Security

Europol Shuts Down World's Largest DDoS-for-Hire Service (bleepingcomputer.com)

In what is being seen as a major hit against cybercriminals, Europol, an international police operation, has taken down the world's biggest provider of potentially crippling Distributed Denial of Service attacks. From a report: Europol officials have shut down WebStresser, a website where users could register and launch DDoS attacks after paying for a monthly plan, with prices starting as low as $18.25. The website, considered the largest DDoS-for-hire service online, had over 136,000 users at the time it was shut down. Europol said it had been responsible for over 4 million DDoS attacks in recent years. Visitors to the web site will now see a notice stating that the site has been seized in conjunction with "Operation Power Off," which is the name of the multi-country operation that took down the site.
Microsoft

Microsoft Plans Version of Windows 10 For Devices With Limited Storage (engadget.com) 38

An anonymous reader shares a report: A smaller, more pared down version of Windows 10 was spotted in the latest Redstone 5 preview build. Microsoft is calling it Windows 10 Lean and it's 2GB smaller in size than standard editions of Windows 10 once installed. Missing from this version are the Registry Editor, Internet Explorer, wallpaper, Microsoft Management Console and drivers for CD and DVD drives, and Windows Central notes that the lighter Windows 10 might be designed to ensure tablets and laptops with little internal storage can install Windows 10 feature updates. Additionally, the Redstone 5 preview also features phone-related APIs that support functions like dialing, blocking withheld numbers, video calling, Bluetooth headset support and speakerphone mode, stoking those persistent Andromeda rumors.
Security

Hackers Built a 'Master Key' For Millions of Hotel Rooms (zdnet.com) 46

An anonymous reader writes: Security researchers have built a master key that exploits a design flaw in a popular and widely used hotel electronic lock system, allowing unfettered access to every room in the building. The electronic lock system, known as Vision by VingCard and built by Swedish lock manufacturer Assa Abloy, is used in more than 42,000 properties in 166 countries, amounting to millions of hotel rooms -- as well as garages and storage units. These electronic lock systems are commonplace in hotels, used by staff to provide granular controls over where a person can go in a hotel -- such as their room -- and even restricting the floor that the elevator stops at. And these keys can be wiped and reused when guests check-out.

It turns out these key cards aren't as secure as first thought. F-Secure's Tomi Tuominen and Timo Hirvonen, who carried out the work, said they could create a master key 'basically out of thin air.' Any key card will do. Even old and expired, or discarded keys retain enough residual data to be used in the attack. Using a handheld device running custom software, the researchers can steal data off of a key card -- either using wireless radio-frequency identification (RFID) or the magnetic stripe. That device then manipulates the stolen key data, which identifies the hotel, to produce an access token with the highest level of privileges, effectively serving as a master key to every room in the building.

Google

Gmail's Big Upgrade Featuring New Web App, Confidential Mode, Nudges, and Snooze Goes Live (venturebeat.com) 41

Google on Wednesday pushed out the biggest revamp of Gmail in years. The company is bringing to the flagship Gmail service many (but not all) of the features it trialed in Inbox for Gmail, and adding a few new ones, too. From a report: While the overhaul does usher in a new look to the Gmail web app, bringing it into the material design fold, this update is more about throwing new features into the mix than moving things around and causing confusion. G Suite -- Google's paid productivity service for businesses, which also includes Gmail -- appears to be the core focus of this update, however these features will also be made available to standard Gmail users. [...] Google is adamant that no person within the company will ever read your emails, but that doesn't mean your email content is protected from third-party infiltration. To address this, Gmail will soon offer users a dedicated "confidential mode" -- on the web and in its mobile apps -- that is designed to protect against two kinds of attacks. [...] In addition to privacy and security updates, Gmail on mobile and the web is getting a bunch of new features to help solve the perennial problem of email overload. One of those tools is "nudging," which leans on Google's AI smarts and automated processing, similar to how its spam filter works, to remind users to follow up on a message they've received.
Windows

E-Waste Innovator Will Go To Jail For Making Windows Restore Disks That Only Worked With Valid Licenses (gizmodo.com) 190

An anonymous reader quotes a report from The Washington Post: California man Eric Lundgren, an electronic waste entrepreneur who produced tens of thousands of Windows restore disks intended to extend the lifespan of aging computers, lost a federal appeals court case in Miami after it ruled "he had infringed Microsoft's products to the tune of $700,000," the Washington Post reported on Tuesday. Per the Post, the appeals court ruled Lundgren's original sentence of 15 months in prison and a $50,000 fine would stay, despite the software being freely available online and only compatible with valid Windows licenses: "The appeals court upheld a federal district judge's ruling that the disks made by Eric Lundgren to restore Microsoft operating systems had a value of $25 apiece, even though they could be downloaded free and could be used only on computers with a valid Microsoft license. The U.S. Court of Appeals for the 11th Circuit initially granted Lundgren an emergency stay of his prison sentence, shortly before he was to surrender, but then affirmed his original 15-month sentence and $50,000 fine without hearing oral argument in a ruling issued April 11." All told, the court valued 28,000 restore disks he produced at $700,000, despite testimony from software expert Glenn Weadock that they were worth essentially zero.
Space

Scientists Discover That Uranus Smells Like Rotten Eggs (space.com) 56

An anonymous reader writes: According to a study published in Nature Astronomy, scientists have determined that the atmosphere of Uranus smells like rotten eggs. The smell of Uranus was determined by the use of an Near-Infrared Integral Field Spectrometer (NIFS), an instrument that allows scientists to determine what an atmosphere is composed of based upon the reflections of sunlight that bounce off of it. Specifically, the clouds in Uranus' upper atmosphere consist of hydrogen sulfide, the molecule that makes rotten eggs so stinky. "If an unfortunate human were ever to descend through Uranus' clouds, they would be met with very unpleasant and odiferous conditions," study lead author Patrick Irwin, of Oxford University in England, said in a statement. But that wayward pioneer would have bigger problems, he added: "Suffocation and exposure in the negative 200 degrees Celsius [minus 328 degrees Fahrenheit] atmosphere, made of mostly hydrogen, helium, and methane, would take its toll long before the smell."
Space

Incredible New Gif Shows Cosmic 'Snow' On the Surface of a Comet (gizmodo.com) 73

Press2ToContinue shares a report from Gizmodo: What you're looking at is the surface of the comet 67p/Churyumov-Gerasimenko, which is orbited by the European Space Agency's Rosetta probe. The photo comes from Rosetta's OSIRIS, or Optical, Spectroscopic, and Infrared Remote Imaging System. The raw data was collected on June 1, 2016, and posted publicly on March 22 of this year. Twitter user landru79 processed the gif from this data release and shared it yesterday. In the foreground is the comet's surface (still several kilometers away from the probe), and three kinds of specks. The stars in the background belong to the constellation Canis Major, according to ESA senior advisor Mark McCaughrean. Some of the foreground stuff could be streaks from high-energy particles striking the cameraâ"it's a charge-coupled device (CCD), so even invisible particles can leave streaks in the results. And some could be dust from the comet itself.
Businesses

EPA Proposes Limits To Science Used In Rulemaking (reuters.com) 216

An anonymous reader quotes a report from Reuters: The U.S. Environmental Protection Agency proposed a rule on Tuesday that would limit the kinds of scientific research it can use in crafting regulations, an apparent concession to big business that has long requested such restrictions. Under the new proposals, the EPA will no longer be able to rely on scientific research that is underpinned by confidential medical and industry data. The measure was billed by EPA Administrator Scott Pruitt as a way to boost transparency for the benefit of the industries his agency regulates. But scientists and former EPA officials worry it will hamstring the agency's ability to protect public health by putting key data off limits.

The EPA has for decades relied on scientific research that is rooted in confidential medical and industry data as a basis for its air, water and chemicals rules. While it publishes enormous amounts of research and data to the public, the confidential material is held back. Business interests have argued the practice is tantamount to writing laws behind closed doors and unfairly prevents them from vetting the research underpinning the EPA's often costly regulatory requirements. They argue that if the data cannot be published, the rules should not be adopted. But ex-EPA officials say the practice is vital.

Robotics

A Study Finds Half of Jobs Are Vulnerable To Automation (economist.com) 137

The Economist reports of a new working paper by the Organization for Economic Co-operation and Development (OECD) that assesses the automatability of each task within a given job, based on a survey of skills in 2015. "Overall, the study finds that 14% of jobs across 32 countries are highly vulnerable, defined as having at least a 70% chance of automation," reports Economist. "A further 32% were slightly less imperiled, with a probability between 50% and 70%. At current employment rates, that puts 210 million jobs at risk across the 32 countries in the study." From the report: The pain will not be shared evenly. The study finds large variation across countries: jobs in Slovakia are twice as vulnerable as those in Norway. In general, workers in rich countries appear less at risk than those in middle-income ones. But wide gaps exist even between countries of similar wealth. Differences in organizational structure and industry mix both play a role, but the former matters more. In South Korea, for example, 30% of jobs are in manufacturing, compared with 22% in Canada. Nonetheless, on average, Korean jobs are harder to automate than Canadian ones are. This may be because Korean employers have found better ways to combine, in the same job, and without reducing productivity, both routine tasks and social and creative ones, which computers or robots cannot do. A gloomier explanation would be "survivor bias": the jobs that remain in Korea appear harder to automate only because Korean firms have already handed most of the easily automatable jobs to machines.
XBox (Games)

Xbox One April Update Rolling Out With Low-Latency Mode, FreeSync, and 1440p Support; 120Hz Support Coming In May Update (theverge.com) 43

Microsoft is rolling out a new Xbox One update that brings 1440p support for the Xbox One S and X, as well as support for AMD's FreeSync technology to allow compatible displays to sync refresh rates with Microsoft's consoles. A subsequent update in May will bring 120Hz-display refresh-rate support to the Xbox One. The Verge reports: FreeSync, like Nvidia's G-Sync, helps remove tearing or stuttering usually associated with gaming on monitors, as the feature syncs refresh rates to ensure games run smoothly. Alongside this stutter-free tech, Microsoft is also supporting automatic switching to a TV's game mode. Auto Low-Latency Mode, as Microsoft calls it, will be supported on new TVs, and will automatically switch a TV into game mode to take advantage of the latency reductions. The Xbox One will also support disabling game mode when you switch to another app like Netflix. Microsoft is also making some audio tweaks with the April update for the Xbox One. New system sounds take advantage of spatial sound to fully support surround sound systems when you navigate around. Gamers who listen to music while playing can also now balance game audio against background music right inside the Xbox Guide. Other features in this update include sharing game clips direct to Twitter, dark to light mode transitions based on sunrise / sunset, and improvements to Microsoft Edge to let you download or upload pictures, music, and videos.
Communications

WhatsApp Raises Minimum Age In Europe To 16 Ahead of Data Law Change (reuters.com) 35

WhatsApp is raising its minimum age from 13 to 16 in Europe to help it comply with new data privacy rules coming into force next month. The app will ask European users to confirm they are at least 16 years old when they are prompted to agree to new terms of service and a privacy policy provided by a new WhatsApp Ireland entity in the next few weeks. Reuters reports: Facebook, which has a separate data policy, is taking a different approach to teens aged between 13 and 15 in order to comply with the European General Data Protection Regulation (GDPR) law. It is asking them to nominate a parent or guardian to give permission for them to share information on the platform, otherwise they will not see a fully personalized version of the social media platform. But WhatsApp, which had more than 1.5 billion users in January according to Facebook, said in a blog post it was not asking for any new rights to collect personal information in the agreement it has created for the European Union. WhatsApp's minimum age of use will remain 13 years in the rest of the world, in line with its parent.
Power

Electric Buses Are Hurting the Oil Industry (bloomberg.com) 228

An anonymous reader quotes a report from Bloomberg: Electric buses were seen as a joke at an industry conference in Belgium seven years ago when the Chinese manufacturer BYD showed an early model. Suddenly, buses with battery-powered motors are a serious matter with the potential to revolutionize city transport -- and add to the forces reshaping the energy industry. With China leading the way, making the traditional smog-belching diesel behemoth run on electricity is starting to eat away at fossil fuel demand. The numbers are staggering. China had about 99 percent of the 385,000 electric buses on the roads worldwide in 2017, accounting for 17 percent of the country's entire fleet. Every five weeks, Chinese cities add 9,500 of the zero-emissions transporters -- the equivalent of London's entire working fleet, according Bloomberg New Energy Finance. All this is starting to make an observable reduction in fuel demand. And because they consume 30 times more fuel than average sized cars, their impact on energy use so far has become much greater than the than the passenger sedans produced companies from Tesla to Toyota. For every 1,000 battery-powered buses on the road, about 500 barrels a day of diesel fuel will be displaced from the market, according to BNEF calculations. This year, the volume of fuel buses take off the market may rise 37 percent to 279,000 barrels a day, about as much oil as Greece consumes, according to BNEF.
Yahoo!

SEC Issues $35 Million Fine Over Yahoo Failing To Disclose Data Breach (theverge.com) 34

Altaba, the company formerly known as Yahoo, will have to pay a $35 million fine for failing to disclose a 2014 data breach in which hackers stole info on over 500 million accounts. "The U.S. Securities and Exchange Commission announced today that Altaba, which contains Yahoo's remains, agreed to pay the fine to settle charges that it misled investors by not informing them of the hack until September 2016, despite known of it as early as December 2014," reports The Verge. From the report: The SEC goes on to admonish Yahoo for its failure to disclose the breach to investors, saying that the agency wouldn't "second-guess good faith exercises of judgment" but that Yahoo's decisions were "so lacking" that a fine was necessary. Yahoo isn't being fined for having poor security practices, not informing users, or really anything related to the hack happening. The SEC is just mad that investors weren't told about it, because -- as Yahoo even noted in filings to investors -- data breaches can have financial impacts and legal implications. With a breach this large, the SEC believes that was obviously a real risk. "Public companies should have controls and procedures in place to properly evaluate cyber incidents and disclose material information to investors," Jina Choi, director of the SEC's San Francisco Regional Office, said in a statement. The SEC released guidance to public companies on what to disclose about data breaches earlier this year, which could help to avoid similar situations in the future.
Data Storage

Samsung Announces 970 PRO and 970 EVO NVMe SSDs (anandtech.com) 43

hyperclocker shares a report from AnandTech: Samsung has announced the third generation of their high-end consumer NVMe SSDs. The new 970 PRO and 970 EVO M.2 NVMe SSDs use a newer controller and Samsung's latest 64-layer 3D NAND flash memory. The outgoing 960 PRO and 960 EVO were first announced in September 2016 and shipped that fall, so they have had a fairly long run as Samsung's flagship consumer SSDs. Compared to its predecessor, the 970 EVO promises a small improvement in sequential read speed, and a more substantial boost to sequential write speed for all but the smallest 250GB model. Peak random access performance is also substantially improved, but again the 250GB model gets left out, and is actually rated as slower than the 960 EVO 250GB. The warranty on the EVO has been extended from three years to five years, and the write endurance ratings have been increased by 50% to retain almost the same drive writes per day rating.

The 970 PRO's performance specs aren't too different from the 970 EVO. Many of the ratings are the same, and the ones that differ are mostly better by just 3-11% for the PRO. There are just two major exceptions to this. First, the PRO doesn't rely on SLC write caching so it can maintain its write speed far longer than the EVO. Second, the rated write endurance of the 970 PRO is twice that of the EVO, going from just over 0.3 Drive Writes Per Day to 0.6 DWPD. Neither of these are an important factor for ordinary consumer use cases, but they help the 970 PRO retain some shine as a premium product.

Social Networks

Instagram Launches 'Data Download' Tool To Let You Leave (techcrunch.com) 14

An anonymous reader quotes a report from TechCrunch: Two weeks ago TechCrunch called on Instagram to build an equivalent to Facebook's "Download Your Information" feature so if you wanted to leave for another photo sharing network, you could. The next day it announced this tool would be coming and now TechCrunch has spotted it rolling out to users. Instagram's "Data Download" feature can be accessed here or through the app's privacy settings. It lets users export their photos, videos, archived Stories, profile, info, comments, and non-ephemeral messages, though it can take a few hours to days for your download to be ready. An Instagram spokesperson now confirms to TechCrunch that "the Data Download tool is currently accessible to everyone on the web, but access via iOS and Android is still rolling out." We'll have more details on exactly what's inside once my download is ready.

Slashdot Top Deals