RSS 생중계

Is Social Media Making Us Hate Each Other?

Slashdot - 1시간 1분 지남
Nicholas Carr's book The Shallows: What the Internet Is Doing to Our Brains was a finalist for the 2011 Pulitzer Prize. Now an anonymous Slashdot reader reports on Carr's newest warning: It seems obvious: The more we learn about other people, the more we'll come to like them. The assumption underpins our deep-seated belief that communication networks, from the telephone system to Facebook, will help create social harmony. But what if the opposite is true? In a Boston Globe article, Nicholas Carr presents evidence showing that as we get more information about other people, we tend to like them less, not more. Through a phenomenon called "dissimilarity cascades," we place greater stress on personal and cultural differences than on similarities, and the bias strengthens as information accumulates. "Proximity makes differences stand out," he writes. The phenomenon intensifies online, where people are rewarded for sharing endless information about themselves. What the research indicates, warns Carr, is that the spread of social media is more likely to create social strife than social harmony. The article concludes by opposing the idea that "If we get the engineering right, our better angels will triumph. It's a pleasant thought, but it's a fantasy... Technology is an amplifier. It magnifies our best traits, and it magnifies our worst. What it doesn't do is make us better people. That's a job we can't offload on machines."

Read more of this story at Slashdot.

카테고리:

Uber Tried To Hide Its Secret IPhone Fingerprinting From Apple

Slashdot - 2시간 1분 지남
theodp quotes today's New York Times profile of Uber CEO Travis Kalanick: For months, Mr. Kalanick had pulled a fast one on Apple by directing his employees to help camouflage the ride-hailing app from Apple's engineers. The reason? So Apple would not find out that Uber had secretly been tracking iPhones even after its app had been deleted from the devices, violating Apple's privacy guidelines. Uber told TechCrunch this afternoon that it still uses a form of this device fingerprinting, saying they need a way to identify those devices which committed fraud in the past -- especially in China, where Uber drivers used stolen iPhones to request dozens of rides from themselves to increase their pay rate. It's been modified to comply with Apple's rules, and "We absolutely do not track individual users or their location if they've deleted the app..." an Uber spokesperson said. "Being able to recognize known bad actors when they try to get back onto our network is an important security measure for both Uber and our users." The article offers a longer biography of Kalanick, who dropped out of UCLA in 1998 to start a peer-to-peer music-sharing service named Scour. (The service eventually declared bankruptcy after being sued for $250 billion for alleged copyright infringement.) Desperately trying to save his next company, Kalanick "took the tax dollars from employee paychecks -- which are supposed to be withheld and sent to the Internal Revenue Service," according to the Times, "and reinvested the money into the start-up, even as friends and advisers warned him the action was potentially illegal." The money eventually reached the IRS as he "staved off bankruptcy for a second time by raising another round of funding." But the article ultimately argues that Kalanick's drive to win in life "has led to a pattern of risk-taking that has put his ride-hailing company on the brink of implosion."

Read more of this story at Slashdot.

카테고리:

Companies Are Paying Millions For White Hat Hacking

Slashdot - 3시간 11분 지남
White hat hackers "are in very high demand," says PwC's director of cyber investigation and breach response, in a New York Post article titled "Companies are paying millions to get hacked -- on purpose." An anonymous reader quotes their report: HackerOne, a San Francisco-based "vulnerability coordination and bug bounty platform," reports that it has some 800 corporate customers who paid out more than $15 million in bonuses to white-hat hackers since its founding in 2012. Most of that bounty was paid in the past two years, as companies have become more aware of their cyber vulnerabilities. Clients that have used the platform include General Motors, Uber, Twitter, Starbucks and even the US Department of Defense. Google paid $3 million last year through its own bounty program, according to HackerOne's CEO Marten Micko, who touts his company's "turn-key" solution -- a platform which now offers the services of 100,000 ethical (and vetted) hackers. "With a diverse group, all types of vulnerabilities can be found," Micko told TechRepublic. "This is a corollary to the 'given enough eyeballs' wisdom... they find them faster than other solutions, the hunting is ongoing and not happening at just one time, and the cost is a tenth of what it would be with other methods." And one of the platform's white hat hackers has already earned over $600,000 in just two years.

Read more of this story at Slashdot.

카테고리:

Startup Still Working On 'Immortal Avatars' That Will Live Forever

Slashdot - 4시간 11분 지남
Startup Eternime, founded by MIT fellow Marius Ursache, is still working on "immortal avatars" that, after your death, will continue interacting with your loves ones from beyond the grave. An anonymous reader quotes CNET: Give Eternime access to your social media profiles and the startup's algorithms will scrape your posts and interactions to build a profile... The algorithms will study your memories and mannerisms. They'll learn how to be "you"... Eternime was announced in 2014 after Ursache developed the idea during the MIT Entrepreneurship Development Program. He wasn't entirely sure if he should develop the project further and wanted to get a sense of public reaction. In the first four days, 3,000 people signed up at Eterni.me, the company's website, for a private beta. Then, Urasche received an email from a man dying of terminal cancer. "Eternime, he wrote, was the last chance to leave something behind for friends and family," Urasche told me. "That was the moment I decided that this was something worth dedicating my life to"... Since 2014, the Eternime website has largely been silent, although it continues to take names of people who want to test the service. Ursache says the Eternime team has been refining the product over the last two years, testing features, figuring out what will work and what won't. "The private beta test is ongoing," according to the article, "and Ursache says the feedback has been positive." But unfortunately, the service still isn't operational yet.

Read more of this story at Slashdot.

카테고리:

America's Most-Hated ISP Is Now Hated By Fewer People

Slashdot - 5시간 11분 지남
"Comcast's customer service may actually be improving," writes an Oregon newspaper. An anonymous reader quotes their report: In the second year of Comcast's broad customer service overhaul, complaints to Oregon cable regulators are down 25%. They've also declined 40% since 2014. Complaints are falling nationally, too, according to the highly regarded American Customer Satisfaction Index. Its most recent report showed a surge in Comcast subscriber satisfaction... Two years ago, Comcast made Oregon the test bed for its customer service push, responding both to disparaging headlines and the prospect of growing competition from other telecom companies and from streaming video services. The company is adding Apple-style retail stores around the metro area and introduced innovations to help consumers understand what they're paying for and when technicians will arrive for service calls. It's rolling out new tools nationally to help them improve their home Wi-Fi, and diagnosing problems before customers call to complain... For example, if several subscribers in the same neighborhood use the company's tool for testing internet speeds, that triggers an alert at Comcast to look for a problem in the local network. The company redesigned its bills to make it clearer what customers subscribe to, and what it costs, in hopes of reducing confusion and calls. And Comcast has a robust social media presence, fielding complaints on Twitter. The article points out that Comcast's satisfaction scores are still below-average for cable TV providers, "and well below the median among internet service providers. And that's a low bar -- the telecom sector is among the most complained about under ACSI's rankings." Their figures show that the only ISPs in America with a lower score for customer satisfaction are Cox Communications, Time Warner Cable, and MediaCom.

Read more of this story at Slashdot.

카테고리:

Flawed Online Tutorials Led To Vulnerabilities In Software

Slashdot - 6시간 11분 지남
An anonymous reader quotes Help Net Security: Researchers from several German universities have checked the PHP codebases of over 64,000 projects on GitHub, and found 117 vulnerabilities that they believe have been introduced through the use of code from popular but insufficiently reviewed tutorials. The researchers identified popular tutorials by inputting search terms such as "mysql tutorial", "php search form", "javascript echo user input", etc. into Google Search. The first five results for each query were then manually reviewed and evaluated for SQLi and XSS vulnerabilities by following the Open Web Application Security Project's Guidelines. This resulted in the discovery of 9 tutorials containing vulnerable code (6 with SQLi, 3 with XSS). The researchers then checked for the code in GitHub repositories, and concluded that "there is a substantial, if not causal, link between insecure tutorials and web application vulnerabilities." Their paper is titled "Leveraging Flawed Tutorials for Seeding Large-Scale Web Vulnerability Discovery."

Read more of this story at Slashdot.

카테고리:

CVE-2017-8074

Latest 7 days CVE Lists - 6시간 46분 지남
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.

CVE-2017-8075

Latest 7 days CVE Lists - 6시간 46분 지남
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.

CVE-2017-8076

Latest 7 days CVE Lists - 6시간 46분 지남
On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.

CVE-2017-8077

Latest 7 days CVE Lists - 6시간 46분 지남
On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt). This affects the 1.1.2 Build 20141017 Rel.50749 firmware.

CVE-2017-8078

Latest 7 days CVE Lists - 6시간 46분 지남
On the TP-Link TL-SG108E 1.0, the upgrade process can be requested remotely without authentication (httpupg.cgi with a parameter called cmd). This affects the 1.1.2 Build 20141017 Rel.50749 firmware.

'Detergent' Hydroxl Molecules May Affect Methane Levels In The Atmosphere

Slashdot - 7시간 16분 지남
An anonymous reader quotes Caltech's announcement about the results of a study funded by NASA and the Department of Energy: During the early 2000s, environmental scientists studying methane emissions noticed something unexpected: the global concentrations of atmospheric methane -- which had increased for decades, driven by methane emissions from fossil fuels and agriculture -- inexplicably leveled off. The methane levels remained stable for a few years, then started rising again in 2007... New modeling by researchers at Caltech and Harvard University suggests that methane emissions might not have increased dramatically in 2007 after all. Instead, the most likely explanation has less to do with methane emissions and more to do with changes in the availability of the hydroxyl radical, which breaks down methane in the atmosphere... If global levels of hydroxyl decrease, global methane concentrations will increase -- even if methane emissions remain constant, the researchers say... Tracking decadal trends in both methane and hydroxyl, Christian Frankenberg and his colleagues noted that fluctuations in hydroxyl concentrations correlated strongly with fluctuations in methane... "Think of the atmosphere like a kitchen sink with the faucet running," Frankenberg explains. "When the water level inside the sink rises, that can mean that you've opened up the faucet more. Or it can mean that the drain is blocking up. You have to look at both." So what's changing the level of hydroxl in the atmosphere? The researchers say they have no idea.

Read more of this story at Slashdot.

카테고리:

CVE-2016-2564

Latest 7 days CVE Lists - 7시간 46분 지남
Invision Power Services (IPS) Community Suite before 4.1.9 makes session hijack easier by relying on the PHP uniqid function without the more_entropy flag. Attackers can guess an Invision Power Board session cookie if they can predict the exact time of cookie generation.

CVE-2017-8073

Latest 7 days CVE Lists - 7시간 46분 지남
WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow.

Pioneering Researchers Track Sudden Learning 'Epiphanies'

Slashdot - 8시간 21분 지남
wisebabo quotes Science Daily: Until now, researchers had not had a good way to study how people actually experienced what is called "epiphany learning." In new research, scientists at The Ohio State University used eye-tracking and pupil dilation technology to see what happens as people figured out how to win a strategy game on a computer. "We could see our study participants figuring out the solution through their eye movements as they considered their options," said Ian Krajbich, co-author of the study and assistant professor of psychology and economics at Ohio State. "We could predict they were about to have an epiphany before they even knew it was coming." The original submission suggests, "This might be useful to determine when you are trying to teach a difficult subject to someone who you're afraid might be inclined to just nod their head. Or maybe this is how the Voight-Kampff test works. (Are you a replicant?)"

Read more of this story at Slashdot.

카테고리:

CIA, FBI Launch Manhunt For WikiLeaks Source

Slashdot - 일, 2017/04/23 - 11:19오후
An anonymous reader quotes CBS: CBS News has learned that a manhunt is underway for a traitor inside the Central Intelligence Agency. The CIA and FBI are conducting a joint investigation into one of the worst security breaches in CIA history, which exposed thousands of top-secret documents that described CIA tools used to penetrate smartphones, smart televisions and computer systems. Sources familiar with the investigation say it is looking for an insider -- either a CIA employee or contractor -- who had physical access to the material... Much of the material was classified and stored in a highly secure section of the intelligence agency, but sources say hundreds of people would have had access to the material. Investigators are going through those names. Homeland security expert Michael Greenberger told one CBS station that "My best guest is that when this is all said and done we're going to find out that this was done by a contractor, not by an employee of the CIA."

Read more of this story at Slashdot.

카테고리:

Slashdot Asks: What Was Your First Programming Language?

Slashdot - 일, 2017/04/23 - 8:14오후
This question was inspired by news that Stanford's computer science professor Eric Roberts will try JavaScript instead of Java in a new version of the college's introductory computer programming course. The Stanford Daily reports: When Roberts came to Stanford in 1990, CS106A was still taught in Pascal, a programming language he described as not "clean." The department adopted the C language in 1992. When Java came out in 1995, the computer science faculty was excited to transition to the new language. Roberts wrote the textbooks, worked with other faculty members to restructure the course and assignments and introduced Java at Stanford in 2002... "Java had stabilized," Roberts said. "It was clear that many universities were going in that direction. It's 2017 now, and Java is showing its age." According to Roberts, Java was intended early on as "the language of the Internet". But now, more than a decade after the transition to Java, Javascript has taken its place as a web language. In 2014 Python and Java were the two most commonly-taught languages at America's top universities, according to an analysis published by the Communications of the ACM. And Java still remains the most-commonly taught language in a university setting, according to a poll by the Special Interest Group on Computer Science Education. In a spreadsheet compiling the results, "Python appears 60 times, C++ 54 times, Java 84 times, and JavaScript 28 times," writes a computing professor at the Georgia Institute of Technology, adding "if Java is dying (or "showing its age"...) it's going out as the reigning champ." I'm guessing Slashdot's readers have their own opinions about this, so share your educational experiences in the comments. What was your first programming language?

Read more of this story at Slashdot.

카테고리:

Should Archive.org Ignore Robots.txt Directives And Cache <em>Everything</em>?

Slashdot - 일, 2017/04/23 - 5:09오후
Archive.org argues robots.txt files are geared toward search engines, and now plans instead to represent the web "as it really was, and is, from a user's perspective." We have also seen an upsurge of the use of robots.txt files to remove entire domains from search engines when they transition from a live web site into a parked domain, which has historically also removed the entire domain from view in the Wayback Machine... We receive inquiries and complaints on these "disappeared" sites almost daily." In response, Slashdot reader Lauren Weinstein writes: We can stipulate at the outset that the venerable Internet Archive and its associated systems like Wayback Machine have done a lot of good for many years -- for example by providing chronological archives of websites who have chosen to participate in their efforts. But now, it appears that the Internet Archive has joined the dark side of the Internet, by announcing that they will no longer honor the access control requests of any websites. He's wondering what will happen when "a flood of other players decide that they must emulate the Internet Archive's dismal reasoning to remain competitive," adding that if sys-admins start blocking spiders with web server configuration directives, other unrelated sites could become "collateral damage." But BoingBoing is calling it "an excellent decision... a splendid reminder that nothing published on the web is ever meaningfully private, and will always go on your permanent record." So what do Slashdot's readers think? Should Archive.org ignore robots.txt directives and cache everything?

Read more of this story at Slashdot.

카테고리:

CVE-2017-8061

Latest 7 days CVE Lists - 일, 2017/04/23 - 2:59오후
drivers/media/usb/dvb-usb/dvb-usb-firmware.c in the Linux kernel 4.9.x and 4.10.x before 4.10.7 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

CVE-2017-8062

Latest 7 days CVE Lists - 일, 2017/04/23 - 2:59오후
drivers/media/usb/dvb-usb/dw2102.c in the Linux kernel 4.9.x and 4.10.x before 4.10.4 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

페이지

KLDP 수집기 구독하기