Dropbox IPOs. Its Founders Are Now Billionaires ( 41

Yesterday Dropbox finally launched its stock on NASDAQ. Reuters reports: Dropbox Inc's shares closed at $28.42, up more than 35 percent in their first day of trading on Friday, as investors rushed to buy into the biggest technology initial public offering in more than a year even as the wider sector languished... At the stock's opening price, Dropbox had a market valuation of $12.67 billion, well above the $10 billion valuation it had in its last private funding round... It has yet to turn a profit, which is common for startups that invest heavily in growth. As a public company Dropbox will be under pressure to quickly trim its losses. The 11-year old company reported revenue of $1.11 billion in 2017, up from $844.8 million a year earlier. Its net loss nearly halved from $210.2 million in 2016.
CNBC reports that Y Combinator almost passed on a chance to invest in Dropbox -- which became its first IPO ever -- "because it had misgivings about bringing on a solo entrepreneur." After Drew Houston, the creator of Dropbox, scrambled to find a co-founder in time for his in-person interview, the company was admitted into YC in 2007. Four years later, venture capitalists poured money into Dropbox at a $4 billion valuation. YC has since become a power player in Silicon Valley, helping spawn numerous companies valued at over $1 billion today including Stripe, Airbnb, Instacart and Coinbase. It also backed Twitch, which Amazon acquired in 2014 for about $970 million, and the self-driving tech start-up Cruise, which GM bought in 2016 for over $1 billion. But in its 13-year history, YC had yet to see any of its companies go public until Dropbox's stock market debut on Friday...

Houston is now worth over $3 billion and co-founder Arash Ferdowsi owns shares valued at more than $1 billion.

Dropbox's Twitter feed posted a video from their NASDAQ debut, adding "We're so thankful for the 500 million registered users who helped us get here."

Microsoft Brings Native HEIF Support to Windows 10 ( 151

An anonymous reader shares a report: Microsoft is bringing support for the new HEIF image format to Windows 10. First popularized by Apple with iOS 11, HEIF is a new image format that uses less storage space while preserving image quality. The new image format is used by default on Apple's iPhone X and other devices running iOS 11. While Microsoft's online services like OneDrive already supported HEIF since the release of iOS 11, Windows 10 didn't natively support the new format as of yet. But with the upcoming Redstone 4 update -- possibly called the Spring Creators Update -- the Microsoft Photos app in Windows 10 will support HEIF by default. Further reading: CNET.

Did Cambridge Analytica Harvest 50 Million Facebook Profiles? ( 135

Slashdot reader umafuckit shared this article from The Guardian: The data analytics firm that worked with Donald Trump's election team and the winning Brexit campaign harvested millions of Facebook profiles of U.S. voters, in one of the tech giant's biggest ever data breaches, and used them to build a powerful software program to predict and influence choices at the ballot box... Christopher Wylie, who worked with a Cambridge University academic to obtain the data, told the Observer: "We exploited Facebook to harvest millions of people's profiles. And built models to exploit what we knew about them and target their inner demons. That was the basis the entire company was built on."

Documents seen by the Observer, and confirmed by a Facebook statement, show that by late 2015 the company had found out that information had been harvested on an unprecedented scale. However, at the time it failed to alert users and took only limited steps to recover and secure the private information of more than 50 million individuals... On Friday, four days after the Observer sought comment for this story, but more than two years after the data breach was first reported, Facebook announced that it was suspending Cambridge Analytica and Kogan from the platform, pending further information over misuse of data. Separately, Facebook's external lawyers warned the Observer on Friday it was making "false and defamatory" allegations, and reserved Facebook's legal position...

The evidence Wylie supplied to U.K. and U.S. authorities includes a letter from Facebook's own lawyers sent to him in August 2016, asking him to destroy any data he held that had been collected by GSR, the company set up by Kogan to harvest the profiles... Facebook did not pursue a response when the letter initially went unanswered for weeks because Wylie was travelling, nor did it follow up with forensic checks on his computers or storage, he said. "That to me was the most astonishing thing. They waited two years and did absolutely nothing to check that the data was deleted. All they asked me to do was tick a box on a form and post it back."

Wylie worked with Aleksandr Kogan, the creator of the "thisisyourdigitallife" app, "who has previously unreported links to a Russian university and took Russian grants for research," according to the article. Kogan "had a licence from Facebook to collect profile data, but it was for research purposes only. So when he hoovered up information for the commercial venture, he was violating the company's terms...

"At the time, more than 50 million profiles represented around a third of active North American Facebook users, and nearly a quarter of potential U.S. voters."
Data Storage

Power Outage At Samsung's Fab Destroys 3.5 Percent of Global NAND Flash Output ( 103

An anonymous reader quotes a report from AnandTech: A half-hour power outage at Samsung's fab near Pyeongtaek, South Korea, disrupted production and damaged tens of thousands of processed wafers. Media reports claim that the outage destroyed as much as 3.5% of the global NAND supply for March, which may have an effect on flash memory pricing in the coming weeks. The outage happened on March 9 and lasted for about 30 minutes, according to a news story from Taiwain-based TechNews that cites further South Korean reports. The report claims that the outage damaged 50,000 to 60,000 of wafers with V-NAND flash memory, which represent 11% of Samsung's monthly output. The report further estimates that the said amount equates to approximately 3.5% of global NAND output, but does not elaborate whether it means wafer output or bit output. Samsung uses its fab near Pyeongtaek to produce 64-layer V-NAND chips used for various applications. The fab is among the largest flash production facilities in the world and therefore any disruption there has an effect on the global output of non-volatile memory. Meanwhile, since production lines have not been damaged and the fab is back online, the significance of such an effect is limited.

Jewelry Site Leaks Personal Details, Plaintext Passwords of 1.3 Million Users ( 37

Chicago-based MBM Company's jewelry brand Limoges Jewelry has accidentally leaked the personal information for over 1.3 million people. This includes addresses, zip-codes, e-mail addresses, and IP addresses. The Germany security firm Kromtech Security, which found the leak via an unsecured Amazon S3 storage bucket, also claims the database contained plaintext passwords. The Next Web reports: In a press release, Kromtech Security's head of communicationis, Bob Diachenko, said: "Passwords were stored in the plain text, which is great negligence [sic], taking into account the problem with many users re-using passwords for multiple accounts, including email accounts." The [MSSQL database] backup file was named "MBMWEB_backup_2018_01_13_003008_2864410.bak," which suggests the file was created on January 13, 2018. It's believed to contain current information about the company's customers. Records held in the database have dates reaching as far back as 2000. The latest records are from the start of this year. Other records held in the database include internal mailing lists, promo-codes, and item orders, which leads Kromtech to believe that this could be the primary customer database for the company. Diachenko says there's no evidence a malicious third-party has accessed the dump, but that "that does not mean that nobody [has] accessed the data."

'Slingshot' Malware That Hid For Six Years Spread Through Routers 72

An anonymous reader quotes a report from Engadget: Security researchers at Kaspersky Lab have discovered what's likely to be another state-sponsored malware strain, and this one is more advanced than most. Nicknamed Slingshot, the code spies on PCs through a multi-layer attack that targets MikroTik routers. It first replaces a library file with a malicious version that downloads other malicious components, and then launches a clever two-pronged attack on the computers themselves. One, Canhadr, runs low-level kernel code that effectively gives the intruder free rein, including deep access to storage and memory; the other, GollumApp, focuses on the user level and includes code to coordinate efforts, manage the file system and keep the malware alive. Kaspersky describes these two elements as "masterpieces," and for good reason. For one, it's no mean feat to run hostile kernel code without crashes. Slingshot also stores its malware files in an encrypted virtual file system, encrypts every text string in its modules, calls services directly (to avoid tripping security software checks) and even shuts components down when forensic tools are active. If there's a common method of detecting malware or identifying its behavior, Slingshot likely has a defense against it. It's no wonder that the code has been active since at least 2012 -- no one knew it was there. Recent MikroTik router firmware updates should fix the issue. However, there's concern that other router makers might be affected.

Report Says Radioactive Monitors Failed at Nuclear Plant ( 83

A new report says mistakes and mismanagement are to blame for the exposure of workers to radioactive particles at the Hanford Nuclear Reservation in Washington state. From the report: Contractor CH2M Hill Plateau Remediation on Thursday released its evaluation of what went wrong in December during demolition of the nuclear reservation's highly contaminated Plutonium Finishing Plant. The Tri-City Herald reports the study said primary radioactive air monitors used at a highly hazardous Hanford project failed to detect contamination. Then, when the spread of contamination was detected, the report said steps taken to contain it didn't fully work.

At least 11 Hanford workers checked since mid-December inhaled or ingested small amounts of radioactive particles. Private and government vehicles were contaminated with radioactive particles. The sprawling site in southeastern Washington contains more than 50 million gallons of radioactive and toxic wastes in underground storage tanks. It's owned by the U.S. Department of Energy, which hires private contractors to manage the cleanup work. Hanford was established during World War II and made the plutonium for the atomic bomb dropped on Nagasaki, Japan. The 560-square mile site also made most of the plutonium for the nation's nuclear arsenal during the Cold War.


Massive DDOS Attacks Are Now Targeting Google, Amazon, and the NRA ( 121

PC Magazine reports: A new way to amplify DDoS attacks has been spotted harassing Google, Amazon, Pornhub and even the National Rifle Association's main website after striking Github last week. The attacks, which exploit vulnerable "memcached servers," have been trying to hose down scores of new targets with a flood of internet traffic, according to Chinese security firm Qihoo 360... Github was the first high-profile victim and suffered a 1.35 Tbps assault -- or what was then the biggest DDoS attack on record. But days later, an unnamed U.S. service provider fended off a separate assault, which measured at 1.7 Tbps. Unfortunately, the amplified DDoS attacks haven't stopped. They've gone on to strike over 7,000 unique IP addresses in the last seven days, Qihoo 360 said in a blog post... Gaming sites including,, and have been among those hit...

The security community is also steadily addressing the linchpin to all the assaults: the vulnerable memcached servers. About 100,000 of these online storage systems were publicly exposed over a week ago. But the server owners have since patched or firewalled about 60,000 of them, Radware security researcher Daniel Smith said. That leaves 40,000 servers open to exploitation. Smith points to how the coding behind the attack technique has started to circulate online through free tools and scripts.

Meanwhile, Slashdot reader darthcamaro shares an article about "the so-call 'kill switch'" that some vendors have been debating: "The 'kill switch' was immediately obvious to everyone who worked on mitigating this DDoS attack," John Graham-Cumming, CTO of CloudFlare said. "We chose not to use or test this method because it would be unethical and likely illegal since it alters the state of a remote machine without authorization."

Android Beats iOS In Smartphone Loyalty, Study Finds 145

Android users don't appear to be switching to the iPhone like they used to. According to a new study from Consumer Intelligence Research Partners (CIRP), Android users have higher loyalty than iOS users do. "The research firm found that Android brand loyalty has been remaining steadily high since early 2016, and remains at the highest levels ever seen," reports TechCrunch. From the report: Today, Android has a 91 percent loyalty rate, compared with 86 percent for iOS, measured as the percentage of U.S. customers who stayed with their operating system when they upgraded their phone in 2017. From January 2016 through December 2017, Android loyalty ranged from 89 to 91 percent (ending at 91 percent), while iOS loyalty was several percentage points lower, ranging from 85 to 88 percent. Explains Mike Levin, partner and co-founder of CIRP, users have pretty much settled on their brand of choice at this point. "With only two mobile operating systems at this point, it appears users now pick one, learn it, invest in apps and storage, and stick with it. Now, Apple and Google need to figure out how to sell products and services to these loyal customer bases," he said. It's worth noting that Android hasn't always led in user loyalty as it does now. CIRP has been tracking these metrics for years, and things used to be the other way around.

China's Alibaba is Investing Huge Sums in AI Research and Resources -- and It Is Building Tools To Challenge Google and Amazon ( 30

Alibaba is already using AI and machine learning to optimize its supply chain, personalize recommendations, and build products like Tmall Genie, a home device similar to the Amazon Echo. China's two other tech supergiants, Tencent and Baidu, are likewise pouring money into AI research. The government plans to build an AI industry worth around $150 billion by 2030 and has called on the country's researchers to dominate the field by then. But Alibaba's ambition is to be the leader in providing cloud-based AI. From a report: Like cloud storage (think Dropbox) or cloud computing (Amazon Web Services), cloud AI will make powerful resources cheaply and readily available to anyone with a computer and an internet connection, enabling new kinds of businesses to grow. The real race in AI between China and the US, then, will be one between the two countries' big cloud companies, which will vie to be the provider of choice for companies and cities that want to make use of AI. And if Alibaba is anything to go by, China's tech giants are ready to compete with Google, Amazon, IBM, and Microsoft to serve up AI on tap. Which company dominates this industry will have a huge say in how AI evolves and how it is used.

[...] There have been other glimpses of Alibaba's progress in AI lately. Last month a research team at the company released an AI program capable of reading a piece of text, and answering simple questions about that text, more accurately than anything ever built before. The text was in English, not Chinese, because the program was trained on the Stanford Question Answering Dataset (SQuAD), a benchmark used to test computerized question-and-answer systems. [...] One advantage China's tech companies have over their Western counterparts is the government's commitment to AI. Smart cities that use the kind of technology found in Shanghai's metro kiosks are likely to be in the country's future. One of Alibaba's cloud AI tools is a suite called City Brain, designed for tasks like managing traffic data and analyzing footage from city video cameras.


Intel Launches Mainstream Optane SSD 800P Series Based On 3D Xpoint Memory ( 36

MojoKid writes: Intel just launched a new family of consumer-targeted Optane solid state drives today, dubbed the Intel Optane SSD 800P. Unlike Intel Optane Memory sticks, which accelerate hybrid storage configurations with hard drives through intelligent data caching, or Intel's flagship Optane SSD 900P that's aimed squarely at hardcore enthusiasts with big budgets, these M.2 form factor Intel Optane 800P SSDs target the meat of the mobile and desktop markets, with higher capacities than Optane Memory but more affordable pricing than the 900P. In the benchmarks, the Optane SSD 800P series drives offered a mixed-bag of performance, with sequential transfers that top out at about 1.4GB/s, but with small file transfers, 4K random and mixed workloads, latency, and overall QoS looking strong. Intel will initially be offering two drives in the Optane SSD 800P series, with M.2 80mm 58GB and 118GB models. Suggested pricing for the drives is $129 for the 58GB capacity and $199 for the 118GB drive.

Thieves Steal 600 Powerful Bitcoin-Mining Computers In Iceland ( 88

The Associated Press reports of a Bitcoin heist in Iceland where thieves stole some 600 computers used to "mine" bitcoin and other virtual currencies. "Some 11 people were arrested, including a security guard, in what Icelandic media have dubbed the 'Big Bitcoin Heist,'" reports the Associated Press. From the report: The powerful computers, which have not yet been found, are worth almost $2 million. But if the stolen equipment is used for its original purpose -- to create new bitcoins -- the thieves could turn a massive profit in an untraceable currency without ever selling the items. Three of four burglaries took place in December and a fourth took place in January, but authorities did not make the news public earlier in hopes of tracking down the thieves. Police tracking the stolen computers are monitoring electric consumption across the country in hopes the thieves will show their hand, according to an industry source who spoke on condition of anonymity because he is not allowed to speak to the media. Unusually high energy usage might reveal the whereabouts of the illegal bitcoin mine. Authorities this week called on local internet providers, electricians and storage space units to report any unusual requests for power.

23,000 HTTPS Certs Axed After CEO Emails Private Keys ( 72

An anonymous reader quotes Ars Technica: A major dust-up on an Internet discussion forum is touching off troubling questions about the security of some browser-trusted HTTPS certificates when it revealed the CEO of a certificate reseller emailed a partner the sensitive private keys for 23,000 TLS certificates. The email was sent on Tuesday by the CEO of Trustico, a UK-based reseller of TLS certificates issued by the browser-trusted certificate authorities Comodo and, until recently, Symantec...

In communications earlier this month, Trustico notified DigiCert that 50,000 Symantec-issued certificates Trustico had resold should be mass revoked because of security concerns. When Jeremy Rowley, an executive vice president at DigiCert, asked for proof the certificates were compromised, the Trustico CEO emailed the private keys of 23,000 certificates, according to an account posted to a Mozilla security policy forum. The report produced a collective gasp among many security practitioners who said it demonstrated a shockingly cavalier treatment of the digital certificates that form one of the most basic foundations of website security... In a statement, Trustico officials said the keys were recovered from "cold storage," a term that typically refers to offline storage systems. "Trustico allows customers to generate a Certificate Signing Request and Private Key during the ordering process," the statement read. "These Private Keys are stored in cold storage, for the purpose of revocation."

"There's no indication the email was encrypted," reports Ars Technica, and the next day DigiCert sent emails to Trustico's 23,000+ customers warning that their certificates were being revoked, according to Bleeping Computer.

In a related development, Thursday Trustico's web site went offline, "shortly after a website security expert disclosed a critical vulnerability on Twitter that appeared to make it possible for outsiders to run malicious code on Trustico servers."

Sega Cancels Yakuza 6 Song of Life Free Demo After Gamers Unlocked Full Game ( 43

Sega pulled the highly anticipated "Yakuza 6: The Song of Life" demo this week from the PlayStation Store after discovering some players had inadvertently gained access to the full game using the demo. From a report: This discovery came only hours after the demo was initially released for PlayStation 4. The Japanese video game company tweeted, "We are as upset as you are, and had hoped to have this demo available for everyone today. We discovered that some were able to use the demo to unlock the full game." [...] When the demo was initially released it required more than 36 GB of storage, to the surprise of many video game critics. Kotaku, an online entertainment publication, suggests that the demo was so large because it actually contained the entire game, but was supposed to restrict everything beyond the first few stages of the game.

Supreme Court Wrestles With Microsoft Data Privacy Fight ( 163

Supreme Court justices on Tuesday wrestled with Microsoft's dispute with the U.S. Justice Department over whether prosecutors can force technology companies to hand over data stored overseas, with some signaling support for the government and others urging Congress to pass a law to resolve the issue. From a report: Chief Justice John Roberts and Justice Samuel Alito, both conservatives, hinted during an hour-long argument in the case at support for the Justice Department's stance that because Microsoft is based in the United States it was obligated to turn over data sought by prosecutors in a U.S. warrant. As the nine justices grappled with the technological complexities of email data storage, liberals Ruth Bader Ginsburg and Sonia Sotomayor questioned whether the court needed to act in the data privacy case in light of Congress now considering bipartisan legislation that would resolve the legal issue. A ruling is due by the end of June.

Relying on Renewables Alone Significantly Inflates the Cost of Overhauling Energy ( 248

A growing number of US cities and states have proposed or even passed legislation that would require producing all electricity from renewable energy sources like solar and wind within a few decades. That might sound like a great idea. But a growing body of evidence shows it's not. From a report: It increasingly appears that insisting on 100 percent renewable sources -- and disdaining others that don't produce greenhouse gases, such as nuclear power and fossil-fuel plants with carbon-capture technology -- is wastefully expensive and needlessly difficult. In the latest piece of evidence, a study published in Energy & Environmental Science determined that solar and wind energy alone could reliably meet about 80 percent of recent US annual electricity demand, but massive investments in energy storage and transmission would be needed to avoid major blackouts. Pushing to meet 100 percent of demand with these resources would require building a huge number of additional wind and solar farms -- or expanding electricity storage to an extent that would be prohibitively expensive at current prices. Or some of both.

Apple Confirms It Uses Google's Cloud For iCloud Services ( 46

An anonymous reader quotes a report from CNBC: A file that Apple updated on its website last month provides the first acknowledgment that it's relying on Google's public cloud for data storage for its iCloud services. The disclosure is fresh evidence that Google's cloud has been picking up usage as it looks to catch up with Amazon and Microsoft in the cloud infrastructure business. Some media outlets reported on Google's iCloud win in 2016, but Apple never provided confirmation. Apple periodically publishes new versions of a PDF called the iOS Security Guide. For years the document contained language indicating that iCloud services were relying on remote data storage systems from Amazon Web Services, as well as Microsoft's Azure. But in the latest version, the Microsoft Azure reference is gone, and in its place is Google Cloud Platform. Before the January update, Apple most recently updated the iOS Security Guide in March. The latest update doesn't indicate whether Apple is using any Google cloud services other than core storage of "objects" like photos and videos. The document also doesn't make it clear when Apple started storing data in Google's cloud.

Samsung Announces the Galaxy S9 With a Dual Aperture Camera, AR Emojis ( 137

Samsung has taken the wraps off of its latest flagship, the Galaxy S9, at Mobile World Congress in Barcelona, Spain. The S9 features a familiar body with an upgraded camera, relocated fingerprint scanner, and newer processor. As usual, there are two versions: the Galaxy S9 and Galaxy S9+. Ars Technica reports: The S9 is one of the first phones announced with the new 2.8Ghz Snapdragon 845 SoC in the US, while the international version will most likely get an Exynos 9810. Qualcomm is promising a 25-percent faster CPU and 30-percent faster graphics compared to the Snapdragon 835. The rest of the base S9 specs look a lot like last year, with 4GB of RAM, 64GB of storage, a 3000mah battery, and a 5.8-inch 2960x1440 OLED display. The S9+ gets the usual bigger screen (6.2 inches @ 2960x1440) and bigger battery (3500mAh), but one improvement over last year is a RAM bump to 6GB. Neither RAM option is really outstanding for a phone this expensive, considering the much cheaper OnePlus 5T will give you 6GB and 8GB options for RAM at a much lower price. Both S9 models have headphone jacks, MicroSD slots, a new stereo speaker setup (one bottom firing, one doubles as the earpiece), IP68 dust and water resistance, wireless charging, and ship with Android 8.0 Oreo.

Both the Galaxy S9 versions are getting a main camera with two aperture settings. Just like a real camera, the Galaxy S9 has a set of (very tiny) aperture blades that can move to change the amount of incoming light. On the S9 they're limited to two different positions, resulting in f/1.5 and f/2.4 apertures. In low light the aperture can open up to f/1.5 to collect as much light as possible, while in normal or bright light it can switch to f/2.4 for a wider depth of field. Samsung is also answering Apple's Animojis with "AR Emoji." They work just like Apple's Animoji: using the front sensors to perform a primitive version of motion capture, the phone syncs up a character's facial expressions to your facial expressions.
The Galaxy S9 clocks in at $719.99 and the S9+ is going for $839.99. In the U.S., preorders start March 2 at all four major carriers, and the phones ship out on March 16.

Tesla Deploys Over 300 Powerwalls To Give Hawaiian School Kids AC ( 147

Fred Lambert reports via Electrek: As part of a state initiative, Tesla deployed over 300 Powerwalls in schools to cool down hot classrooms in Hawaii. Hawaii has a problem with hot temperatures in public classrooms that is affecting students negatively. The problem was so significant that the Hawaii State Department of Education had to intervene. They put together a $100 million fund, which has already helped cool down 1,190 classrooms to date, with contracts set for more than 1,300 classrooms, according to The Garden Island. In order to roll out the program without significantly increasing energy costs for public schools, they partnered with Tesla to pair Powerwalls with solar power to reduce the impact of running the air conditioners in classrooms across the state. It also resulted in an interesting learning opportunity about renewable energy and energy storage for students.
Data Storage

Putting Civilization in a Box For Space Means Choosing Our Legacy ( 92

When SpaceX's record-breaking Falcon Heavy rocket made its first test launch in early February , the craft didn't just hurl Elon Musk's shiny red roadster and spacesuit-clad mannequin to space. It had another, smaller payload, which at first glance seems much less impressive: a 1-inch-wide (2.5 centimeters) quartz disc with Isaac Asimov's "Foundation" trilogy encoded in laser-etched gratings . From a report: The famous science fiction series is only the beginning of the discs' planned contents. At a time when traditional hard drives are just breaking into the terabyte range, the quartz medium can hold up to 360 terabytes per disc. It also boasts a life span of 14 billion years. That's longer than the current age of the universe. This disc was symbolic; future devices will contain much more, and more useful, information. But the technology speaks to grander issues that humanity is now pondering: becoming a multiplanetary civilization, storing information for thousands or millions of years, and contacting and communicating with other intelligences (alien and Earthling).

So how should we record our knowledge and experiences for posterity? How should we ensure that this information is understandable to civilizations that may be quite different from our own? And, most importantly, what should we say? Humans have faced challenges like these before. Ancient civilizations built monuments like the pyramids and left artifacts and writing, sometimes deliberately. Later researchers have used this material to try to piece together ancient worldviews. However, in the modern era, we've set our sights much further: from centuries to millennia, from one planet to interstellar space, and from one species to many.

Slashdot Top Deals