Slashdot

Two Android applications belonging to Chinese tech giant Baidu were removed from the official Google Play Store at the end of October after they were caught collecting sensitive user details. From a report: The two apps -- Baidu Maps and Baidu Search Box -- were removed after Google received a report from US cyber-security firm Palo Alto Networks. Both apps had more than 6 million downloads combined before being removed. According to the US security firm, the two apps contained code that collected information about each user's phone model, MAC address, carrier information, and IMSI (International Mobile Subscriber Identity) number. The data collection code was found in the Baidu Push SDK, used to show real-time notifications inside both apps. Palo Alto Networks security researchers Stefan Achleitner and Chengcheng Xu, who identified the data collection code, said that while some of the collected information is "rather harmless," some data like the IMSI code "can be used to uniquely identify and track a user, even if that user switches to a different phone." The research team said that while the collection of personal user details is not specifically forbidden by Google's policy for Android apps after they reported the issue to Google, the Play Store security team confirmed their findings and "identified [additional] unspecified violations" in the two Baidu apps, which eventually led to the two apps being removed from the official store on October 28.

Read more of this story at Slashdot.

Intel has pulled the plug on one of its most ambitious AR/VR projects to date: The company quietly shut down Intel Studios, a 10,000-square-foot volumetric capture stage in Los Angeles, last month. The facility had been heralded as the world's largest capture stage of its kind, and was used to record music videos for Reggie Watts and K-pop band NCT 127, among others. From a report: Intel confirmed the closure in a statement sent to Protocol: "We're proud of the impact Intel Studios has made in the industry and its role in growing the immersive entertainment category. Although we are closing Intel Studios due to business conditions, we look forward to where the entertainment industry moves in the future." The chipmaker opened its Intel Studios facility in early 2018. At the center of the facility was a massive dome-shaped green-screen stage with more than 100 8K cameras, capable of recording the action from all angles. The resulting visual data could be used to create 3D holograms for AR experiences, as well as immersive 3D VR videos.

Read more of this story at Slashdot.

thomst writes: Variety is reporting that uber-champion Ken Jennings will be the first of a series of guest hosts to substitute for the late, great Alex Trebek on trivia-maven game show Jeopardy! Executive Producer Mike Richards revealed that, when production resumes on November 30, Jennings will be the first of a series of guest hosts of the program, as the show begins its search for a permanent replacement for the much-beloved Trebek. Odds are good that the "beauty pageant"-style guest host format will, in effect, be a series of auditions for the permanent position. Jennings, who is legendary for the number of games he won as a regular contestant, as well as for triumphing over fellow Tournament of Champions contestants, IBM's Deep Blue expert system, and two other "winning-est" players to be crowned Greatest of All Time, has hosted trivia game shows in the past, and has made no secret of his desire to take the Trebek's job full-time. As the saying goes, "Stay tuned for more on this story!"

Read more of this story at Slashdot.

New submitter SirKveldulv shares a report from Nikkei Asia: Livestreaming platforms now must limit the amount of money a user can give hosts as a tip. Users must register their real names to buy the virtual gifts, in addition to the ban on teens giving such gifts. The [National Radio and Television Administration, China's media watchdog] also asked the platforms to strengthen training for employees who screen content and encouraged the companies to hire more censors, who also will need to register with regulators. The media regulator will create a blacklist of hosts who frequently violate the rules, and ban them from hosting livestreaming programs on any platform. "The livestreaming platforms should prioritize social benefits and spread the positive energy," the notification said. The administration also asked the platforms to strengthen training for employees who screen content and encouraged the companies to hire more censors, who also will need to register with regulators. The media regulator will create a blacklist of hosts who frequently violate the rules, and ban them from hosting livestreaming programs on any platform. "The livestreaming platforms should prioritize social benefits and spread the positive energy," the notification said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: OneWeb has emerged from Chapter 11 bankruptcy under new ownership and says it will begin launching more broadband satellites next month. Similar to SpaceX Starlink, OneWeb is building a network of low-Earth orbit (LEO) satellites that can provide high-speed broadband with much lower latencies than traditional geostationary satellites. After a launch in December, "launches will continue throughout 2021 and 2022 and OneWeb is now on track to begin commercial connectivity services to the UK and the Arctic region in late 2021 and will expand to delivering global services in 2022," OneWeb said in an announcement Friday. In March this year, OneWeb filed for bankruptcy and reportedly laid off most of its staff. In July, OneWeb agreed to sell the business to a consortium including the UK government and Bharti Global Limited for $1 billion. In the Friday announcement, OneWeb said it has secured "all relevant regulatory approvals" needed to exit bankruptcy. "Together with our UK Government partner, we recognized that OneWeb has valuable global spectrum with priority rights, and we benefit from $3.3 billion invested to date and from the satellites already in orbit, securing our usage rights," Bharti founder and Chairman Sunil Bharti Mittal said.

Read more of this story at Slashdot.

Iwastheone shares a report from Science Magazine: In October 2010, in a building the size of three U.S. football fields, researchers at the Lawrence Livermore National Laboratory powered up 192 laser beams, focused their energy into a pulse with the punch of a speeding truck, and fired it at a pellet of nuclear fuel the size of a peppercorn. So began a campaign by the National Ignition Facility (NIF) to achieve the goal it is named for: igniting a fusion reaction that produces more energy than the laser puts in. A decade and nearly 3000 shots later, NIF is still generating more fizz than bang, hampered by the complex, poorly understood behavior of the laser targets when they vaporize and implode. But with new target designs and laser pulse shapes, along with better tools to monitor the miniature explosions, NIF researchers believe they are close to an important intermediate milestone known as "burning plasma": a fusion burn sustained by the heat of the reaction itself rather than the input of laser energy. Self-heating is key to burning up all the fuel and getting runaway energy gain. Once NIF reaches the threshold, simulations suggest it will have an easier path to ignition, says Mark Herrmann, who oversees Livermore's fusion program. "We're pushing as hard as we can," he says. "You can feel the acceleration in our understanding." Outsiders are impressed, too. "You kind of feel there's steady progress and less guesswork," says Steven Rose, co-director of the Centre for Inertial Fusion Studies at Imperial College London. "They're moving away from designs traditionally held and trying new things." NIF may not have the luxury of time, however. The proportion of NIF shots devoted to the ignition effort has been cut from a high of nearly 60% in 2012 to less than 30% today to reserve more shots for stockpile stewardship -- experiments that simulate nuclear detonations to help verify the reliability of warheads. Presidential budget requests in recent years have repeatedly sought to slash research into inertial confinement fusion at NIF and elsewhere, only to have Congress preserve it. NIF's funder, the National Nuclear Security Administration (NNSA), is reviewing the machine's progress for the first time in 5 years. Under pressure to modernize the nuclear arsenal, the agency could decide on a further shift toward stockpile stewardship. "Will the ignition program be squeezed out?" asks Mike Dunne, who directed Livermore's fusion energy efforts from 2010 to 2014. "The jury's out."

Read more of this story at Slashdot.

The U.K.-based security company NCC Group and consumer advocacy group Which? have found vulnerabilities in 11 "smart" doorbells sold on popular platforms like Amazon and eBay. CyberScoop reports: One flaw could allow a remote attacker to break into the wireless network by swiping login credentials. Another critical bug, which has been around for years, could enable attackers to intercept and manipulate data on the network. The investigation focused on doorbells made by often obscure vendors, but which nonetheless earned top reviews and featured prominently on Amazon and eBay. The researchers raised concerns that some of the devices were storing sensitive data, including location data and audio and video captured by the doorbell's camera, on insecure servers. One device made by a company called Victure, for example, sent a user's wireless name and password, unencrypted, to servers in China, according to the researchers. In a statement, Amazon said it requires products sold on its site to be compliant with applicable laws and regulations, and that it has tools to detect "unsafe or non-compliant products from being listed in our stores." eBay said it takes down listings that violate its safety standards, but that the devices flagged by the researchers did not meet that threshold. Victure did not immediately respond to a request for comment. The NCC Group-Which? team said they tried to contact the various vendors of the vulnerable smart doorbells, with mixed success. The unnamed vendor of one device, for example, removed an online listing for the product after the researchers shared their findings.

Read more of this story at Slashdot.

"The Queen's Gambit," a Netflix exclusive about an orphan chess prodigy, set the record as the most-watched scripted limited series to date on the streaming platform -- with 62 million member accounts tuning in to the show in the first 28 days, according to the company. Variety reports: There's a caveat, though: The way Netflix reports viewing is based on the number of viewers who have watched at least two minutes of a piece of content, which is very different from how the TV industry measures audience. And the streamer cherry-picks which originals it decides to tout with the proprietary metric. Netflix boasted about the success of "The Queen's Gambit," saying that the show made the Top 10 in 92 countries and ranked No. 1 in 63 countries, including the U.K., Argentina, Israel and South Africa. "The Queen's Gambit" premiered Oct. 23 on Netflix worldwide. The seven-episode limited series stars Anya Taylor-Joy alongside Marielle Heller, Thomas Brodie-Sangster, Moses Ingram, Harry Melling and Bill Camp. For now, "The Witcher" Season 1 remains Netflix's biggest original series overall in the first 28-day window with 76 million households choosing the title, at least based on the two-minute minimum viewing methodology (which the company introduced in the fourth quarter of 2019). Meanwhile, docu-series "Tiger King" was sampled by 64 million member accounts in the first month of its release, per Netflix.

Read more of this story at Slashdot.

Apple said on Monday that companies that offer digital classes or virtual events through iPhone apps won't have to use Apple's App Store in-app purchases through June 2021, enabling them to charge their customers directly without Apple's 30% commission fee. CNBC reports: Apple said the extension was to help businesses by giving them more time to transition in-person events to digital events during the Covid-19 pandemic. "Although apps are required to offer any paid online group event experiences (one-to-few and one-to-many realtime experiences) through in-app purchase in accordance with App Store Review guideline 3.1.1, we temporarily deferred this requirement with an original deadline of December 2020," Apple wrote on its developer blog. "To allow additional time for developing in-app purchase solutions, this deadline has been extended to June 30, 2021." Last week, Apple announced that it planned to reduce its commission to 15% for app developers making under $1 million on Apple's platforms in 2021.

Read more of this story at Slashdot.

An anonymous reader quotes a report from New Atlas: A first-of-its-kind exploratory study, led by researchers from Yale School of Medicine, has found a single dose of the psychedelic psilocybin can reduce migraine frequency by 50 percent for a least two weeks. The preliminary trial was small, with follow-up work necessary to validate the results, but the promising findings suggest great potential for psychedelics to treat migraines and cluster headaches. A new study, published in the journal Neurotherapeutics, is offering the first double-blind, placebo-controlled, cross-over study on the effects of a moderate psilocybin dose on migraine frequency and severity. The research is only preliminary and small but its results are deeply encouraging. Ten migraine sufferers were recruited for the trial. Each subject completed two sessions, one with a placebo and one with a moderate psilocybin dose. Headache diaries were used to track headache frequency and severity in the two weeks leading up to, and following, each experimental session. "Compared to placebo, a single administration of psilocybin reduced migraine frequency by about half over the two weeks measured," explains corresponding author on the new study Emmanuelle Schindler, in an email to New Atlas. "In addition, when migraine attacks did occur in those two weeks, pain intensity and functional impairment during attacks were reduced by approximately 30 percent each." Perhaps the most intriguing finding from this small study was the lack of any correlation between the subjective strength of the psychedelic experience and the therapeutic effect. Prior trials using psilocybin to treat depression or addiction have suggested the overwhelming magnitude of a psychedelic experience seems to be fundamentally entwined with its therapeutic efficacy. So essentially, the more powerful the experience the better the result. But unexpectedly, this migraine/psilocybin trial did not detect that association. In fact, those subjects reporting the highest scores on a self-reported altered state of consciousness scale showed some of the smaller reductions in migraine burden. What this intriguingly suggests is that, in the case of psilocybin for migraine, it may be possible to separate out the drug's psychotropic effects from its therapeutic effects. This could be achieved either by exploring microdoses and sub-hallucinogenic doses, or even homing in on the mechanism by which the drug is helping prevent migraines and finding a new way to pharmacologically target it.

Read more of this story at Slashdot.

Foxconn plans to assemble key components for Google servers from its plant in Wisconsin, people familiar with the matter said, finally breathing life into a factory Donald Trump hailed as crucial to bringing manufacturing back to the U.S. Bloomberg reports: The Taiwanese company has decided to locate production for this new contract at the existing complex rather than make the components at home or in China, the people said, asking not to be identified discussing a sensitive move. The under-utilized factory should start mass production in the first quarter, timed with the release of Intel Corp.'s Ice Lake server chips, they said. Foxconn is setting up surface-mount technology assembly lines that it will use to place semiconductors onto circuit boards, they added. A Foxconn representative confirmed it's developing data center infrastructure and high-performance computing "capabilities" in Wisconsin, but declined to name any customers. Taiwan counts Washington as an essential diplomatic, economic and military ally amid rising tensions with Beijing. Foxconn, which operates most of its factories in central and southern China, won Google's business because it was the only contract manufacturer capable of establishing a surface-mount technology line on American soil, one of the people said. Shanghai-listed Foxconn Industrial Internet Co., its cloud business unit, will oversee the server business in Wisconsin, another person familiar with Foxconn's operations said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Comcast's 1.2TB monthly data cap is coming to 12 more states and the District of Columbia starting January 2021. The unpopular policy was already enforced in most of Comcast's 39-state US territory over the past few years, and the upcoming expansion will for the first time bring the cap to every market in Comcast's territory. Comcast will be providing some "courtesy months" in which newly capped customers can exceed 1.2TB without penalty, so the first overage charges for these customers will be assessed for data usage in the April 2021 billing period. Comcast's data cap has been imposed since 2016 in 27 of the 39 states in Comcast's cable territory. The cap-less parts of Comcast's network include Northeastern states where the cable company faces competition from Verizon's un-capped FiOS fiber-to-the-home broadband service. But last week, an update to Comcast's website said that the cap is coming to Connecticut, Delaware, Massachusetts, Maryland, Maine, New Hampshire, New Jersey, North Carolina, New York, Pennsylvania, Vermont, West Virginia, and the District of Columbia. The cap is also coming to parts of Virginia and Ohio where it wasn't already implemented. In all, Comcast has nearly 28 million residential Internet customers. "Comcast's overage charges are $10 for each additional block of 50GB, up to a maximum of $100 each month," notes Ars. "Customers can avoid overage charges by spending an extra $30 a month on unlimited data or $25 for the 'xFi Complete' plan that includes unlimited data and the rental cost for Comcast's xFi gateway modem and router."

Read more of this story at Slashdot.

BeerFartMoron shares a report from CBS News: China launched its most ambitious moon mission yet Monday: a robotic spacecraft expected to land on the lunar surface by the end of the week. The spacecraft is expected to collect about four pounds of rock and soil samples, and return them to Earth next month for laboratory analysis. If successful, the Chang'e 5 mission will make China only the third nation, after the United States and the former Soviet Union, to bring moon rocks back to Earth. It will also be the first to attempt the feat since Russia's Luna 24 in 1976. The 8,335-pound Chang'e 5 spacecraft, named after the mythical Chinese goddess of the moon, is made up of four major components: a lunar orbiter, a sample return craft, a lander carrying science instruments and sample collection equipment, and a small ascent vehicle mounted atop the lander to carry the collected surface samples back up to orbit. The Chang'e 5 lander features multiple cameras, a spectrometer to assess the composition of the soil near the spacecraft and a ground-penetrating radar. A robot arm is equipped with a percussive drill and scoop to pick up excavated rock and soil. Working by remote control from Earth, engineers will use the arm to move collected samples up to the ascent vehicle, which then will blast off, rendezvous with the Chang'e 5 orbiter and transfer the sample to the return craft for the trip back to Earth. Landing in Inner Mongolia is expected around December 16. From there, the samples will be transferred to specially equipped laboratories for analysis.

Read more of this story at Slashdot.

The top security chief for Apple headlines a batch of new criminal indictments for allegedly brokering bribes with Santa Clara County sheriff's office commanders -- including the newly indicted undersheriff -- in exchange for coveted concealed-gun permits, in a striking offshoot of an ongoing corruption probe ensnaring the agency. From a report: Thomas Moyer, 50, Apple's chief security officer, was indicted last week by a criminal grand jury on allegations that he, Undersheriff Rick Sung and Capt. James Jensen arranged for 200 iPads to be donated to the sheriff's office to loosen up the release of concealed-carry weapons permits for Apple security officers. The sheriff's office is the police force for Cupertino, where Apple's global headquarters are located. The iPad donation was shelved once a separate DA investigation into pay-to-play suspicions involving the concealed-gun permits -- in which Jensen was one of four people indicted earlier this year -- got underway in August 2019, District Attorney Jeff Rosen said at a Monday news conference.

Read more of this story at Slashdot.

A trove of more than two dozen internal Amazon reports reveal in stark detail the company's obsessive monitoring of organized labor and social and environmental movements in Europe, particularly during Amazon's "peak season" between Black Friday and Christmas. From a report: The reports, obtained by Motherboard, were written in 2019 by Amazon intelligence analysts who work for the Global Security Operations Center, the company's security division tasked with protecting Amazon employees, vendors, and assets at Amazon facilities around the world. The documents show Amazon analysts closely monitor the labor and union-organizing activity of their workers throughout Europe, as well as environmentalist and social justice groups on Facebook and Instagram. They also reveal, and an Amazon spokesperson confirmed, that Amazon has hired Pinkerton operatives -- from the notorious spy agency known for its union-busting activities -- to gather intelligence on warehouse workers. Internal emails sent to Amazon's Global Security Operations Center obtained by Motherboard also reveal that all the division's team members around the world receive updates on labor organizing activities at warehouses that include the exact date, time, location, the source who reported the action, the number of participants at an event (and in some cases a turnout rate of those expected to participate in a labor action), and a description of what happened, such as a "strike" or "the distribution of leaflets." Other documents reveal that Amazon intelligence analysts keep close tabs on how many warehouse workers attend union meetings; specific worker dissatisfactions with warehouse conditions, such as excessive workloads; and cases of warehouse-worker theft, from a bottle of tequila to $15,000 worth of smart watches.

Read more of this story at Slashdot.

New submitter thegreatbob shares a report: The General Image Manipulation Program, GIMP, has turned 25. A brief celebration post detailed how the package started life as a July 1995 Usenet thought bubble by then-student Peter Mattis, who posted the following to several newsgroups: Suppose someone decided to write a graphical image manipulation program (akin to photoshop). Out of curiosity (and maybe something else), I have a few (2) questions: What kind of features should it have? (tools, selections, filters, etc.) What file formats should it support? (jpeg, gif, tiff, etc.)" Four months later, Mattis and fellow University of California Berkeley student Spencer Kimball delivered what they described as software "designed to provide an intuitive graphical interface to a variety of image editing operations." The software ran on Linux 1.2.13, Solaris 2.4, HPUX 9.05, and SGI IRIX. The answer to the file format support question turned out to be GIF, JPEG, PNG, TIFF, and XPM. The rest is history. Richard Stallman gave Mattis and Kimball permission to change the "General" in its name to "GNU", reflecting its open-source status. Today the program is released under the GNU General Public License. As the program added features such as layers, it grew more popular and eventually became a byword for offering a FOSS alternative to Photoshop even though the project pushes back against that description. The project's celebration page says volunteers did their "best to provide a sensible workflow to users by using common user interface patterns. That gave us a few questionable monikers like 'Photoshop for Linux', 'free Photoshop', and 'that ugly piece of software'. We still can wholeheartedly agree with the latter one only!"

Read more of this story at Slashdot.

Bernard Meyer, reporting for CyberNews: In a collaboration between CyberNews Sr. Information Security Researcher Mantas Sasnauskas and researchers James Clee and Roni Carta, suspicious backdoors have been discovered in a Chinese-made Jetstream router, sold exclusively at Walmart as their new line of "affordable" wifi routers. This backdoor would allow an attacker the ability to remotely control not only the routers, but also any devices connected to that network. CyberNews reached out to Walmart for comment and to understand whether they were aware of the Jetstream backdoor, and what they plan to do to protect their customers. After we sent information about the affected Jetstream device, a Walmart spokesperson informed CyberNews: "Thank you for bringing this to our attention. We are looking into the issue to learn more. The item in question is currently out of stock and we do not have plans to replenish it." Besides the Walmart-exclusive Jetstream router, the cybersecurity research team also discovered that low-cost Wavlink routers, normally sold on Amazon or eBay, have similar backdoors. The Wavlink routers also contain a script that lists nearby wifi and has the capability to connect to those networks. We have also found evidence that these backdoors are being actively exploited, and there's been an attempt to add the devices to a Mirai botnet. Mirai is malware that infects devices connected to a network, turns them into remotely controlled bots as part of a botnet, and uses them in large-scale attacks. The most famous of these is the 2016 Dyn DNS cyberattack, which brought down major websites like Reddit, Netflix, CNN, GitHub, Twitter, Airbnb and more.

Read more of this story at Slashdot.

President-elect Joe Biden's top technology adviser helped craft California's landmark online privacy law and recently condemned a controversial federal statute that protects internet companies from liability, indicators of how the Biden administration may come down on two key tech policy issues. From a report: Bruce Reed, a former Biden chief of staff who is expected to take a major role in the new administration, helped negotiate with the tech industry and legislators on behalf of backers of a ballot initiative that led to the 2018 California Consumer Privacy Act. Privacy advocates see that law as a possible model for a national law. Reed also co-authored a chapter in a book published last month denouncing the federal law known as Section 230, which makes it impossible to sue internet companies over the content of user postings. Both Republicans and Democrats have called for reforming or abolishing 230, which critics say has allowed abuse to flourish on social media. Reed, a veteran political operative, was chief of staff for Biden from 2011 to 2013, when Biden was U.S. vice president. In that role, he succeeded Ron Klain, who was recently named incoming White House chief of staff. Reed then served as president of the Broad Foundation, a major Los Angeles philanthropic organization, and later as an adviser to Laurene Powell Jobs' Emerson Collective in Palo Alto, California.

Read more of this story at Slashdot.

Karan Bajaj, an Indian entrepreneur who teaches meditation and in his recent book invites others to live a life away from the noise, is going after the most vocal critics of his startup. From a report: Bajaj, founder of coding platform WhiteHat Jr, has filed a defamation case against Pradeep Poonia, an engineer who has publicly criticized the firm for its marketing tactics, the quality of the courses on the platform, and aggressive takedowns of such feedback. On Monday, WhiteHat Jr, filed a similar case against Aniruddha Malpani, an investor who has shared unflattering feedback about the startup. Most of the customers of WhiteHat Jr, which is aimed at kids, live in America, and demand for its one-to-one classes has surged nearly 90% this year, according to the startup. In the lawsuit against Poonia -- in which Bajaj is seeking $2.7 million in damages -- Poonia has been accused of infringing trademarks and copyright of properties owned by WhiteHat Jr, defaming and spreading misleading information about the startup and its founder, and accessing the company's private communications app. [...] The lawsuit, riddled with spelling and grammatical errors, appears to be also indicative of just how little criticism WhiteHat Jr, owned by India's second most valuable startup Byju's, is willing to accept. According to internal posts of a Slack channel of WhiteHat Jr shared by Poonia, the startup has aggressively used copyright protection to take down numerous unflattering feedback about the startup in recent months. The suit also raises concern with Poonia accusing WhiteHat Jr of "murdering" an imaginary kid that featured in one of its earlier ads. A 12-year-old child named "Wolf Gupta" appeared in earlier ads of WhiteHat Jr, which claimed that the kid had landed a lucrative job at Google. The kid does not exist, the lawyers of Bajaj say in the suit. Ironically that was also the argument Poonia, who spent a long time trying to unearth more information about this supposed poster child of WhiteHat Jr, was making in his tweets.

Read more of this story at Slashdot.

Google is loosening control over the core of its Chrome browser, a move that helps Microsoft, Samsung and Brave build competitors while advancing the search giant's vision of the web. From a report: Over the past six months, Google welcomed a new outside developer into the leadership of its Chromium project, the software that powers the similarly named browser. The Alphabet subsidiary is also granting outsiders access to its previously proprietary software development system and allows outside features even when Google doesn't incorporate them into the flagship Chrome browser. Chromium is open-source software, which means anyone can modify and use it. Even with open source projects, however, outsiders can have trouble convincing organizers to accept their changes and additions, making it harder to contribute and benefit. Google took pains to draw attention to the changes at the BlinkOn conference earlier this week. "It's really cool to see so many people and groups with different priorities coming together and finding solutions that not only meet their individual agendas but also advance the common goal of improving the web," said Danyao Wang, a Chrome engineer at Google.

Read more of this story at Slashdot.