Crime

Apple Is Served A Search Warrant To Unlock Texas Church Gunman's iPhone (nydailynews.com) 370

An anonymous reader quotes the New York Daily News: Authorities in Texas served Apple with a search warrant in order to gain access to the Sutherland Springs church shooter's cellphone files. Texas Ranger Kevin Wright obtained the warrant last week, according to San Antonio Express-News.

Investigators are hoping to gain access to gunman Devin Patrick Kelley's digital photos, messages, calls, videos, social media passwords, address book and data since January 2016. Authorities also want to know what files Kelley stored in his iCloud account.

Fast Company writes that "it's very likely that Apple will give the Rangers the same answer it gave the FBI in 2016 (in effect, hell no!)... That may be why, in the Texas case, the FBI and the Rangers didn't even bother calling Apple, but rather went straight to court."
Businesses

The Brutal Fight To Mine Your Data and Sell It To Your Boss (bloomberg.com) 75

An anonymous reader shares a report from Bloomberg, explaining how Silicon Valley makes billions of dollars peddling personal information, supported by an ecosystem of bit players. Editor Drake Bennett highlights the battle between an upstart called HiQ and LinkedIn, who are fighting for your lucrative professional identity. Here's an excerpt from the report: A small number of the world's most valuable companies collect, control, parse, and sell billions of dollars' worth of personal information voluntarily surrendered by their users. Google, Facebook, Amazon, and Microsoft -- which bought LinkedIn for $26.2 billion in 2016 -- have in turn spawned dependent economies consisting of advertising and marketing companies, designers, consultants, and app developers. Some operate on the tech giants' platforms; some customize special digital tools; some help people attract more friends and likes and followers. Some, including HiQ, feed off the torrents of information that social networks produce, using software bots to scrape data from profiles. The services of the smaller companies can augment the offerings of the bigger ones, but the power dynamic is deeply asymmetrical, reminiscent of pilot fish picking food from between the teeth of sharks. The terms of that relationship are set by technology, economics, and the vagaries of consumer choice, but also by the law. LinkedIn's May 23 letter to HiQ wasn't the first time the company had taken legal action to prevent the perceived hijacking of its data, and Facebook and Craigslist, among others, have brought similar actions. But even more than its predecessors, this case, because of who's involved and how it's unfolded, has spoken to the thorniest issues surrounding speech and competition on the internet.
Linux

Linux 4.14 Has Been Released (kernelnewbies.org) 89

diegocg quotes Kernel Newbies: Linux 4.11 has been released. This release adds support for bigger memory limits in x86 hardware (128PiB of virtual address space, 4PiB of physical address space); support for AMD Secure Memory Encryption; a new unwinder that provides better kernel traces and a smaller kernel size; support for the zstd compression algorithm has been added to Btrfs and Squashfs; support for zero-copy of data from user memory to sockets; support for Heterogeneous Memory Management that will be needed in future GPUs; better cpufreq behaviour in some corner cases; faster TBL flushing by using the PCID instruction; asynchronous non-blocking buffered reads; and many new drivers and other improvements.
Phoronix has more on the changes in Linux 4.14 -- and notes that its codename is still "Fearless Coyote."
Encryption

iPhone Encryption Hampers Investigation of Texas Shooter, Says FBI (chron.com) 240

"FBI officials said Tuesday they have been stymied in their efforts to unlock the cellphone of the man who shot and killed at least 26 people at a church here on Sunday," reports the Houston Chronicle. Slashdot reader Anon E. Muss writes: The police obtained a search warrant for the phone, but so far they've been unable to unlock it. The phone has been sent to the FBI, in the hope that they can break in... If it is secure, and the FBI can't open it, expect all hell to break loose. The usual idiots (e.g. politicians) will soon be ranting hysterically about the evil tech industry, and how they're refusing to help law enforcement.
FBI special agent Christopher Combs complained to the Chronicle that "law enforcement increasingly cannot get in to these phones."

A law professor at the Georgia Institute of Technology argues there's other sources of information besides a phone, and police officers might recognize this with better training. As just one example, Apple says the FBI could've simply just used the dead shooter's fingerprint to open his iPhone. But after 48 hours, the iPhone's fingerprint ID stops working.
Classic Games (Games)

Text Adventure Competition Reports A 36% Spike In Entries (ifcomp.org) 21

There's just four days left to vote for the winner of the 23rd Annual Interactive Fiction Competition. An anonymous reader writes: This year's contest set a record, drawing 79 new text adventures -- 36% more entries than the previous year's 58. All of this year's games are available online, furthering the competition's goal of "making them freely available in order to encourage the creation, play, and discussion of interactive fiction." (And they're also available in a 236-megabyte .zip archive.)

Each game's developer is competing for $4,800 in cash prizes, to be shared among everyone who finishes in the top two-thirds (including a $247 prize to the first-place winner). Authors of the top-rated games will also get to choose from a 38-prize pool (which includes another $200 cash prize donated by Asymmetric Publications, as well as a "well-loved" used Wii console). But the most important thing is there's a bunch of fun new text adventures to play. Reviews are already appearing online, lovingly collected by the Interactive Fiction Wiki. And one game designer even livestreamed their text adventure-playing on Twitch.

Social Networks

9.6% of Facebook's Users 'May Be Fakes' (nytimes.com) 96

An anonymous reader quotes the New York Times: Facebook estimates that about 200 million of its more than 2.07 billion users may be fakes... [Non-paywalled article here.] Colin Stretch, the general counsel of Facebook, told the Senate Intelligence Committee the company was doubling its review staff to 20,000 and using artificial intelligence to find more "bad actors"... Sean Edgett, Twitter's general counsel, testified before Congress that about 5 percent of its 330 million users are "false accounts or spam," which would add up to more than 16 million fakes.

Independent experts say the real numbers are far higher. On Twitter, little more than an email address is needed to start tweeting. Facebook's requirement that users be their authentic selves means the company asks for a smattering of information to sign up -- name, birthday, gender and email address. But few checks exist to verify if that information is true when a user signs up.

Programming

Perl is the Most Hated Programming Language, Developers Say (theregister.co.uk) 472

Thomas Claburn, writing for The Register: Developers really dislike Perl, and projects associated with Microsoft, at least among those who volunteer their views through Stack Overflow. The community coding site offers programmers a way to document their technical affinities on their developer story profile pages. Included therein is an input box for tech they'd prefer to avoid. For developers who have chosen to provide testaments of loathing, Perl tops the list of disliked programming languages, followed by Delphi and VBA. The yardstick here consists of the ratio of "likes" and "dislikes" listed in developer story profiles; to merit chart position, the topic or tag in question had to show up in at least 2,000 stories. Further down the down the list of unloved programming language comes PHP, Objective-C, CoffeeScript, and Ruby. In a blog post seen by The Register ahead of its publication today, Stack Overflow data scientist David Robinson said usually there's a relationship between how fast a particular tag is growing and how often it's disliked. "Almost everything disliked by more than 3 per cent of Stories mentioning it is shrinking in Stack Overflow traffic (except for the quite polarizing VBA, which is steady or slightly growing)," said Robinson. "And the least-disliked tags -- R, Rust, TypeScript and Kotlin -- are all among the fast-growing tags (TypeScript and Kotlin growing so quickly they had to be truncated in the plot)."
Programming

Why Do Web Developers Keep Making The Same Mistakes? (hpe.com) 335

An anonymous reader quotes HPE Insights: Software developers and testers must be sick of hearing security nuts rant, "Beware SQL injection! Monitor for cross-site scripting! Watch for hijacked session credentials!" I suspect the developers tune us out... The industry has generated newer tools, better testing suites, Agile methodologies, and other advances in writing and testing software. Despite all that, coders keep making the same dumb mistakes, peer reviews keep missing those mistakes, test tools fail to catch those mistakes, and hackers keep finding ways to exploit those mistakes. One way to see the repeat offenders is to look at the Open Web Application Security Project Top 10, a sometimes controversial ranking of the 10 primary vulnerabilities, published every three or four years by the Open Web Application Security Project... It boggles the mind that a majority of top 10 issues appear across the 2007, 2010, 2013, and draft 2017 OWASP lists...

It's sad that eight out of 10 of the issues from 2013 are still top security issues in 2017. In fact, if you consider that the draft 2017 list combined two of the 2013 items, it's actually nine out of 10. Ouch... What can you do? Train everyone better, for starters. Look at coding and test tools that can help detect or prevent security vulnerabilities, but don't consider them silver bullets. Do dynamic application security testing, including penetration testing and fuzz testing. Ensure admins do their part to protect applications. And finally, make sure you establish a culture of security-aware programming and deployment.

Medicine

Scientists Find a Better Way To Wash Pesticides Off Your Apples (cnet.com) 138

According to a new study, the best way to reduce pesticides from your supermarket apple is to use a baking soda solution. The discovery was made by a team of scientists from the University of Massachusetts at Amherst. They compared the effectiveness of plain tap water, a commercial bleach solution and a baking soda/water mix in removing pesticides from apples. CNET reports: The scientists started with organic Gala apples and applied the fungicide thiabendazole and the insecticide phosmet before testing the different washing liquids. "The baking soda solution was the most effective at reducing pesticide," a release on the study notes. "After 12 and 15 minutes, 80 percent of the thiabendazole was removed, and 96 percent of the phosmet was removed, respectively." The researchers say the industry-standard approach of washing fruit in a bleach solution for two minutes after harvest is not an effective way to completely remove pesticides. They also found the fungicide thiabendazole penetrated into the apple peel much more than the insecticide. Apple lovers would need to remove the peel to also get rid of the pesticide that wasn't washed off with the baking soda solution. The researchers published the findings this week in the American Chemical Society's Journal of Agricultural and Food Chemistry.
Open Source

Oracle Engineer Talks of ZFS File System Possibly Still Being Upstreamed On Linux (phoronix.com) 131

New submitter fstack writes: Senior software architect Mark Maybee who has been working at Oracle/Sun since '98 says maybe we "could" still see ZFS be a first-class upstream Linux file-system. He spoke at the annual OpenZFS Developer Summit about how Oracle's focus has shifted to the cloud and how they have reduced investment in Solaris. He admits that Linux rules the cloud. Among the Oracle engineer's hopes is that ZFS needs to become a "first class citizen in Linux," and to do so Oracle should port their ZFS code to Oracle Linux and then upstream the file-system to the Linux kernel, which would involve relicensing the ZFS code.
DRM

Denuvo's DRM Now Being Cracked Within Hours of Release (arstechnica.com) 113

Denuvo, an anti-tamper technology and digital rights management scheme, isn't doing a very good job preventing PC games from being copied. According to Ars Technica, Denuvo releases are being publicly cracked within a day of their launch. From the report: This week's release of South Park: The Fractured but Whole is the latest to see its protections broken less than 24 hours after its release, but it's not alone. Middle Earth: Shadow of War was broken within a day last week, and last month saw cracks for Total War: Warhammer 2 and FIFA 18 the very same day as their public release. Then there's The Evil Within 2, which reportedly used Denuvo in prerelease review copies but then launched without that protection last week, effectively ceding the game to immediate potential piracy. Those nearly instant Denuvo cracks follow summer releases like Sonic Mania, Tekken 7, and Prey, all of which saw DRM protection cracked within four to nine days of release. But even that small difference in the "uncracked" protection window can be important for game publishers, who usually see a large proportion of their legitimate sales in those first few days of availability. The presence of an easy-to-find cracked version in that launch window (or lack thereof) could have a significant effect on the initial sales momentum for a big release. If Denuvo can no longer provide even a single full day of protection from cracks, though, that protection is going to look a lot less valuable to publishers.
Businesses

New Law Bans California Employers From Asking Applicants Their Prior Salary (sfgate.com) 374

An anonymous reader shares a report: California employers can no longer ask job applicants about their prior salary and -- if applicants ask -- must give them a pay range for the job they are seeking, under a new state law that takes effect Jan. 1. AB168, signed Thursday by Gov. Jerry Brown, applies to all public- and private-sector California employers of any size. The goal is to narrow the gender wage gap. If a woman is paid less than a man doing the same job and a new employer bases her pay on her prior salary, gender discrimination can be perpetuated, the bill's backers say. Last year, the state passed a weaker law that said prior compensation, by itself, cannot justify any disparity in compensation. The new bill goes further by prohibiting employers, "orally or in writing, personally or through an agent," from asking about an applicant's previous pay. However, if the applicant "voluntarily and without prompting" provides this information, the employer may use it "in determining the salary for that applicant."
Television

Cord-Cutters Drive Cable TV Subscribers to a 17-Year Low (houstonchronicle.com) 201

An anonymous reader quotes the Washington Post: On Wednesday, AT&T told regulators that it expects to finish the quarter with about 90,000 fewer TV subscribers than it began with. AT&T blamed a number of issues, including hurricane damage to infrastructure, rising credit standards and competition from rivals. The report also shows AT&T lost more traditional TV customers than it gained back through its online video app, DirecTV Now. And analysts are suggesting that that's evidence that cord-cutting is the main culprit... "DirecTV, like all of its cable peers, is suffering from the ravages of cord-cutting," said industry analyst Craig Moffett in a research note this week. Moffett added that while nobody expected AT&T's pay-TV numbers to look good, hardly anyone could have predicted they would look "this bad."

The outlook doesn't look much healthier for the rest of the television industry. Over the past year, cable and satellite firms have collectively lost nearly 3 million customers, according to estimates by market analysts at SNL Kagan and New Street Research. The number of households with traditional TV service is hovering at about the level it was in 2000, according to New Street's Jonathan Chaplin, in a study last week. Other analysts predict that, after factoring in AT&T's newly disclosed losses, the industry will have lost 1 million traditional TV subscribers by the end of this quarter.

KDE

KDE Plasma 5.11 Released (kde.org) 62

jrepin writes: KDE publishes this autumn's Plasma feature release, KDE Plasma 5.11. Plasma 5.11 desktop environment brings a redesigned settings app, improved notifications, a more powerful task manager. Plasma 5.11 is the first release to contain the new "Vault," a system to allow the user to encrypt and open sets of documents in a secure and user-friendly way, making Plasma an excellent choice for people dealing with private and confidential information.
Microsoft

Microsoft Develops New Programming Language For Quantum Computers (cio-today.com) 120

Microsoft's newest programming language will run on yet-to-be developed quantum computers. An anonymous reader quotes CIO Today: Microsoft said its new quantum computing language, which has yet to be named, is "deeply integrated" into its Visual Basic development environment and does many of the things other standard programming languages do. However, it is specifically designed to allow programmers to create apps that will eventually run on true quantum computers... Like other companies, such as Google and IBM, Microsoft has been working for years to advance quantum computing research to the point where the technology becomes feasible rather than theoretical... Joining Satya Nadella on stage, Fields Medal-winning mathematician Michael Freedman added, "Microsoft's qubit will be based on a new form of matter called topological matter that also has this property that as the information stored in the matter is stored globally, you can't find the information in any particular place..." The programming language is expected to be available as a free preview by the end of the year and "also includes libraries and tutorials so developers can familiarize themselves with quantum computing," Microsoft said.
Crime

Cyberstalking Suspect Arrested After VPN Providers Shared Logs With the FBI (bleepingcomputer.com) 212

An anonymous reader writes: "VPN providers often advertise their products as a method of surfing the web anonymously, claiming they never store logs of user activity," writes Bleeping Computer, "but a recent criminal case shows that at least some do store user activity logs." According to the FBI, VPN providers played a key role in identifying an aggressive cyberstalker by providing detailed logs to authorities, even if they claimed in their privacy policies that they don't. The suspect is a 24-year-old man that hacked his roommate, published her private journal, made sexually explicit collages, sent threats to schools in the victim's name, and registered accounts on adult portals, sending men to the victim's house...
FBI agents also obtained Google records on their suspect, according to a 29-page affidavit which, ironically, includes the text of one of his tweets warning people that VPN providers do in fact keep activity logs. "If they can limit your connections or track bandwidth usage, they keep logs."
NASA

NASA Images of Puerto Rico Reveal How Maria Wiped Out Power On the Island (jalopnik.com) 180

An anonymous reader quotes a report from Jalopnik: Hurricane Maria was the most devastating hurricane to make land in Puerto Rico in nearly 100 years and the country is still reeling in its wake. Much of the island still doesn't have running water, reliable communication or electricity. Recently, NASA published a set of date-processed photos that show the island's nighttime lights both before and after the storm. Here, you can see images of the country's capital, San Juan, on a typical night before Maria. It's based on cloud-free and low moonlight conditions. Conversely, the following composite image is of data taken on the nights of Sept. 27 and 28 -- nearly a week after the storm hit -- by the Visible Infrared Imaging Radiometer Suite, a scanning radiometer that collects visible and infrared imagery of land, atmosphere, cryosphere and oceans, according to NASA's website.
Biotech

Should Zambia Allow The Testing of Genetically-Modified Mosquitoes? (nhregister.com) 133

More than 400,000 lives are lost every year to malaria, reports the New York Post. But Thursday Science published two new studies on promisings ways to fight malaria -- with genetic engineering. The first study focused on whether mosquitoes that have been genetically modified to be more resistant to the malaria-causing parasite would become weaker and less able to mate and breed... The study, led by mosquito vector biologist George Dimopoulos, found that one type of genetically modified mosquito not only bred well, but became more attractive to normal mosquitoes... Within one generation, the mosquito population was becoming 90 percent genetically modified... The results suggest the genetically modified mosquitoes would not just thrive but could possibly drive their genetic immunity to the malaria parasite into mosquito populations to which they are introduced.

The second study published Thursday uses genetic modification of bacteria found inside mosquitoes to fight malaria. Researchers genetically modified a type of bacteria, which caused it to secrete a substance inside the mosquitoes' gut that kills off the malaria-causing parasite before it can develop properly... the genetically modified versions of the bacteria automatically spread to offspring in generation after generation, the researchers found. The next step for both approaches -- the genetically modified mosquitoes and bacteria -- is to test if they work outside the lab in conditions simulating nature. Johns Hopkins has built a "mosquito house" research facility in Zambia designed specifically for such experiments... But the researchers must first convince the Zambian government to allow their genetically modified subjects into its borders.

Android

Linux LTS Kernels To Now Be Maintained For Six Years (phoronix.com) 79

An anonymous reader writes: In a bid to help Android smartphone vendors the Linux LTS (Long Term Support) kernels will now be maintained for a period of six years. The Linux LTS initiative backed by the Linux Foundation has supported annual LTS kernels for two years worth of updates, but that is being changed for Linux 4.4+ at the request of Google and their Project Treble. This means the Linux 4.4 LTS kernel will be maintained through 2022 and the upcoming Linux 4.14 LTS through 2023 for security/bug fixes in order to last a complete "device lifecycle."
United States

Governments Turn Tables By Suing Public Records Requesters (apnews.com) 145

schwit1 quotes the AP: Government bodies are increasingly turning the tables on citizens who seek public records that might be embarrassing or legally sensitive. Instead of granting or denying their requests, a growing number of school districts, municipalities and state agencies have filed lawsuits against people making the requests -- taxpayers, government watchdogs and journalists who must then pursue the records in court at their own expense.

The lawsuits generally ask judges to rule that the records being sought do not have to be divulged. They name the requesters as defendants but do not seek damage awards. Still, the recent trend has alarmed freedom-of-information advocates, who say it's becoming a new way for governments to hide information, delay disclosure and intimidate critics. "This practice essentially says to a records requester, 'File a request at your peril,'" said University of Kansas journalism professor Jonathan Peters, who wrote about the issue for the Columbia Journalism Review in 2015, before several more cases were filed. "These lawsuits are an absurd practice and noxious to open government."

Slashdot Top Deals