Businesses

Silicon Valley Thinks It Invented Roommates. They Call It 'Co-living' (theguardian.com) 285

An anonymous reader shares a report: Have you heard of this cool new trend called co-living? It's a bit like co-working, except instead of sharing an office with a bunch of randoms you share a home with a bunch of randoms. Oh, you might be thinking, is it like ye olde concept of "roommates"? Why, yes. Yes it is. As a viral tweet pointed out earlier this week, "co-living", which has inspired a spate of trend-pieces in recent months, is actually "called *roommates* ... you invented ***roommates***." Now, to be fair, co-living isn't just living with a bunch of roommates. No, it's rich millennials living with a bunch of roommates in a fancy building in a recently gentrified part of town. The co-living space is also full of cool amenities like yoga classes and micro-brew coffee bars, meaning you can minimise unnecessary interactions with the outside world. In startup speak, this is what is called "community." The Collective, for example, a co-working space in London, describes co-living as "a way of living focused on a genuine sense of community, using shared spaces and facilities to create a more convenient and fulfilling lifestyle."
Twitter

Jack Dorsey Responds To Serial Killer Who Found His Victims Through Suicidal Twitter Posts (nhk.or.jp) 68

AmiMoJo shares a report from NHK WORLD: Twitter's CEO is reacting to a grisly case in Japan where a suspected serial killer allegedly found his victims through their suicidal posts on the social media platform. In an interview with NHK, Jack Dorsey said it is unrealistic and impossible to remove suicidal tweets. But he said he hoped Twitter could become a tool for prevention. Last month, the dismembered bodies of 9 people were found in 27-year-old Takahiro Shiraishi's apartment near Tokyo. Police say he admitted to the killings. They believe he preyed on people who posted about wanting to kill themselves on Twitter. Recently, Twitter updated its rules regarding posts about self-harm: "You may not promote or encourage suicide or self-harm. When we receive reports that a person is threatening suicide or self-harm, we may take a number of steps to assist them, such as reaching out to that person and providing resources such as contact information for our mental health partners."
Twitter

Twitter Bans, Removes Verified Status of White Supremacists (thedailybeast.com) 679

After updating the rules of its verification program on Wednesday, Twitter has begun banning and removing verified check marks from white supremacist accounts. For example, white supremacists Richard Spencer and Charlottesville "Unite The Right" protest creator Jason Kessler had their verified statuses revoked today. The Daily Beast reports: The verified check mark was meant to denote "that an account of public interest is authentic," the company said in a series of tweets on Wednesday, but that "verification has long been perceived as an endorsement." "This perception became worse when we opened up verification for public submissions and verified people who we in no way endorse," a company spokesperson tweeted. Users can now lose their blue checkmarks for "inciting or engaging in harassment of others," "promoting hate and/or violence against, or directly attacking or threatening other people on the basis of race, ethnicity, national origin, sexual orientation, gender, gender identity, religious affiliation, age, disability, or disease," supporting people who promote those ideas, and a slew of other reasons.
Security

Forbes '30 Under 30' Conference Website Exposed Attendees' Personal Information (vice.com) 12

An anonymous reader shares a Motherboard report: Every year, Forbes' 30 Under 30 list recognizes people blessed with both youth and exceptional talent in their field -- including celebrities, startup founders, doctors, and artists. These are smart, savvy professionals -- and when some of them include information security pros, they're bound to go poking around for vulnerabilities. That's what Yan Zhu, a privacy engineer who made the 2015 list, was doing when she found a gaping privacy hole in the way Forbes handles recipients' personal information. Once you make the list, Yan told me in a Twitter direct message, Forbes asks you to register for its annual Under 30 Summit conference. "They send you a link for conference registration, but it's not tied to your email address," she said. "So you can literally enter anyone's email address who is also a 30 Under 30 member and it shows you their personal info." That information carries over into all future years, she said.
Android

UC Browser Mobile App Disappears From Google Play Store (medianama.com) 33

UC Browser, a popular mobile web browser owned by China's Alibaba Group, has mysteriously disappeared from the Google Play Store. The app was pulled from the Google Play Store on November 12, according to data from app analytics firm App Annie. Several users began inquiring about the app's whereabouts earlier this week on Reddit. It was not immediately clear why UC Browser had been pulled from Android's marquee app store. According to Twitter user Mike Ross, who claims to be a developer at Alibaba Group, Google pulled UC Browser from its store due to "misleading" and "unhealthy" promotional tactics used by the company to increase the install count of its app. UC Browser is still available to download on Apple's App Store, Amazon's Android store, and through company's official website. UC Browser Mini, a light version of the company's browser is notably still listed on Google Play. Though UC Browser is not a household name in the Western markets, the Alibaba's app is incredibly popular in markets such as India. It has been among the top six most downloaded apps from Google Play in India for the last two years, venture capitalist Mary Meeker noted in her yearly internet report in May this year. As of July, UC Browser had been installed more than 100 million times worldwide from Google Play Store.
Earth

More Than 15,000 Scientists From 184 Countries Issue 'Warning To Humanity' (www.cbc.ca) 405

An anonymous reader quotes a report from CBC.ca: More than 15,000 scientists around the world have issued a global warning: there needs to be change in order to save Earth. It comes 25 years after the first notice in 1992 when a mere 1,500 scientists issued a similar warning. This new cautioning -- which gained popularity on Twitter with #ScientistsWarningToHumanity -- garnered more than 15,000 signatures. William Ripple of Oregon State University's College of Forestry, who started the campaign, said that he came across the 1992 warning last February, and noticed that this year happened to mark the 25th anniversary. Together with his graduate student, Christopher Wolf, he decided to revisit the concerns raised then, and collect global data for different variables to show trends over the past 25 years. Ripple found: A decline in freshwater availability; Unsustainable marine fisheries; Ocean dead zones; Forest losses; Dwindling biodiversity; Climate change; Population growth. There was one positive outcome, however: a rapid decline in ozone depletion. One of the potential solutions is to stabilize the population. If we reduce family size, consumption patterns don't rise as much. And that can be done by empowering girls and women, providing sexual education and education on family planning.
Businesses

Payphones Still Make Millions of Dollars (vice.com) 142

From a report on Motherboard: Disruption-y tech companies like Uber and Twitter are a big part of "the discourse" and our daily lives, but neither of them make any profit. You know what once-groundbreaking technology doesn't have any problems making bank year after year? That's right, it's payphones. Most people now have a cell phone, so you may have wondered who still uses those rusted, quarter-eating boxes. As it turns out, a lot of people do. According to the Canadian Radio-television and Telecommunications Commission's 2017 monitoring report, payphones in Canada made $22 million CAD in 2016 (this figure may not account for the cost of upkeep, but the CRTC has stated in the past that payphones are "financially viable at current rates.") That's spread out among nearly 60,000 payphones in the country, which made roughly $300 per phone over the course of the year. That's at least a few calls per day, each. The US numbers are similar: The FCC reports that in 2015 payphones made $286 million, which is comparable for a population ten times the size of Canada's.
Open Source

What Happens to Open Source Code After Its Developer Dies? (wired.com) 78

An anonymous reader writes: The late Jim Weirich "was a seminal member of the western world's Ruby community," according to Ruby developer Justin Searls, who at the age of 30 took over Weirich's tools (which are used by huge sites like Hulu, Kickstarter, and Twitter). Soon Searls made a will and a succession plan for his own open-source projects. Wired calls succession "a growing concern in the open-source software community," noting developers have another option: transferring their copyrights to an open source group (for example, the Apache Foundation).

Most package-management systems have "at least an ad-hoc process for transferring control over a library," according to Wired, but they also note that "that usually depends on someone noticing that a project has been orphaned and then volunteering to adopt it." Evan Phoenix of the Ruby Gems project acknowledges that "We don't have an official policy mostly because it hasn't come up all that often. We do have an adviser council that is used to decide these types of things case by case." Searls suggests GitHub and package managers like Ruby Gems add a "dead man's switch" to their platform, which would allow programmers to automatically transfer ownership of a project or an account to someone else if the creator doesn't log in or make changes after a set period of time.

Wired also spoke to Michael Droettboom, who took over the Python library Matplotlib after John Hunter died in 2012. He points out that "Sometimes there are parts of the code that only one person understands," stressing the need for developers to also understand the code they're inheriting.
Android

CopperheadOS Fights Unlicensed Installations On Nexus Phones (xda-developers.com) 96

An anonymous reader writes: Earlier this week security-hardened Android build CopperheadOS temporarily blocked Nexus updates on its servers after finding out that other companies have been flashing the ROM onto Nexus phones and selling them commercially in violation of the CopperheadOS licensing terms. The incident highlights an inherent problem in getting open source to be used by the masses: the difficulty of organizations being able to build and monetize a successful, long-term open source business model...
"We've enabled over-the-air updates again," CopperheadOS tweeted Saturday, "to avoid impacting our remaining customers on Nexus devices and other legitimate users. However, downloads on the site will no longer be available and we'll be making changes to the update client for Nexus devices."

In an earlier series of tweets, they explained it's an ongoing issue. "It's not okay to disrespect our non-commercial licensing terms for those official builds by flashing and selling it on hundreds of phones... This is why we've been unable to sell access to Pixel images. There are people that are going to buy those and flash + sell devices in direct competition with us in violation of the licensing terms. Needing to deal with so many people acting in bad faith makes this difficult.

"It's not permitted for our official Nexus builds and yet that's what's happening. We do all of the development, testing, release engineering and we provide the infrastructure, and then competitors sell far more devices than us in violation of our licensing terms. Ridiculous."
Bug

Researchers Run Unsigned Code on Intel ME By Exploiting USB Ports (thenextweb.com) 171

Slashdot user bongey writes: A pair of security researchers in Russia are claiming to have compromised the Intel Management Engine just using one of the computer's USB ports. The researchers gained access to a fully functional JTAG connection to Intel CSME via USB DCI. The claim is different from previous USB DCI JTAG examples from earlier this year. Full JTAG access to the ME would allow making permanent hidden changes to the machine.
"Getting into and hijacking the Management Engine means you can take full control of a box," reports the Register, "underneath and out of sight of whatever OS, hypervisor or antivirus is installed."

They add that "This powerful God-mode technology is barely documented," while The Next Web points out that USB ports are "a common attack vector."
Facebook

This Time, Facebook Is Sharing Its Employees' Data (fastcompany.com) 45

tedlistens writes from a report via Fast Company: "Facebook routinely shares the sensitive income and employment data of its U.S.-based employees with the Work Number database, owned by Equifax Workforce Solutions," reports Fast Company. "Every week, Facebook provides an electronic data feed of its employees' hourly work and wage information to Equifax Workforce Solutions, formerly known as TALX, a St. Louis-based unit of Equifax, Inc. The Work Number database is managed separately from the Equifax credit bureau database that suffered a breach exposing the data of more than 143 million Americans, but it contains another cache of extensive personal information about Facebook's employees, including their date of birth, social security number, job title, salary, pay raises or decreases, tenure, number of hours worked per week, wages by pay period, healthcare insurance coverage, dental care insurance coverage, and unemployment claim records."

Surprisingly, Facebook is among friends. Every payroll period, Amazon, Microsoft, and Oracle provide an electronic feed of their employees' hourly work and wage information to Equifax. So do Wal-Mart, Twitter, AT&T, Harvard Law School, and the Commonwealth of Pennsylvania. Even Edward Snowden's former employer, the sometimes secretive N.S.A. contractor Booz Allen Hamilton, sends salary and other personal data about its employees to the Equifax Work Number database. It now contains over 296 million employment records for employees at all wage levels, from CEOs to interns. The database helps streamline various processes for employers and even federal government agencies, says Equifax. But databases like the Work Number also come with considerable risks. As consumer journalist Bob Sullivan puts it, Equifax, "with the aid of thousands of human resource departments around the country, has assembled what may be the most powerful and thorough private database of Americans' personal information ever created." On October 8, a month after Equifax announced its giant data breach, security expert Brian Krebs uncovered a gaping hole in the separate Work Number online consumer application portal, which allowed anyone to view a person's salary and employment history "using little more than someone's Social Security number and date of birth -- both data elements that were stolen in the recent breach at Equifax."

Google

Alphabet's Project Loon Delivers Internet To 100,000 People In Puerto Rico (engadget.com) 34

Google announced that its Project Loon internet balloons have delivered internet service to over 100,000 Puerto Ricans who were knocked offline by Hurricane Maria. Engadget reports: It's not a total success, which isn't to be expected after Puerto Ricans' communications infrastructure suffered so much damage. But the team was able to work with AT&T and T-Mobile to get "communication and internet activities like sending text messages and accessing information online for some people with LTE enabled phones," head of Project Loon Alastair Westgarth wrote in a blog post. The team launched their balloons from Nevada and used machine learning algorithms to direct them over Puerto Rico, where they've been relaying internet from working ground networks over to users in unconnected areas. In the post, Westgarth noted that Project Loon has never fired up internet from scratch this rapidly, and will improve their ability to keep balloons in place (and deliver sustained connectivity) as they become familiar with the air currents.
Twitter

Twitter Officially Expands Its Character Count To 280 Starting Today (techcrunch.com) 98

Twitter is rolling out an update around the world to allow users to post 280-character tweets. The company first announced the controversial plan to move beyond its traditional 140 characters back in September, noting at the time how a longer character count allowed users to express more of their thoughts without running out of room to tweet. TechCrunch reports: At the time of its original announcement, the company cited data backing up its decision that referenced how the character constraints impacted users differently, depending on their language. Twitter said that those who tweeted in languages like Japanese, Korean and Chinese were able to express around double the amount of information in a single character, compared with users who spoke English, Spanish, Portuguese or French, for example. In today's blog post about the public launch of 280 characters, Twitter aims to assuage people's fears that their timelines will fill with expanded tweets. The company said that during the trial period, people continued to tweet below 140 characters most of the time -- after the novelty of being able to use more characters wore off. Specifically, Twitter found that only 5 percent of tweets were sent out with more than 140 characters and of those, only 2 percent were over 190 characters.
Twitter

Twitter Exploit Let Two Pranksters Post 30,000-Character Tweet (engadget.com) 65

sqorbit writes: Two German twitter users were able to post a 30,000-character tweet, blowing way past the 280-character limit it is testing for select users. The accounts were banned for a brief period of time but are now back online after they apologized. The original 30,396-character tweet has been archived and can be viewed here. The two pranksters exploited "a rule Twitter made in 2016 that links would no longer count in the 140-character limit," reports The Daily Dot. "Yes, this is just one big web address with a URL code hidden deep in the large block of text."
The Internet

Comcast's Xfinity Internet Service Is Down Across the US [Update] (theverge.com) 104

Readers share a report: Comcast's internet service, Xfinity, appears to be suffering an outage across the country. DownDetector.com shows it being down around the United States, including in large cities like San Francisco, Los Angeles, and Boston. So far, online reports don't suggest that TV service or home phones are affected. On Twitter, Comcast confirmed the outage. Adding, "Some customers are having issues with their XFINITY Internet service. We apologize & appreciate your patience while we work to fix." The company tweeted moments ago, "Our teams continue to monitor an external network issue. We apologize for the inconvenience -- will provide updates as we learn more." In another tweet, Comcast said the issue is nationwide.

Update: At 20:39 GMT on Monday, Comcast said it had resolved the issue.
Censorship

Afghanistan Clarifies It Will Not Block WhatsApp, Telegram (reuters.com) 18

The Afghan government will not block the instant messaging services WhatsApp and Telegram, a spokesman told news agency Reuters on Monday, following days of controversy after reports the services would be suspended. From a report: "Government of Afghanistan isn't going to ban any social media platforms. WhatsApp and Telegram to continue operating in Afghanistan," Javid Faisal, deputy spokesman to government Chief Executive Abdullah Abdullah wrote on Twitter. The row over instant messaging services began after a letter from Afghanistan's telecoms regulator to Internet service providers telling them to block the services "without delay" was circulated on social media platforms last week.
Government

'Panama Papers' Group Strikes Again with 'Paradise Papers' (theguardian.com) 402

Long-time Slashdot reader Freshly Exhumed tipped us off to a new document leak that's just revealed massive tax havens used by the world's most wealthy and powerful people. An anonymous reader quotes the Guardian: The material, which has come from two offshore service providers and the company registries of 19 tax havens, was obtained by the German newspaper Suddeutsche Zeitung and shared by the International Consortium of Investigative Journalists with partners including the Guardian, the BBC and the New York Times. The project has been called the Paradise Papers.
It's the same group responsible for the Panama Papers, and the Guardian reports that in these 13.4 million new files, journalists have discovered:
  • "Aggressive tax avoidance by multinational corporations, including Nike and Apple."

"The publication of this investigation, for which more than 380 journalists have spent a year combing through data that stretches back 70 years, comes at a time of growing global income inequality," reports the Guardian. "Meanwhile, multinational companies are shifting a growing share of profits offshore -- €600 billion in the last year alone -- the leading economist Gabriel Zucman will reveal in a study to be published later this week. "Tax havens are one of the key engines of the rise in global inequality," he said."


Bug

An iOS 11.1 Glitch Is Replacing Vowels (mashable.com) 119

An anonymous reader quotes Mashable: We became privy to a new iPhone keyboard glitch after a few Mashable staffers recently started having issues with their iPhone keyboards, specifically with vowels. The issue started when iOS 11's predictive text feature began to display an odd character in the place of the letter "I," offering up "A[?] instead and autocorrecting within the message field...The bug was also covered by MacRumors, but it appears that my colleagues have even more issues than just the letter "I." One reported that they were also seeing the glitch with the letters "U" and "O" as well, making the problem strictly restricted to vowels. They also said the letters showed up oddly in iMessage on Mac devices, and shared some more screenshots of what the glitch looks like when they went through with sending a message. The glitch wasn't just limited to iMessage, however. My colleagues shared screenshots of their increasingly futile attempts to type out messages on Facebook Messenger...and Twitter.
Apple seems to be acknowledging that the iOS 11.1 glitch may affect iPhones, iPads, and iPod Touches. "Here's what you can do to work around the issue until it's fixed by a future software update," Apple posted on a support page, advising readers to "Try setting up Text Replacement for the letter 'i'."
Social Networks

9.6% of Facebook's Users 'May Be Fakes' (nytimes.com) 96

An anonymous reader quotes the New York Times: Facebook estimates that about 200 million of its more than 2.07 billion users may be fakes... [Non-paywalled article here.] Colin Stretch, the general counsel of Facebook, told the Senate Intelligence Committee the company was doubling its review staff to 20,000 and using artificial intelligence to find more "bad actors"... Sean Edgett, Twitter's general counsel, testified before Congress that about 5 percent of its 330 million users are "false accounts or spam," which would add up to more than 16 million fakes.

Independent experts say the real numbers are far higher. On Twitter, little more than an email address is needed to start tweeting. Facebook's requirement that users be their authentic selves means the company asks for a smattering of information to sign up -- name, birthday, gender and email address. But few checks exist to verify if that information is true when a user signs up.

The Courts

Advice To Twitter Worker Who Deactivated Trump's Account: 'Get A Lawyer' (thehill.com) 271

An anonymous reader quotes The Hill: A prominent attorney for cybersecurity issues has this advice to the unnamed Twitter worker said to have pulled the plug on President Trump's Twitter account: "Don't say anything and get a lawyer." Tor Ekeland told The Hill that while the facts of the case are still unclear and the primary law used to prosecute hackers is murky and unevenly applied, there is a reasonable chance the Twitter worker violated the Computer Fraud and Abuse Act...widely considered to be, as Ekeland explained it, "a mess." Various courts around the country have come up with seemingly contradictory rulings on what unauthorized access actually means. Ekeland said the Ninth Circuit, covering the state of California, has itself issued rulings at odds with itself that would have an impact on the Trump Twitter account fiasco as a potential case. The Ninth Circuit ruled that employees do not violate the law if they exceed their workplace computer policies. It has also ruled that employees who have been told they do not have permission to access a system cannot legally access it. Depending on which ruling a court leans on the hardest, a current Twitter employee without permission to shutter accounts may have violated the law by nixing Trump's account.
Ekeland points out that just $5,000 worth of damage could carry a 10-year prison sentence.

Friday the New York Times also reported that the worker responsible wasn't even a Twitter employee, but a hired contractor, adding that "nearly every" major tech company uses contractors for non-technical positions, including Google, Apple, and Facebook.

Slashdot Top Deals