Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Pwned Barbies Spying On Children? Toytalk CEO Downplays Hacking Reports ( 43

McGruber writes: Earlier this year Mattel unveiled "Hello Barbie," a $74.99 wi-fi equipped interactive doll. Users press a button on Barbie's belt to start a conversation and the recorded audio is processed over the internet so that the doll can respond appropriately. The doll also remembers the user's likes and dislikes.

Now Security Researcher Matt Jakubowski claims that he has managed to hack the Hello Barbie system to extract wi-fi network names, account IDs and MP3 files, which could be used to track down someone's home. "You can take that information and find out a person's house or business. It's just a matter of time until we are able to replace their servers with ours and have her say anything we want," Jakubowski warned. Mattel partnered with ToyTalk to develop "Hello Barbie." ToyTalk CEO Oren Jacob said: "An enthusiastic researcher has reported finding some device data and called that a hack. While the path that the researcher used to find that data is not obvious and not user-friendly, it is important to note that all that information was already directly available to Hello Barbie customers through the Hello Barbie Companion App. No user data, no Barbie content, and no major security or privacy protections have been compromised to our knowledge." A petition by the Campaign for a Commercial-Free Childhood asking Mattel to drop the doll has already been signed by over 6,000 people.

NOTE: The original reporting of this hack appears to have been this NBC-Chicago newscast.


The First Online Purchase Was a Sting CD (Or Possibly Weed) ( 48

tedlistens writes: On August 11, 1994, 21-year-old Dan Kohn, founder of a pioneering, online commerce site, made his first web sale. His customer, a friend of his in Philadelphia, spent $12.48, plus shipping costs on Sting's CD "Ten Summoner's Tales," in a transaction protected by PGP encryption. "Even if the N.S.A. was listening in, they couldn't get his credit card number," Kohn told a New York Times reporter in an article about NetMarket the following day. According to a new short video about the history of online shopping, there were a few precedents, including a weed deal between grad students on the ARPANET and a 74-year-old British grandmother who in 1984 used a Videotex—essentially a TV connected to telephone lines—to order margarine, eggs, and cornflakes.

LSD Microdosing Gaining Popularity For Silicon Valley Professionals ( 413

An anonymous reader writes: Rolling Stone reports that an unusual new trend is popping up around the offices of Silicon Valley companies: taking tiny doses of LSD or other psychedelic drugs to increase productivity. "A microdose is about a tenth of the normal dose – around 10 micrograms of LSD, or 0.2-0.5 grams of mushrooms." According to the article, the average user is a 20-something looking to improve their creativity and problem-solving skills. Some users report that the LSD alleviates other problems, like anxiety or cluster headaches. That said, it's important to note that such benefits are not supported by scientific research — yet.

Apple Looks To Introduce OLED Displays In iPhone Models From 2018 ( 217

An anonymous reader writes: Apple is expected to integrate organic light-emitting diode (OLED) display technology in its iPhone handsets from 2018. The Cupertino-based giant will jump from liquid crystal display (LCD), which has been used in iPhones since 2007, to OLED – turning to suppliers like LG Displays, according to Japanese reports. The switch follows the steps of other smartphone makers such as Samsung and LG, which have both already integrated OLED technology in their mobile device ranges.

Japanese Company Makes Low-Calorie Noodles Out of Wood 149

AmiMoJo writes: Omikenshi Co, an Osaka based cloth manufacturer best known for rayon, a fibre made from tree pulp, is expanding into the health food business. Using a similar process, Omikenshi is turning the indigestible cellulose into a pulp that's mixed with konjac, a yam-like plant grown in Japan. The resulting fibre-rich flour, which the company calls "cell-eat," contains no gluten, no fat and almost no carbohydrate. It has just 60 calories a kilogram, compared with 3,680 for wheat.
The Courts

Czech Judge Cuts Deal With Software Pirate: Get 200K YouTube Views Or Pay Huge Fine 93

An anonymous reader writes: A judge allowed a software pirate to make a anti-piracy PSA and get away from paying a $373,000 / €351,000 fine he owed Microsoft and other software manufacturers. The only condition was that his video should get over 200,000 views on YouTube. From the BBC's coverage of the trial's unusual outcome: [The defendant, known only as Jakub F] came to the out-of-court settlement with a host of firms whose software he pirated after being convicted by a Czech court. In return, they agreed not to sue him. ... The firms, which included Microsoft, HBO Europe, Sony Music and Twentieth Century Fox, estimated that the financial damage amounted to 5.7m Czech Crowns (£148,000). But the Business Software Alliance (BSA), which represented Microsoft, acknowledged that Jakub could not pay that sum. Instead, the companies said they would be happy to receive only a small payment and his co-operation in the production of the video. In order for the firms' promise not to sue to be valid, they said, the video would have to be viewed at least 200,000 times within two months of its publication this week. ... But, if the video did not reach the target, the spokesman said that — "in theory" — the firms would have grounds to bring a civil case for damages."

Pressure From Uber Forces London Taxis To Finally Accept Cards ( 113

An anonymous reader writes: Following a public consultation that compared the service unfavorably with Uber, London's 21,000 black cabs will finally accept card payment from October of 2016, with a possible option to pay via PayPal. London Mayor Boris Johnson continues to support and defend the legendarily expensive and iconic taxi service, saying 'This move will boost business for cabbies and bring the trade into the 21st century by enabling quicker and more convenient journeys for customers'. Most Londoners feel that the move should have been made in the 1980s, and the consultation report indicates that Uber's increasing share of London fares has forced the innovation.
Hardware Hacking

Raspberry Pi Unveils New $5 Mini-computer 225

An anonymous reader writes: The Raspberry Pi Foundation unveiled the Pi Zero, a new $5 mini-computer, Thursday morning. The board is the smallest Raspberry Pi yet, containing the first-gen Raspberry Pi's BCM2835 chip (safely overclocked to 1GHz) and 512MB RAM. The latest issue of The Magpi will include a free Raspberry Pi Zero and hits U.K. newsstands Thursday. The announcement came just a few days before the highly anticipated C.H.I.P. $9 mini-computer goes on sale to the public. puddingebola writes: How can they achieve this price, you may ask? "Its 40-pin GPIO header has identical pinouts, although the pads on the circuit board are "unpopulated," meaning you'll have to solder on your own connector. The same goes for the composite video output: The connection is available, but if you need a socket, you must solder it yourself." Dude, go to Radio Shack. Some relevant specs besides those mentioned above, from the blog post linked:
  • Micro-SD card slot
  • mini-HDMI socket for 1080p60 video output
  • Micro-USB sockets for data and power
  • Identical pinout to Model A+/B+/2B
  • An unpopulated composite video header
  • "Our smallest ever form factor, at 65mm x 30mm x 5mm"

New submitter graffitiwriter adds a note that the newest Pi has "already been turned into a retro gaming console. It turns out the Pi Zero is more than capable of running Retro Pie and other emulators, and even has a video output that lets you play games on an old CRT TV."


Japanese Rocket Launches Its First Commercial Satellite ( 29

schwit1 writes: Using its H-IIA rocket, upgraded to lower cost, Japan launched its first commercial payload today, putting Canada's Telestar 12V into geosynchronous orbit. UPI reports: "Japan's Aerospace Exploration Agency said the H-IIA rocket was upgraded for the launch, permitting the satellite to stay closer to its geostationary orbit. Tokyo's Chief Cabinet Secretary Yoshihide Suga said he hoped the launch would exhibit the quality of Japan's rocket engineering, and that the successful launch would result in more orders from other global corporations. Following the launch, Mitsubishi Heavy Industries vice president Naohiko Abe said the firm plans to actively promote the H-IIA for satellite launches."

Why Car Salesmen Don't Want To Sell Electric Cars 470 writes: Matt Richtel writes in the NYT that one big reason there are only about 330,000 electric vehicles on the road is that car dealers show little enthusiasm for putting consumers into electric cars. Industry insiders say that electric vehicles do not offer dealers the same profits as gas-powered cars, they take more time to sell because of the explaining required, and electric vehicles may require less maintenance, undermining the biggest source of dealer profits — their service departments. Some electric car buyers have said they felt as if they were the ones doing the selling. Chelsea Dell made an appointment to test-drive a used Volt but when she arrived, she said, a salesman told her that the car hadn't been washed, and that he had instead readied a less expensive, gas-powered car. "I was ready to pull the trigger, and they were trying to muscle me into a Chevy Sonic," says Dell. "The thing I was baffled at was that the Volt was a lot more expensive." Marc Deutsch, Nissan's business development manager for electric vehicles says some salespeople just can't rationalize the time it takes to sell the cars. A salesperson "can sell two gas burners in less than it takes to sell a Leaf," Deutsch says. "It's a lot of work for a little pay."

Jared Allen says that service is crucial to dealer profits and that dealers didn't want to push consumers into electric cars that might make them less inclined to return for service. Maybe that helps explains the experience of Robert Kast, who last year leased a Volkswagen e-Golf from a local dealer. He said the salesman offered him a $15-per-month maintenance package that included service for oil changes, belt repair and water pumps. "I said: 'You know it doesn't have any of those things,'" Mr. Kast recalled. He said the salesman excused himself to go confirm this with his manager. Of the whole experience, Mr. Kast, 61, said: "I knew a whole lot more about the car than anyone in the building." "Until selling a plug-in electric car is as quick and easy as selling any other vehicle that nets the dealer the same profit, many dealers will avoid them, for very logical and understandable reasons," says John Voelker. "That means that the appropriate question should be directed to makers of electric cars: What are you doing to make selling electric cars as profitable and painless for your dealers as selling gasoline or diesel vehicles?"

How Black Friday and Cyber Monday Are Losing Their Meaning ( 137 writes: Brad Tuttle reports at Money Magazine that while the terms "Black Friday" and "Cyber Monday" are more ubiquitous than ever, the importance of the can't-miss shopping days is undeniably fading. Retailers seem to want it both ways: They want shoppers to spend money long before these key shopping events, and yet they also want shoppers to turn out in full force to make purchases over the epic Black Friday weekend. When they use the "Cheap Stuff!" card day after day and week after week, the deals on any single day stop seeming special. Add to that the trend of manufacturers creating stripped-down versions of their electronics to sell on Black Friday, and consumers have less reason than ever to flood retail stores.

The true story behind Black Friday is not as sunny as retailers might have you believe. Back in the 1950s, police in the city of Philadelphia used the term to describe the chaos that ensued on the day after Thanksgiving, when hordes of suburban shoppers and tourists flooded into the city in advance of the big Army-Navy football game held on that Saturday every year. Shoplifters would also take advantage of the bedlam in stores to make off with merchandise, adding to the law enforcement headache. Sometime in the late 1980s, however, retailers found a way to reinvent Black Friday and turn it into something that reflected positively, rather than negatively, on them and their customers. The result was the "red to black" concept of the holiday mentioned earlier, and the notion that the day after Thanksgiving marked the occasion when America's stores finally turned a profit.


Microsoft Blames Layoffs For Drop In Female Employees ( 179

itwbennett writes: This year, women made up 26.8 percent of Microsoft's total workforce, down from 29 percent in 2014, the company reported Monday. In a blog post discussing the numbers, Gwen Houston, Microsoft's general manager of diversity and inclusion, pointed the finger at the thousands of layoffs the company made to restructure its phone hardware business: 'The workforce reductions resulting from the restructure of our phone hardware business ... impacted factory and production facilities outside the U.S. that produce handsets and hardware, and a higher percentage of those jobs were held by women,' she said.

With $160 Billion Merger, Pfizer Moves To Ireland and Dodges Taxes ( 364

ourlovecanlastforeve writes: In a $160 billion dollar acquisition, drug company Allergan, a small company based in Ireland, "purchased" Pfizer, allowing the drug producing giant to move to Ireland and lower its tax rate from about 25 percent to 17-18 percent. Ars reports: "Such inversions, which are said to cost the American government billions in lost tax revenue, have drawn scorn from the Obama Administration and the Treasury Department. Last year, President Obama referred to the deals as 'unpatriotic' loopholes and proposed to close them. And last week, the Treasury announced new rules to make such deals more difficult. But Pfizer’s reverse-inversion skirts the rules, in part by keeping ownership split somewhat evenly between the two companies. After the deal is complete, current shareholders of Allergan, which has the majority of its operations in the US, will own 44 percent of the mega company. The remaining 56 percent will be owned by current Pfizer shareholders."

Can Full-Time Tech Workers Survive the Gig Economy? ( 169

Nerval's Lobster writes: By some measures, more than 40 percent of U.S. workers will be independent in 2020. Today, that number stands at 34 percent, according to the Freelancer's Union. By all accounts, the trend seems widespread enough to indicate that tech pros should prepare themselves for the dynamics of a world that depends more on contingent work. The question isn't whether the tech world will see an increasing prevalence of 'gigs,' rather than full-time positions; it's whether those in full-time positions can easily keep their jobs when there's pressure to farm it out cheaply and easily to freelancers. Or will the need for people who can see projects through the long term prevent the 'gig economy' from radically changing the tech industry?

Dell Accused of Installing 'Superfish-Like' Rogue Certificates On Laptops ( 92

Mickeycaskill writes: Dell has been accused of pre-installing rogue self-signing root certificate authentications on its laptops. A number of users discovered the 'eDellRoot' certificate on their machines and say it leaves their machines, and any others with the certificate, open to attack. "Anyone possessing the private key which is on my computer is capable of minting certificates for any site, for any purpose and the computer will programmatically and falsely conclude the issued certificate to be valid," said Joe Nord, a Citrix product manager who found the certificate on his laptop. It is unclear whether it is Dell or a third party installing the certificate, but the episode is similar to the 'Superfish' incident in which Lenovo was found to have installed malware to inject ads onto users' computers.

What the Sony Hack Looked Like To Employees ( 51

An anonymous reader writes: The cyber attack on Sony was one of the highest profile hacks in the past several years. Slate tracked down two dozen people who worked there at the time, and asked them what it was like on the inside while it was happening. Quoting: "The telephone directory vanished. Voicemail was offline. Computers became bricks. Internet access on the lot was shuttered. The cafeteria went cash-only. Contracts—and the templates those contracts were based on—disappeared. Sony's online database of stock footage was unsearchable. It was near impossible for Sony to communicate directly with its employees—much less ex-employees, who were also gravely affected by the hack—to inform them of what was even happening and what to do about it. 'It was like moving back into an earlier time,' one employee says." Some employees had their workloads doubled, some had nothing to do. While the hack brought the company together at the beginning, it eventually descended into recriminations and lawsuits.

Nearly 35,000 Comment On New Federal STEM OPT Extension Rule ( 55

theodp writes: Computerworld reports that the comments are in on the Department of Homeland Security's new proposed rule to extend OPT for international STEM students from 29 months to at least 36 months. The majority of the comments received by DHS support extending the program, CW notes, which is probably not surprising. Rather than choosing to "avoid the appearance of improper influence" by declining to respond to a "We the People" petition protesting a pending U.S. Federal judge's ruling that threatens to eliminate OPT STEM extensions altogether in February, the White House informed the 100k petition signers that they had the President's support, and pointed to the comment site for the proposed DHS OPT STEM rule workaround. Like the "We the People" petitioners, it's unclear whether the DHS commenters might represent corporate, university, and/or student interests, although a word cloud of the top 100 names of commenters (which accounted for 17,000+ comments) hints that international students are well-represented. By the way, in rejecting the 'emergency changes' that were enacted by DHS in 2008 to extend OPT for STEM students without public comment, Judge Ellen Huvelle said, "the 17-month duration of the STEM extension appears to have been adopted directly from the unanimous suggestions by Microsoft and similar industry groups."

CIOs Spend a Third of Their Time On Security ( 110

StewBeans writes: Much has been discussed about the potential security risks of an Internet of Things future in which billions of devices and machines are all talking to each other automatically. But the IoT market is exploding at a breakneck pace, leaving all companies scrambling to figure out the security piece of the puzzle now, before it's too late. In fact, some experts believe this issue will be what separates the winners from the losers, as security concerns either stop companies from getting into the IoT market, or delay existing IoT projects and leave the door open to swifter competition. That's likely why, according to CIO Magazine's annual survey, CIOs are spending a third of their time on security. Adam Dennison from CIO said, "If IT leaders want to embrace the sexy, new technologies they are hearing about today—the SMAC stack, third platform, Internet of Things, etc—security is going to be upfront and at the center of the discussion."

The History of SQL Injection, the Hack That Will Never Go Away ( 193

An anonymous reader writes with this history of SQL injection attacks. From the Motherboard article: "SQL injection (SQLi) is where hackers typically enter malicious commands into forms on a website to make it churn out juicy bits of data. It's been used to steal the personal details of World Health Organization employees, grab data from the Wall Street Journal, and hit the sites of US federal agencies. 'It's the most easy way to hack,' the pseudonymous hacker w0rm, who was responsible for the Wall Street Journal hack, told Motherboard. The attack took only a 'few hours.' But, for all its simplicity, as well as its effectiveness at siphoning the digital innards of corporations and governments alike, SQLi is relatively easy to defend against. So why, in 2015, is SQLi still leading to some of the biggest breaches around?"

Amazon Screenplay-Writing Software Submits Work To Amazon Studios ( 33

An anonymous reader writes: Amazon has released new screenplay-writing software aimed to help connect new writing talent to its original content production company, Amazon Studios. Storywriter contains many of the autoformatting tools familiar to users of similar software such as Final Draft and Celtx, but no other screenwriting tool can claim to actually send unknown writers' output to potentially interested producers.