Science

Einstein's 'Spooky Action' Has Been Demonstrated On a Massive Scale For the First Time (sciencealert.com) 57

schwit1 shares a report from ScienceAlert: For the first time, scientists have managed to show quantum entanglement -- which Einstein famously described as "spooky action at a distance" -- happening between macroscopic objects, a major step forward in our understanding of quantum physics. Quantum entanglement links particles in a way that they instantly affect each other, even over vast distances. On the surface, this powerful bond defies classical physics and, generally, our understanding of reality, which is why Einstein found it so spooky. But the phenomenon has since become a cornerstone of modern technology. Still, up until now quantum entanglement has only been demonstrated to work at the smallest of scales, in systems based on light and atoms, for example. Any attempt to increase the sizes has caused problems with stability, with the slightest of environmental disturbances breaking the connection. But new research changes all of this, by demonstrating that this "spooky action" can indeed be a reality between massive objects. We're not talking massive in the black hole sense but in the macroscopic sense -- two 15-micrometer-wide vibrating drum heads. And the next step will be to test whether those vibrations are being teleported between the two objects. The research has been published in the journal Nature.
Google

Slashdot Asks: How Do You Like the New Gmail UI? (vortex.com) 125

Earlier today, Google pushed out the biggest revamp of Gmail in years. In addition to a new material design look, there are quick links to other Google services, such as Calendar, Tasks, and Keep, as well as a new "confidential mode" designed to protect users against certain attacks by having the email(s) automatically expire at a time of the sender's choosing. Long-time Slashdot reader Lauren Weinstein shares their initial impressions of Google's new Gmail UI: Google launched general access to their first significant Gmail user interface (UI) redesign in many years today. It's rolling out gradually -- when it hits your account you'll see a "Try the new Gmail" choice under the settings ("gear") icon on the upper right of the page (you can also revert to the "classic" interface for now, via the same menu). But you probably won't need to revert. Google clearly didn't want to screw up Gmail, and my initial impression is that they've succeeded by avoiding radical changes in the UI. I'll bet that some casual Gmail users might not even immediately notice the differences.

The new Gmail UI is what we could call a "minimally disruptive" redesign of the now "classic" version. The overall design is not altered in major respects. So far I haven't found any notable missing features, options, or settings. My impression is that the back end systems serving Gmail are largely unchanged. Additionally, there are a number of new features (some of which are familiar in design from Google's "Inbox" email interface) that are now surfaced for the new Gmail. Crucially, overall readability and usability (including contrast, font choices, UI selection elements, etc.) seem so close to classic Gmail (at least in my limited testing so far) as to make any differences essentially inconsequential. And it's still possible to select a dark theme from settings if you wish, which results in even higher contrast.
Have you tried the new Gmail? If so, how do you like the new interface?
Bitcoin

Bezop Cryptocurrency Server Exposes Personal Info of 25,000 Investors (threatpost.com) 27

lod123 shares a report from Threatpost: A leaky Mongo database exposed personal information, including scanned passports and driver's licenses, of 25,000 investors and potential investors tied to the Bezop cryptocurrency, according to researchers. Kromtech Security said that it found the unprotected data on March 30, adding that it included a treasure-trove of information ranging from "full names, (street) addresses, email addresses, encrypted passwords, wallet information, along with links to scanned passports, driver's licenses and other IDs," according to the researchers. Kromtech researchers, in their overview of the results of its investigation, said that Bezop.io, the organization behind the currency, immediately secured the data after being notified. Bezop is one of over 1,000 cryptocurrencies in a crowded playing field vying for investor attention. According to Kromtech, the list of 25,000 people included both current and prospective investors promised Bezop cryptocurrency in exchange for promoting the cryptocurrency on social media.
Businesses

Appliance Companies Are Lobbying To Protect Their DRM-Fueled Repair Monopolies (vice.com) 134

Electronics companies Dyson, LG, and Wahl are fighting right-to-repair legislation, Motherboard reported Wednesday, citing letters it has obtained. From a report: The manufacturers of your appliances do not want you to be able to fix them yourself. Last week, at least three major appliance manufacturers -- Dyson, LG, and Wahl -- sent letters to Illinois lawmakers opposing "fair repair" legislation in that state. The letters were written with the help of a trade group called the Association of Home Appliance Manufacturers (AHAM). All three letters are similar but include slightly different wording and examples in parts. The letters ask lawmakers to "withdraw" a bill that would protect and expand the ability for consumers and independent repair professionals to repair everything from iPhones to robot vacuums, electric shavers, toasters, and tractors. Here are links to the Wahl, Dyson, and LG letters.
The Internet

Mosaic, the First HTML Browser That Could Display Images Alongside Text, Turns 25 (wired.com) 132

NCSA Mosaic 1.0, the first web browser to achieve popularity among the general public, was released on April 22, 1993. It was developed by a team of students at the University of Illinois' National Center for Supercomputing Applications (NCSA), and had the ability to display text and images inline, meaning you could put pictures and text on the same page together, in the same window. Wired reports: It was a radical step forward for the web, which was at that point, a rather dull experience. It took the boring "document" layout of your standard web page and transformed it into something much more visually exciting, like a magazine. And, wow, it was easy. If you wanted to go somewhere, you just clicked. Links were blue and underlined, easy to pick out. You could follow your own virtual trail of breadcrumbs backwards by clicking the big button up there in the corner. At the time of its release, NCSA Mosaic was free software, but it was available only on Unix. That made it common at universities and institutions, but not on Windows desktops in people's homes.

The NCSA team put out Windows and Mac versions in late 1993. They were also released under a noncommercial software license, meaning people at home could download it for free. The installer was very simple, making it easy for just about anyone to get up and running on the web. It was then that the excitement really began to spread. Mosaic made the web come to life with color and images, something that, for many people, finally provided the online experience they were missing. It made the web a pleasure to use.

Microsoft

Microsoft Ports Edge Anti-Phishing Technology To Google Chrome (bleepingcomputer.com) 75

An anonymous reader writes: Microsoft has released a Chrome extension named "Windows Defender Browser Protection" that ports Windows Defender's -- and inherently Edge's -- anti-phishing technology to Google Chrome. The extension works by showing bright red-colored pages whenever users are tricked into accessing malicious links. The warnings are eerily similar to the ones that Chrome natively shows via the Safe Browsing API, but are powered by Microsoft's database of malicious links —also known as the SmartScreen API.

Chrome users should be genuinely happy that they can now use both APIs for detecting phishing and malware-hosting URLs. The SmartScreen API isn't as known as Google's more famous Safe Browsing API, but works in the same way, and possibly even better. An NSS Labs benchmark revealed that Edge (with its SmartScreen API) caught 99 percent of all phishing URLs thrown at it during a test last year, while Chrome only detected 87 percent of the malicious links users accessed.

Operating Systems

ReactOS 0.4.8 Released (osnews.com) 60

jeditobe shares a report from OSNews: With software specifically leaving NT5 behind, ReactOS is expanding its target to support NT6+ (Vista, Windows 8, Windows 10) software. Colin, Giannis and Mark are creating the needed logic in NTDLL and LDR for this purpose. Giannis has finished the side-by-side support and the implicit activation context, Colin has changed Kernel32 to accept software made for NT6+, and Mark keeps working on the shim compatibility layer. Although in a really greenish and experimental state, the new additions in 0.4.8 should start helping several software pieces created for Vista and upwards to start working in ReactOS. Microsoft coined the term backwards compatibility, ReactOS the forward compatibility one. Slashdot reader jeditobe adds: "A new tool similar to DrWatson32 has been created by Mark and added to 0.4.8, so now any application crashing will create a log file on the desktop. This crash dump details the list of modules and threads loaded, stack traces, hexdumps, and register state."

The announcement, general notes, tests, and changelog for the release can be found at their respective links. A less technical community changelog for ReactOS 0.4.8 is also available.
Social Networks

Is It Time To Stop Using Social Media? (counterpunch.org) 291

Slashdot reader Nicola Hahn writes: Bulk data collection isn't the work of a couple of bad apples. Corporate social media is largely predicated on stockpiling and mining user information. As Zuckerberg explained to lawmakers, it's their business model...

While Zuckerberg has offered public apologias, spurring genuine regulation will probably be left to the public. Having said that, confronting an economic sector which makes up one of the country's largest political lobbying blocks might not be a tenable path in the short term.

The best immediate option for netizens may be to opt out of social media entirely.

The original submission links to this call-to-action from Counterpunch: Take personal responsibility for your own social life. Go back to engaging flesh and blood people without tech companies serving as an intermediary. Eschew the narcissistic impulse to broadcast the excruciating minutiae of your life to the world. Refuse to accept the mandate that you must participate in social media in order to participate in society. Reclaim your autonomy.
Firefox

Firefox 11.0 For iOS Arrives With Tracking Protection On By Default (venturebeat.com) 16

The new version of Firefox 11.0 for iOS turns on tracking protection by default, lets you reorder your tabs, and adds a handful of iPad-specific features. The latest version is currently available via Apple's App Store. VentureBeat details the new features: Tracking protection means Firefox blocks website elements (ads, analytics trackers, and social share buttons) that could track you while you're surfing the web. It's almost like a built-in ad blocker, though it's really closer to browser add-ons like Ghostery and Privacy Badger because ads that don't track you are allowed through. The feature's blocking list, which is based on the tracking protection rules laid out by the anti-tracking startup Disconnect, is published under the General Public License and available on GitHub. The feature is great for privacy, but it also improves performance. Content loads faster for many websites, which translates into less data usage and better battery life. If tracking protection doesn't work well on a given site, just turn it off there and Firefox for iOS should remember your preference.

Tracking protection aside, iOS users can now reorder their tabs. Organizing your tabs is very straightforward: Long-press the specific tab and drag it either left or right. iPad users have gained two new features, as well. You can now share URLs by just dragging and dropping links to and from Firefox with any other iOS app. If you're in side-by-side view, just drag the link or tab into the other app. Otherwise, bring up the doc or app switcher, drag the link into the other app until it pulses, release the link, and the other app will open the link. Lastly, iPad users have gained a few more keyboard shorts, including the standard navigation keys from the desktop. There's also cursor navigation through the bookmarks and history results, an escape key in the URL bar, and easier tab tray navigation (try using the keyboard shortcut Command + Option + Tab to get to and from the tabs view).

Mozilla

Firefox Follows Chrome and Blocks the Loading of Most FTP Resources (bleepingcomputer.com) 89

Mozilla says it will follow in the steps of Google Chrome and start blocking the loading of FTP subresources inside HTTP and HTTPS pages. From a report: By FTP subresources, we refer to files loaded via the FTP protocol inside img, script, or iframe tags that have a src="ftp://". FTP links placed inside normal angle bracket links or typed directly in the browser's address bar will continue to work. The reasoning is that FTP is an insecure protocol that doesn't support modern encryption techniques and will inherently break many other built-in browser security and privacy features, such as HSTS, CSP, XSA, or others. Furthermore, many malware distribution campaigns often rely on compromising FTP servers and redirecting or downloading malware on users' computers via FTP subresources. Mozilla engineers say FTP subresource blocking will ship with Firefox 61, currently scheduled for release on June 26.
Twitter

Two-Thirds of Tweeted Links Come From Bots, Report Says (cnet.com) 33

We already know bots have a significant presence on Twitter. But a report published Monday by the Pew Research Center suggests automated accounts are more prevalent than we may previously have thought. From a report: Pew estimates that two-thirds, or about 66 percent, of the links shared on Twitter come from bots rather than people. The research specifically focused on the 2,315 most popular websites and over 1 million tweets sent between July 27 and Sept. 11, 2017.
Windows

Is Microsoft Trying To Make Windows 10 Mail Worse? (venturebeat.com) 232

Emil Protalinski via VentureBeat argues that "Windows Mail is unusable, and instead of improving it, Microsoft is looking to drive users away": Microsoft started forcing Mail to use Edge for email links in Windows 10 build 17623 last month. This week, the company started including Office 365 ads right at the bottom of the app. But even these poor decisions are just extra nails in the coffin. Windows Mail has difficulty sending and receiving email. No, I'm not exaggerating for effect. If you have an email open and Windows Mail detects that a new email has hit your inbox, you'll get a notification. Standard stuff. If, however, you then click on said notification, Windows Mail will take you to the open email message, rather than the one that you just clicked on. That's half of the time. The other half of the time this happens, Windows Mail will crash altogether. Apparently having one email open and trying to open another one that just came in is overwhelming for Windows Mail. But that's not the end of it.

Windows Mail is also notorious for not sending emails. Multiple times a week, I open an email, hit reply, type out a quick message, hit send, and alt-tab back to Chrome or Word. Any normal email client will send the message despite the app not being the active window. With Windows Mail, countless times I have wondered why I never got heard back to a specific reply, only to discover hours later, and completely by accident, that the message is still a draft. It's not even sitting in my outbox -- it's just a fucking draft. I end up debating whether to send the email hours late, or if it doesn't make sense to send it anymore. That's not a decision I should have to make. There are of course small features I would like to see added to Windows Mail, like being able to set formatted signatures (as opposed to just plain text), but that's hardly a priority. Windows Mail is unusable, which means Windows 10 doesn't come with an email client. That's incredibly sad.

Communications

WhatsApp Public Groups Can Leave User Data Vulnerable To Scraping (venturebeat.com) 18

An anonymous reader writes: WhatsApp differentiates itself from parent company Facebook by touting its end-to-end encryption. "Some of your most personal moments are shared with WhatsApp," the company writes on its website, so "your messages, photos, videos, voice messages, documents, and calls are secured from falling into the wrong hands." But WhatsApp members may not be aware that when using the app's Group Chat feature, their data can be harvested by anyone in the group. What is worse, their mobile numbers can be used to identify and target them.

WhatsApp groups are designed to enable groups of up to 256 people to join a shared chat without having to go through a central administrator. Group originators can add contacts from their phones or create links enabling anyone to opt-in. These groups, which can be found through web searches, discuss topics as diverse as agriculture, politics, pornography, sports, and technology. Not all groups have links, but in those that do, anyone who finds the link can join the group. While all new joining members are announced to the group, they are not required to provide a name or otherwise identify themselves. This design could leave inattentive members open to targeting, as a new report from European researchers shows.
WhatsApp is used by more than 1.2 billion users worldwide.
Links

Google Is Shutting Down Its Goo.gl URL Shortening Service (engadget.com) 154

Google is replacing its URL shortener service, goo.gl, with Firebase Dynamic Links (FDL) as of April 13th. These new smart URLs will let you send people to any location within iOS, Android or web apps. Engadget reports: You won't be able to create new goo.gl short links after the 13th, but existing users can manage them via the goo.gl console for the next year. After that, all the links will still work, but you won't be able to access the console itself after March 30th, 2019. Google suggests creating FDLs from now on, or using other shortening services like Bitly and Ow.ly.
Facebook

Facebook Begins 'Fact-Checking' Photos, Videos (reuters.com) 123

Facebook said today that it had begun "fact-checking" photos and videos to reduce the hoaxes and false news stories that have plagued the world's largest social media network. Reuters reports: The fact-checking began on Wednesday in France with assistance from the news organization AFP and will soon expand to more countries and partners, Tessa Lyons, a product manager at Facebook, said in a briefing with reporters. Lyons did not say what criteria Facebook or AFP would use to evaluate photos and videos, or how much a photo could be edited or doctored before it is ruled fake. The project is part of "efforts to fight false news around elections," she said. Facebook has tried other ways to stem the spread of fake news. It has used third-party fact-checkers to identify them, and then given such stories less prominence in the Facebook News Feed when people share links to them.
Businesses

90 Percent of Affiliate Ads on YouTube and Pinterest Aren't Disclosed, Says Study (theverge.com) 39

A new research paper [PDF] from Princeton University has found that 90 percent of affiliate posts on YouTube and Pinterest aren't disclosed to users. From a report: Affiliate links are customized URLs that content publishers can include in their posts. They're essentially ads, and publishers receive money from companies when users click on them. In the US, the Federal Trade Commission (FTC) requires that content makers identify when they're being paid to post something, but despite that, influencers continue to skirt around disclosures. The FTC has previously sent out letters to influencers reminding them of the requirement to communicate paid relationships with brands to their followers. The paper from Princeton analyzed over 500,000 YouTube videos and 2.1 million unique pins on Pinterest. Of those, 0.67 percent, or 3,472 videos on YouTube, and 0.85 percent, or 18,237 pins, contained affiliate links.
Social Networks

One Percent of Reddit Users Cause 75 Percent of the Drama (theoutline.com) 183

Just 1 percent of all Reddit communities set off 74 percent of all conflicts on the site, a new research has found. The Outline: In the self-published research from Srijan Kumar, Jure Leskoec, William Hamilton, and Dan Jurafsky of Stanford University, "intercommunity conflict" is defined as "negative sentiment to comment in another community." These users wouldn't necessarily qualify as trolls or sockpuppets; they're instigators, posting links to other subreddits and encouraging other users to target, harass, and fight with users on that subreddit.
Bitcoin

Child Abuse Imagery Found Within Bitcoin's Blockchain (theguardian.com) 321

German researchers have discovered unknown persons are using bitcoin's blockchain to store and link to child abuse imagery, potentially putting the cryptocurrency in jeopardy. From a report: The blockchain is the open-source, distributed ledger that records every bitcoin transaction, but can also store small bits of non-financial data. This data is typically notes about the trade of bitcoin, recording what it was for or other metadata. But it can also be used to store links and files. Researchers from the RWTH Aachen University, Germany found that around 1,600 files were currently stored in bitcoin's blockchain. Of the files least eight were of sexual content, including one thought to be an image of child abuse and two that contain 274 links to child abuse content, 142 of which link to dark web services. "Our analysis shows that certain content, eg, illegal pornography, can render the mere possession of a blockchain illegal," the researchers wrote. "Although court rulings do not yet exist, legislative texts from countries such as Germany, the UK, or the USA suggest that illegal content such as [child abuse imagery] can make the blockchain illegal to possess for all users. This especially endangers the multi-billion dollar markets powering cryptocurrencies such as bitcoin."
Facebook

Are Google and Facebook Surveilling Their Own Employees? (theguardian.com) 106

The Guardian just ran an article titled " 'They'll squash you like a bug': how Silicon Valley keeps a lid on leakers," which begins with the story of an employee confronted by Facebook's secretive "rat-catching" team: They had records of a screenshot he'd taken, links he had clicked or hovered over, and they strongly indicated they had accessed chats between him and the journalist, dating back to before he joined the company. "It's horrifying how much they know," he told the Guardian, on the condition of anonymity... "You get on their bad side and all of a sudden you are face to face with Mark Zuckerberg's secret police"... One European Facebook content moderator signed a contract, seen by the Guardian, which granted the company the right to monitor and record his social media activities, including his personal Facebook account, as well as emails, phone calls and internet use. He also agreed to random personal searches of his belongings including bags, briefcases and car while on company premises. Refusal to allow such searches would be treated as gross misconduct...

Some employees switch their phones off or hide them out of fear that their location is being tracked. One current Facebook employee who recently spoke to Wired asked the reporter to turn off his phone so the company would have a harder time tracking if it had been near the phones of anyone from Facebook. Two security researchers confirmed that this would be technically simple for Facebook to do if both people had the Facebook app on their phone and location services switched on. Even if location services aren't switched on, Facebook can infer someone's location from wifi access points.

The article cites a 2012 report that Microsoft read a French blogger's Hotmail account to identify a former employee who had leaked trade secrets. And it also reports that tech companies hire external agencies to surveil their employees. "One such firm, Pinkerton, counts Google and Facebook among its clients." Though Facebook and Google both deny this, "Among other services, Pinkerton offers to send investigators to coffee shops or restaurants near a company's campus to eavesdrop on employees' conversations...

Al Gidari, consulting director of privacy at the Stanford Center for Internet and Society, says that these tools "are common, widespread, intrusive and legal."
Facebook

Did Cambridge Analytica Harvest 50 Million Facebook Profiles? (theguardian.com) 135

Slashdot reader umafuckit shared this article from The Guardian: The data analytics firm that worked with Donald Trump's election team and the winning Brexit campaign harvested millions of Facebook profiles of U.S. voters, in one of the tech giant's biggest ever data breaches, and used them to build a powerful software program to predict and influence choices at the ballot box... Christopher Wylie, who worked with a Cambridge University academic to obtain the data, told the Observer: "We exploited Facebook to harvest millions of people's profiles. And built models to exploit what we knew about them and target their inner demons. That was the basis the entire company was built on."

Documents seen by the Observer, and confirmed by a Facebook statement, show that by late 2015 the company had found out that information had been harvested on an unprecedented scale. However, at the time it failed to alert users and took only limited steps to recover and secure the private information of more than 50 million individuals... On Friday, four days after the Observer sought comment for this story, but more than two years after the data breach was first reported, Facebook announced that it was suspending Cambridge Analytica and Kogan from the platform, pending further information over misuse of data. Separately, Facebook's external lawyers warned the Observer on Friday it was making "false and defamatory" allegations, and reserved Facebook's legal position...

The evidence Wylie supplied to U.K. and U.S. authorities includes a letter from Facebook's own lawyers sent to him in August 2016, asking him to destroy any data he held that had been collected by GSR, the company set up by Kogan to harvest the profiles... Facebook did not pursue a response when the letter initially went unanswered for weeks because Wylie was travelling, nor did it follow up with forensic checks on his computers or storage, he said. "That to me was the most astonishing thing. They waited two years and did absolutely nothing to check that the data was deleted. All they asked me to do was tick a box on a form and post it back."

Wylie worked with Aleksandr Kogan, the creator of the "thisisyourdigitallife" app, "who has previously unreported links to a Russian university and took Russian grants for research," according to the article. Kogan "had a licence from Facebook to collect profile data, but it was for research purposes only. So when he hoovered up information for the commercial venture, he was violating the company's terms...

"At the time, more than 50 million profiles represented around a third of active North American Facebook users, and nearly a quarter of potential U.S. voters."

Slashdot Top Deals