Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Investigation: Apple Failing To Protect Chinese Factory Workers 23

Posted by samzenpus
from the HR-needs-to-be-better dept.
mrspoonsi writes with the findings of an investigation into working conditions at a factory that makes Apple products. Poor treatment of workers in Chinese factories which make Apple products has been discovered by an undercover BBC Panorama investigation. Filming on an iPhone 6 production line showed Apple's promises to protect workers were routinely broken. It found standards on workers' hours, ID cards, dormitories, work meetings and juvenile workers were being breached at the Pegatron factories. Apple said it strongly disagreed with the programme's conclusions. Exhausted workers were filmed falling asleep on their 12-hour shifts at the Pegatron factories on the outskirts of Shanghai. One undercover reporter, working in a factory making parts for Apple computers, had to work 18 days in a row despite repeated requests for a day off. Another reporter, whose longest shift was 16 hours, said: "Every time I got back to the dormitories, I wouldn't want to move. Even if I was hungry I wouldn't want to get up to eat. I just wanted to lie down and rest. I was unable to sleep at night because of the stress."

Critical Git Security Vulnerability Announced 31

Posted by samzenpus
from the protect-ya-neck dept.
An anonymous reader writes Github has announced a security vulnerability and has encourage users to update their Git clients as soon as possible. The blog post reads in part: "A critical Git security vulnerability has been announced today, affecting all versions of the official Git client and all related software that interacts with Git repositories, including GitHub for Windows and GitHub for Mac. Because this is a client-side only vulnerability, and GitHub Enterprise are not directly affected. The vulnerability concerns Git and Git-compatible clients that access Git repositories in a case-insensitive or case-normalizing filesystem. An attacker can craft a malicious Git tree that will cause Git to overwrite its own .git/config file when cloning or checking out a repository, leading to arbitrary command execution in the client machine. Git clients running on OS X (HFS+) or any version of Microsoft Windows (NTFS, FAT) are exploitable through this vulnerability. Linux clients are not affected if they run in a case-sensitive filesystem....Updated versions of GitHub for Windows and GitHub for Mac are available for immediate download, and both contain the security fix on the Desktop application itself and on the bundled version of the Git command-line client."

Marissa Mayer's Reinvention of Yahoo! Stumbles 63

Posted by samzenpus
from the best-laid-plans dept.
schnell writes The New York Times Magazine has an in-depth profile of Marissa Mayer's time at the helm of Yahoo!, detailing her bold plans to reinvent the company and spark a Jobs-ian turnaround through building great new products. But some investors are saying that her product focus (to the point of micromanaging) hasn't generated results, and that the company should give up on trying to create the next iPod, merge with AOL to cut costs and focus on the unglamorous core business that it has. Is it time for Yahoo! to "grow up" and set its sights lower?

Ars Reviews Skype Translator 28

Posted by timothy
from the in-the-future-everyone-will-have-been-in-the-past dept.
Esra Erimez writes Peter Bright doesn't speak a word of Spanish but with Skype Translator he was able to have a spoken conversation with a Spanish speaker as if he was in an episode of Star Trek. He spoke English. A moment later, an English language transcription would appear, along with a Spanish translation. Then a Spanish voice would read that translation.
Hardware Hacking

Extracting Data From the Microsoft Band 33

Posted by timothy
from the buncha-freeloaders dept.
An anonymous reader writes The Microsoft Band, introduced last month, hosts a slew of amazing sensors, but like so many wearable computing devices, users are unable to access their own data. A Brown University professor decompiles the app, finds that the data is transmitted to the Microsoft "cloud", and explains how to intercept the traffic to retrieve the raw minute-by-minute data captured by the Band.

"Team America" Gets Post-Hack Yanking At Alamo Drafthouse, Too 143

Posted by timothy
from the meet-your-new-program-director dept.
Slate reports that even old movies are enough to trigger a pretty strong knee jerk: Team America, World Police , selected as a tongue-in-cheek replacement by Dallas's Alamo Drafthouse Theater for the Sony-yanked The Interview after that film drew too much heat following the recent Sony hack, has also been pulled. The theater's tweet, as reprinted by Slate: "due to circumstances beyond our control,” their Dec. 27 Team America screening has also been canceled." If only I had a copy, I'd like to host a viewing party here in Austin for The Interview, which I want to see now more than ever. (And it would be a fitting venue.)

Grinch Vulnerability Could Put a Hole In Your Linux Stocking 63

Posted by timothy
from the pretty-generic-description-there dept.
itwbennett writes In a blog post Tuesday, security service provider Alert Logic warned of a Linux vulnerability, named grinch after the well-known Dr. Seuss character, that could provide attackers with unfettered root access. The fundamental flaw resides in the Linux authorization system, which can inadvertently allow privilege escalation, granting a user full administrative access. Alert Logic warned that Grinch could be as severe as the Shellshock flaw that roiled the Internet in September.

Ask Slashdot: What Can I Really Do With a Smart Watch? 148

Posted by timothy
from the you-can-measure-the-battery-drain dept.
kwelch007 writes I commonly work in a clean-room (CR.) As such, I commonly need access to my smart-phone for various reasons while inside the CR...but, I commonly keep it in my front pocket INSIDE my clean-suit. Therefore, to get my phone out of my pocket, I have to leave the room, get my phone out of my pocket, and because I have a one track mind, commonly leave it sitting on a table or something in the CR, so I then have to either have someone bring it to me, or suit back up and go get it myself...a real pain. I have been looking in to getting a 'Smart Watch' (I'm preferential to Android, but I know Apple has similar smart-watches.) I would use a smart-watch as a convenient, easy to transport and access method to access basic communications (email alerts, text, weather maps, etc.) The problem I'm finding while researching these devices is, I'm not finding many apps. Sure, they can look like a nice digital watch, but I can spend $10 for that...not the several hundred or whatever to buy a smart-watch. What are some apps I can get? (don't care about platform, don't care if they're free) I just want to know what's the best out there, and what it can do? I couldn't care less about it being a watch...we have these things called clocks all over the place. I need various sorts of data access. I don't care if it has to pair with my smart-phone using Bluetooth or whatever, and it won't have to be a 100% would be more of a convenience that is worth the several hundred dollars to me. My phone will never be more than 5 feet away, it's just inconvenient to physically access it. Further, I am also a developer...what is the best platform to develop for these wearable devices on, and why? Maybe I could make my own apps? Is it worth waiting for the next generation of smart-watches?

Australia Moves Toward New Restrictions On Technology Export and Publication 67

Posted by timothy
from the locked-file-cabinet-in-the-basement dept.
An anonymous reader writes Australia is starting a public consultation process for new legislation that further restricts the publication and export of technology on national security grounds. The public consultation starts now (a few days before Christmas) and it is due by Jan 30th while a lot of Australians are on holidays. I don't have the legal expertise to dissect the proposed legislation, but I'd like some more public scrutiny on it. I find particularly disturbing the phrase "The Bill includes defences that reverse the onus of proof which limit the right to be presumed innocent until proven guilty" contained in this document, also available on the consultation web site.

India Successfully Test Fires Its Heaviest Rocket 47

Posted by timothy
from the might-roar dept.
vasanth (908280) writes India on Thursday moved forward in rocket technology with the successful flight testing of its heaviest next generation rocket and the crew module . The 630-tonne three-stage rocket, Geo-Synchronous Satellite Launch Vehicle Mark III, carried active solid boosters, liquid core stage and a passive cryo stage and a crew module to test its re-entry characteristics. This rocket is capable of doubling the capacity of payloads India can carry into space and it can deposit up to four tonne class of communication satellites into space. India also plans to use this rocket for ferrying Indian astronauts into space. For India, ISRO (the Indian space agency) perfecting the cryogenic engine technology is crucial as India can save precious foreign exchange by launching heavy duty communication satellites by itself.

Cause and Effect: How a Revolutionary New Statistical Test Can Tease Them Apart 100

Posted by timothy
from the submission-caused-post dept.
KentuckyFC writes Statisticians have long thought it impossible to tell cause and effect apart using observational data. The problem is to take two sets of measurements that are correlated, say X and Y, and to find out if X caused Y or Y caused X. That's straightforward with a controlled experiment in which one variable can be held constant to see how this influences the other. Take for example, a correlation between wind speed and the rotation speed of a wind turbine. Observational data gives no clue about cause and effect but an experiment that holds the wind speed constant while measuring the speed of the turbine, and vice versa, would soon give an answer. But in the last couple of years, statisticians have developed a technique that can tease apart cause and effect from the observational data alone. It is based on the idea that any set of measurements always contain noise. However, the noise in the cause variable can influence the effect but not the other way round. So the noise in the effect dataset is always more complex than the noise in the cause dataset. The new statistical test, known as the additive noise model, is designed to find this asymmetry. Now statisticians have tested the model on 88 sets of cause-and-effect data, ranging from altitude and temperature measurements at German weather stations to the correlation between rent and apartment size in student accommodation.The results suggest that the additive noise model can tease apart cause and effect correctly in up to 80 per cent of the cases (provided there are no confounding factors or selection effects). That's a useful new trick in a statistician's armoury, particularly in areas of science where controlled experiments are expensive, unethical or practically impossible.

Will Ripple Eclipse Bitcoin? 120

Posted by timothy
from the ask-the-magic-8-ball dept.
First time accepted submitter writes This year's biggest news about Bitcoin may well turn out not to be the repeat of its surge in value last year against the dollar and other state currencies but its impending eclipse by another independent but corporate-backed digital currency. Popularly known as Ripple, XRP shot up in value last year along with other cryptocurrencies that took advantage of the hype around Bitcoin. However, among the top cryptocurrencies listed in, a site that monitors trading across different cryptocurrency exchanges, Ripple is the only one that not only regained its value after the collapse in the price of Bitcoin but has more than doubled from its peak last year. In September it displaced Litecoin to become the second most valuable cryptocurrency. Even more surpising, a Ripple fork, Stellar, is one of the two other cryptocurrencies in the Coinmarketcap top ten that have risen sharply in value during the last few weeks.

What makes Ripple different from Bitcoin? Strictly speaking, Ripple isn't the name of the digital currency but of the decentralized payment network and protocol created and maintained by the eponymous Ripple Labs. Users of the Ripple system are able to transact in both cryptocurrency and regular fiat currency like the dollar without passing through a central exchange. XRP is the name of the native unit of exchange used in the Ripple network to facilitate conversion between different currency types.

After 40 Years As a Double Amputee, Man Gains Two Bionic Arms 58

Posted by timothy
from the about-time-really dept.
MojoKid writes Les Baugh, a Colorado man who lost both arms in an electrical accident 40 years ago, is looking forward to being able to insert change into a soda machine and retrieving the beverage himself. But thanks to the wonders of science and technology — and Johns Hopkins University Applied Physics Laboratory (APL) — he'll regain some of those functions while making history as the first bilateral shoulder-level amputee to wear and simultaneously control two Modular Prosthetic Limbs (MPLs). "It's a relatively new surgical procedure that reassigns nerves that once controlled the arm and the hand," explained Johns Hopkins Trauma Surgeon Albert Chi, M.D. "By reassigning existing nerves, we can make it possible for people who have had upper-arm amputations to control their prosthetic devices by merely thinking about the action they want to perform."

Did Alcatraz Escapees Survive? Computer Program Says They Might Have 75

Posted by timothy
from the like-to-think-so dept.
In June of 1962, three prisoners escaped the penitentary on Alcatraz, in an elaborate plot that was dramatized in a Clint Eastwood movie. A question that has long puzzled the public is whether these men ever made it to shore; the many factors that made Alcatraz a secure prison include sharks, cold water, and contrary currents. Still, some artifacts from the attempt, and perhaps the appeal of stories about survival against high odds, have led many people to believe that the men actually landed safely and faded into society. coondoggie writes This week Dutch scientists from Delft University of Technology presented findings from a computer modeling program they were working on, unrelated to the mystery, that demonstrated the escapees could have survived the journey. "In hindsight, the best time to launch a boat from Alcatraz was [11:30 am], one and a half hours later than has generally been assumed. A rubber boat leaving Alcatraz at [11:30 am] would most likely have landed just north of the Golden Gate Bridge. The model also shows that debris in that scenario would be likely to wash up at Angel Island, exactly where one of the paddles and some personal belongings were found.

Hackers Compromise ICANN, Access Zone File Data System 96

Posted by timothy
from the that-should-be-a-boss-level dept.
Trailrunner7 writes with this news from ThreatPost: Unknown hackers were able to compromise vital systems belonging to ICANN, the organization that manages the global top-level domain system, and had access to the system that manages the files with data on resolving specific domain names. The attack apparently took place in November and ICANN officials discovered it earlier this month. The intrusion started with a spear phishing campaign that targeted ICANN staffers and the email credentials of several staff members were compromised. The attackers then were able to gain access to the Centralized Zone Data System, the system that allows people to manage zone files. The zone files contain quite bit of valuable information, including domain names, the name server names associated with those domains and the IP addresses for the name servers. CANN officials said they are notifying any users whose zone data might have been compromised." (Here's ICANN's public note on the compromise.)

"Anyone attempting to generate random numbers by deterministic means is, of course, living in a state of sin." -- John Von Neumann