above $300 billion for the first time earlier this week when its price rocketed to an all-time high of just over $17,000. Many analysts have warned that bitcoin represents an unsustainable bubble, though no one is quite sure when it will burst.

Read more of this story at Slashdot.

Categories: Tech/Science News

Exhausted Amazon Drivers Are Working 11-Hour Shifts For Less Than Minimum Wage

Slashdot - Sun, 12/10/2017 - 21:17
schwit1 quotes the Daily Mirror: Drivers are being asked to deliver up to 200 parcels a day for Amazon while earning less than the minimum wage, a Sunday Mirror investigation reveals today... Many routinely exceed the legal maximum shift of 11 hours and finish their days dead on their feet. Yet they have so little time for food or toilet stops they snatch hurried meals on the run and urinate into plastic bottles they keep in their vans. They say they often break speed limits to meet targets that take no account of delays such as ice, traffic jams or road closures. Many claim they are employed in a way that means they have no rights to holiday or sickness pay. And some say they take home as little as £160 for a five-day week amid conditions described by one lawyer as "almost Dickensian"... The Driving and Vehicle Standards Agency has vowed to investigate after drivers contacted them to complain about conditions.

Read more of this story at Slashdot.

Categories: Tech/Science News

Did Programming Language Flaws Create Insecure Apps?

Slashdot - Sun, 12/10/2017 - 20:12
Several popular interpreted programming languages are affected by severe vulnerabilities that expose apps built on these languages to attacks, according to research presented at the Black Hat Europe 2017 security conference. An anonymous reader writes: The author of this research is IOActive Senior Security Consultant Fernando Arnaboldi, who says he used an automated software testing technique named fuzzing to identify vulnerabilities in the interpreters of five of today's most popular programming languages: JavaScript, Perl, PHP, Python, and Ruby. Fuzzing involves providing invalid, unexpected, or random data as input to a software application. The researcher created his own fuzzing framework named XDiFF that broke down programming languages per each of its core functions and fuzzed each one for abnormalities. His work exposed severe flaws in all five languages, such as a hidden flaw in PHP constant names that can be abused to perform remote code execution, and undocumented Python methods that can be used for OS code execution. Arnaboldi argues that attackers can exploit these flaws even in the most secure applications built on top of these programming languages.

Read more of this story at Slashdot.

Categories: Tech/Science News

FCC Refuses Records For Investigation Into Fake Net Neutrality Comments

Slashdot - Sun, 12/10/2017 - 19:04
"FCC general counsel Tom Johnson has told the New York State attorney general that the FCC is not providing information for his investigation into fake net-neutrality comments, saying those comments did not affect the review, and challenging the state's ability to investigate the feds." Variety has more: The FCC's general counsel, in a letter to New York Attorney General Eric Schneiderman, also dismissed his concerns that the volume of fake comments or those made with stolen identities have "corrupted" the rule-making process... He added that Schneiderman's request for logs of IP addresses would be "unduly burdensome" to the commission, and would "raise significant personal privacy concerns." Amy Spitalnick, Schneiderman's press secretary, said in a statement that the FCC "made clear that it will continue to obstruct a law enforcement investigation. It's easy for the FCC to claim that there's no problem with the process, when they're hiding the very information that would allow us to determine if there was a problem. To be clear, impersonation is a violation of New York law," she said... "The only privacy jeopardized by the FCC's continued obstruction of this investigation is that of the perpetrators who impersonated real Americans." One of the FCC's Democratic commissioners claimed that this response "shows the FCC's sheer contempt for public input and unreasonable failure to support integrity in its process... Moreover, the FCC refuses to look into how nearly half a million comments came from Russian sources."

Read more of this story at Slashdot.

Categories: Tech/Science News

Microsoft's 'Malware Protection Engine' Had A Remote Code Execution Flaw

Slashdot - Sun, 12/10/2017 - 17:59
Slashdot reader Trax3001BBS shares an article from The Register: Microsoft posted an out-of-band security update Thursday to address a remote code execution flaw in its Malware Protection Engine. Redmond says the flaw, dubbed CVE-2017-11937, has not yet been exploited in the wild. Because it is an out-of-band critical fix, however, it should be installed as soon as possible. For most users, this will happen automatically. The security hole is present in Windows Defender and Microsoft Security Essentials, as well as Endpoint Protection, Forefront Endpoint Protection, and Exchange Server 2013 and 2016... According to Microsoft, the vulnerability can be triggered when the Malware Protection Engine scans a downloaded file to check for threats. In many systems this is set to happen automatically for all new files. By exploiting a memory corruption error in the malware scanning tool, the attack file would be able to execute code on the target machine with LocalSystem privileges.

Read more of this story at Slashdot.

Categories: Tech/Science News

New Satellite Experiment Helps Confirm Einstein's Equivalence Principle

Slashdot - Sun, 12/10/2017 - 16:54
Part of Einstein's theory of general relativity posits that gravity equals inertial mass -- and for the first time in 10 years, there's new evidence that he's right. Slashdot reader orsayman reports: Most stories around space today seem to revolve around SpaceX, but let's not forget that space is also a place for cool physics experiments. One such experiment currently running into low orbit is the MICROSCOPE satellite launched in 2016 to test the (weak) Equivalence Principle (also knows as the universality of free fall) a central hypothesis in General Relativity. The first results confirm the principle with a precision ten times better than previous experiments. And it's just the beginning since they hope to increase the precision by another factor of 10. If the Equivalence Principle is still verified at this precision, this could constrain or invalidate some quantum gravity theories. For those of you who are more satellite-science oriented, the satellite also features an innovative "self destruct" mechanism (meant to limit orbit pollution) based on inflatable structures described in this paper. "The science phase of the mission began in December 2016," reports France's space agency, "and has already collected data from 1,900 orbits, the equivalent of a free fall of 85 million kilometres or half the Earth-Sun distance."

Read more of this story at Slashdot.

Categories: Tech/Science News

Touting Government/Industry 'Partnership' on Security Practices, NIST Drafts Cybersecurity Framework Update

Slashdot - Sun, 12/10/2017 - 15:49
Remember NIST, the non-regulatory agency of the U.S. Department of Commerce? Their mission expanded over the years to protecting businesses from cyberthreats, including a "Cybersecurty Framework" first published in 2014. "The original goal was to develop a voluntary framework to help organizations manage cybersecurity risk in the nation's critical infrastructure, such as bridges and the electric power grid," NIST wrote in January, "but the framework has been widely adopted by many types of organizations across the country and around the world." Now SC Media reports: The second draft of the update to the National Institute of Standards and Technology's cybersecurity framework, NIST 1.1, is meant "to clarify, refine, and enhance the Cybersecurity Framework, amplifying its value and making it easier to use," according to NIST. Specifically, it brings clarity to cybersecurity measurement language and tackles improving security of the supply chain. Calling the initial NIST CSF "a landmark effort" that delivered "important benefits, such as providing common language for different models" of standards and best practices already in use, Larry Clinton, president and CEO of the Internet Security Alliance, said "it fell short of some of the most critical demands of Presidential Executive Order 13636, which generated its development... "To begin with, the new draft makes it clear that our goal is not some undefined metric for use of the Framework, but for effective use of the Framework. Moreover, this use-metric needs to be tied not to some generic standard, but to be calibrated to the unique threat picture, risk appetite and business objective of a particular organization"... Clinton praised the process used by NIST as "a model 'use case' for how government needs to engage with its industry partners to address the cybersecurity issue." The internet's inherent interconnectedness makes it impossible for sustainable security to be achieved through anything other than true partnership, he contended. Slashdot reader Presto Vivace reminds you that public comments on the draft Framework and Roadmap are due to NIST by 11:59 p.m. EST on January 19, 2018. "If you have an opinion about this, NOW is the time to express it."

Read more of this story at Slashdot.

Categories: Tech/Science News

Ask Slashdot: Are There Any Good Smartwatches Or Fitness Trackers?

Slashdot - Sun, 12/10/2017 - 12:44
"What's your opinion on the current state of smartwatches?" asks long-time Slashdot reader rodrigoandrade. He's been researching both smartwatches and fitness trackers, and shares his own opinions: - Manufacturers have learnt from Moto 360 that people want round smartwatches that actually look like traditional watches, with a couple of glaring exceptions.... - Android Wear 2.0 is a thing, not vaporware. It's still pretty raw (think of early Android phones) but it works well. The LG Sport Watch is the highest-end device that supports it. - LTE-enabled smartwatches finally allow you to ditch your smartphone, if you wish. Just pop you nano SIM in it and party on. The availability is still limited to a few SKUs in some countries, and they're ludicrously expensive, but it's getting there. Keep reading for his assessment of four high-end choices -- and share your own opinions in the comments.

Read more of this story at Slashdot.

Categories: Tech/Science News

'Cards Against Humanity' Gives Out $1000 Checks

Slashdot - Sun, 12/10/2017 - 09:39
An anonymous reader writes: In November "Cards Against Humanity" announced "a complicated holiday promotion" where people paid $15 for six surprises in December. (For the first surprise in the Cards Against Humanity Saves America promotion, "we purchased a plot of vacant land on the border and retained a law firm specializing in eminent domain to make it as time-consuming and expensive as possible for Trump to build his wall.") The second surprise was the launch of a new podcast filled with positive news, and for the third surprise, they're redistributing the money people paid to join the event. "Most of our subscribers (about 140,000 people) got nothing today — they could have it worse. The next 10,000 subscribers received a full $15 refund of their Cards Against Humanity Saves America purchase. Finally, the poorest 100 people received a check for $1,000, paid for by everyone else." A new web page shares stories from the grateful participants, and explains the site's careful methodology for determining who needed the $1,000 checks the most. ("We excluded all Canadians. They already have universal healthcare. They'll be fine.") It argues that wealth inequality is the biggest issue in the world, but "Our lawyers advised against our first choice — a campaign to eat all the rich people and live in their houses — so we settled for something more achievable."

Read more of this story at Slashdot.

Categories: Tech/Science News

Intel's ME May Be Massively Infringing on Minix3's Free Software License

Slashdot - Sun, 12/10/2017 - 06:34
Software engineer (and IP Watchdog contributor) Fredrik Ohrstrom (a.k.a. Slashdot reader anjara) writes: Almost all Free Software licenses (BSD, MIT, GPL...) require some sort of legal notice (legal attribution) given to the recipient of the software, both when the software is distributed in source and in binary forms. The legal notice usually contains the copyright holder's name and the license text. This means that it's not possible to hide and keep secret the existence of Free Software that you have stuck into your product that you distribute. If you do so, then you are not complying with the Free Software license and you are committing a copyright infringement! This is exactly what Intel seems to have done with the Intel ME. The Minix3 operating system license requires a legal notice, but so far it seems like Intel has not given the necessary legal notices. (Probably because they want to keep the inside of the ME secret.) Thus not only is Minix3 the most installed OS on our recent x86 CPUs -- but it might also the most pirated OS on our recent x86 CPUs!

Read more of this story at Slashdot.

Categories: Tech/Science News

San Diego Comic-Con Wins Trademark Suit Against 'Salt Lake Comic Con'

Slashdot - Sun, 12/10/2017 - 03:34
The Deseret News reports: A jury has found that Salt Lake Comic Con founders Dan Farr and Bryan Brandenburg, along with their company, violated a trademark when they named their fan convention a "comic con." However, the jury decided that the trademark was not willfully violated, and only awarded $20,000 of the $12 million that San Diego Comic-Con had asked for in damages. The decision came at the end of an eight-day jury trial and three years of legal maneuvering... And with an estimated 140 other fan conventions across the country calling themselves comic cons, the impact of the decision could be felt nationwide... The Salt Lake group also has an ongoing action with the U.S. Patent and Trademark Office seeking to invalidate San Diego's "comic-con" trademark... San Diego Comic-Con, which has been holding events since 1970, has a trademark on "comic-con" with a hyphen, but was unsuccessful in its 1995 bid to trademark "comic con," with a space. The unhyphenated name "Comic Con International," as well as the event's iconic "eye logo," are also protected by trademark. The event maintains that its trademarks cover the term "comic con" in all its forms... San Diego Comic-Con wanted more than $12 million in damages from Salt Lake, including over $9 million for a three-month "corrective advertising campaign" to dispel confusion... In his closing arguments, Michael Katz, an attorney for Salt Lake Comic Con, questioned the amount San Diego was seeking, noting that San Diego authorities said during trial the organization generally spends between $20,000 and $30,000 for a month of advertising. Slashdot reader AlanBDee writes: When I attended the Salt Lake City Comic Con I did assume it was the same organization that put on San Diego Comic-Con... But now I have to wonder how that will affect other Comic Cons around the nation? What should these comic based fan conventions be called if not Comic Con?

Read more of this story at Slashdot.

Categories: Tech/Science News

Pages

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer