Feed aggregator

Chrome and Firefox Changes Spark the End of 'Extended Validation' Certificates

Slashdot - 2 hours 19 min ago
"Upcoming changes in Google Chrome and Mozilla Firefox may finally spark the end for Extended Validation certificates as the browsers plan to do away with showing a company's name in the address bar," reports Bleeping Computer. When connecting to a secure web site, an installed SSL/TLS certificate will encrypt the communication between the browser and web server. These certificates come in a few different flavors, with some claiming to offer a more thorough verification process or extra perks. One certificate, called EV Certificates, are known for having a browser display the owner of the certificate directly in the browser's address bar. This allegedly makes the site feel more trustworthy to a visitor. In reality, the different types of SSL/TLS certificates all serve a single purpose and that is to encrypt the communication between a browser and web site. Anything extra is seen by many as just a marketing gimmick to charge customers for a more expensive "trustworthy" certificate. In numerous blog posts, security researcher Troy Hunt has stated that EV Certificates will soon be dead as more and more sites switch away from them, because they are much harder to manage due to extra verification times, and because people have become to associate a padlock with a secure site rather than a company name. With Safari already removing EV Certificate company info from the address bar, most mobile browsers not showing it, and Chrome and Mozilla desktop browsers soon to remove it, Hunt's predictions are coming true. EV Certificates will soon be dead. AmiMoJo shared this post from Google's Chromium blog: Through our own research as well as a survey of prior academic work, the Chrome Security UX team has determined that the EV UI does not protect users as intended. Users do not appear to make secure choices (such as not entering password or credit card information) when the UI is altered or removed, as would be necessary for EV UI to provide meaningful protection. Further, the EV badge takes up valuable screen real estate, can present actively confusing company names in prominent UI, and interferes with Chrome's product direction towards neutral, rather than positive, display for secure connections. Because of these problems and its limited utility, we believe it belongs better in Page Info.

Read more of this story at Slashdot.

US Set To Give Huawei Another 90 Days To Buy From American Suppliers

Slashdot - 3 hours 53 min ago
An anonymous reader quotes a report from Reuters: The U.S. Commerce Department is expected to extend a reprieve given to Huawei Technologies that permits the Chinese firm to buy supplies from U.S. companies so that it can service existing customers, two sources familiar with the situation said. The "temporary general license" will be extended for Huawei for 90 days, the sources said. Commerce initially allowed Huawei to purchase some American-made goods in May shortly after blacklisting the company in a move aimed at minimizing disruption for its customers, many of which operate networks in rural America. An extension will renew an agreement set to lapse on August 19, continuing the Chinese company's ability to maintain existing telecommunications networks and provide software updates to Huawei handsets. The situation surrounding the license, which has become a key bargaining chip for the United States in its trade negotiations with China, remains fluid and the decision to continue the Huawei reprieve could change ahead of the Monday deadline, the sources said.

Read more of this story at Slashdot.

YouTube To Allow Everyone To Watch YouTube Originals For Free

Slashdot - 6 hours 53 min ago
Last November, YouTube announced that it would be removing the paywall for its original programming starting in 2019. Now, we have more details on exactly how and when this will work. Android Central reports: Per a statement sent out by the YouTube team: "New YouTube Originals series, movies, and live events released after September 24, 2019 will be made available to non-members to watch for free, with ads. For series, members will get immediate access to every episode of a new season, while non-members will have to wait for each new episode to be released." It appears that YouTube Originals content released prior to that September 24 date will remain exclusive to Premium subscribers, but going forward, it'll be fair game for everyone. While that does slightly water-down the perks of being a YouTube Premium subscriber, it's also noted that paying customers will gain access to additional footage that won't be available for free users: "In most cases, where available, Director's cuts and bonus footage for YouTube Originals movies and live events will be exclusive to members like you, as well."

Read more of this story at Slashdot.

A New Species of Leech Is Discovered Near Washington, D.C.

Slashdot - 9 hours 53 min ago
schwit1 shares a report from Smithsonian: In the summer of 2015, when Smithsonian research zoologist Anna Phillips and other scientists were standing in slow-moving swamp water, letting leeches latch onto their bare legs or gathering them up in nets from muddy pond bottoms, they didn't realize that some of the bloodsuckers they'd collected belonged to an entirely new species. But in a just-published paper in the Journal of Parasitology, Phillips and her colleagues from the Universidad Nacional Autonoma de Mexico and the Royal Ontario Museum report that a previously unknown leech species, Macrobdella mimicus, is the first to be discovered on the continent in more than 40 years. Parasitologists typically rely on the arrangement of pores on the bottom of leeches' bodies to help distinguish species. With a close inspection, the researchers noticed a subtle difference in the spacing of the leeches' accessory pores. (While leeches are hermaphrodites, they mate with other leeches, and accessory pores secrete mucus that allows the mating leeches to stick together.) M. decora had four accessory pores grouped in two rows of two, just like the outlier group, but the new species had a set of pores located several millimeters farther back on their body. The similar pore pattern, however, led Phillips and the other scientists to name the new species Macrobdella mimicus, after the Greek word for "imitator" or "actor." The new species is olive-green with orange spots, about as long as a cigarette and as wide as two. It has three jaws, each containing 56 to 59 teeth (fewer than M. decora), which it can use to bite and siphon blood from humans. Leeches like this species can suck two to five times their body weight in blood thanks to expandable pockets in their intestines, explains Phillips.

Read more of this story at Slashdot.

Researchers Build a Heat Shield Just 10 Atoms Thick To Protect Electronic Devices

Slashdot - Fri, 08/16/2019 - 11:30pm
An anonymous reader quotes a report from Phys.Org: Excess heat given off by smartphones, laptops and other electronic devices can be annoying, but beyond that it contributes to malfunctions and, in extreme cases, can even cause lithium batteries to explode. To guard against such ills, engineers often insert glass, plastic or even layers of air as insulation to prevent heat-generating components like microprocessors from causing damage or discomforting users. Now, Stanford researchers have shown that a few layers of atomically thin materials, stacked like sheets of paper atop hot spots, can provide the same insulation as a sheet of glass 100 times thicker. In the near term, thinner heat shields will enable engineers to make electronic devices even more compact than those we have today, said Eric Pop, professor of electrical engineering and senior author of a paper published Aug. 16 in Science Advances. "To make nanoscale heat shields practical, the researchers will have to find some mass production technique to spray or otherwise deposit atom-thin layers of materials onto electronic components during manufacturing," adds Phys.Org. "But behind the immediate goal of developing thinner insulators looms a larger ambition: Scientists hope to one day control the vibrational energy inside materials the way they now control electricity and light. As they come to understand the heat in solid objects as a form of sound, a new field of phononics is emerging, a name taken from the Greek root word behind telephone, phonograph and phonetics."

Read more of this story at Slashdot.

Huawei Is Working On Its Own Version of Google Maps

Slashdot - Fri, 08/16/2019 - 10:02pm
According to the state-owned China Daily, Huawei is working on a Google Maps alternative with Yandex and Booking.com. The service is expected to be unveiled in October. CNET reports: It's apparently designed to use a tool for software developers to create apps based around its mapping capabilities, rather than for consumer use. It'll connect to local mapping services, cover 150 countries and regions, and be available in 40 languages, the report said. Huawei didn't immediately respond to a request for comment, but the company's ability to access Google's services has been threatened since President Trump blacklisted it in May. That came as a result of U.S. lawmakers' concerns about Huawei's tight relationship with the Chinese government and fears that its equipment could be used for spying. Trump has since said the ban will be eased.

Read more of this story at Slashdot.

The Fortnite coach who helped create teenage millionaires

BBC Tech News - Fri, 08/16/2019 - 9:28pm
Hugh Gilmour failed to qualify for the Fortnite World Cup, so has turned to coaching instead.

Runkeeper Will Stop Supporting Wear OS 'in a Few Weeks'

Slashdot - Fri, 08/16/2019 - 9:25pm
Runkeeper this week announced that it will discontinue its Wear OS app in the next few weeks. From a report: The update was emailed to users this week, where the company told users that it decided to end support because "the integration didn't work well / work consistently for most users." In a response to users, Runkeeper elaborated that only a small percentage of Runkeeper users were actually using the Wear OS app. "It was a very buggy experience and difficult for us to maintain and fix," a representative said in an email. "Because we're a small team with limited resources, and having done our research, we ultimately concluded that trying to maintain a partnership that wasn't working well would not be good practice for us."

Read more of this story at Slashdot.

Anime Studio, Khara, Is Planning To Use Open-Source Blender Software

Slashdot - Fri, 08/16/2019 - 8:45pm
The Japanese anime studio, Khara, is moving to Blender, the the open-source 3D creation software. "It'll begin partially using the software for its current development 'EVANGELION:3.0+1.0' but will make the full switch once that project is finished," reports Neowin. "The current project is expected to end in June next year, so after that point, its employees will start using Blender for the majority of their work." From the report: At the moment, Khara uses 3ds Max from Autodesk on a subscription basis; however, the company found that it had to reach out to small and medium-sized businesses for its projects. Due to the limitations of those companies, it's harder for them to afford 3ds Max. By switching to Blender, Khara says it can work better with external firms. While Blender will be used for the bulk of the work, Khara does have a backup plan if there's anything Blender struggles with; Hiroyasu Kobayashi, General Manager of Digital Dpt. and Director of Board of Khara, said: "There are currently some areas where Blender cannot take care of our needs, but we can solve it with the combination with Unity. Unity is usually enough to cover 3ds Max and Maya as well. Unity can be a bridge among environments."

Read more of this story at Slashdot.

Nvidia CEO Says Google Is the Company's Only Customer Building Its Own Silicon At Scale

Slashdot - Fri, 08/16/2019 - 8:03pm
An anonymous reader quotes a report from CNBC: Nvidia's CEO, Jensen Huang, has reason to be concerned about other chipmakers, like AMD. But he's not worried about Nvidia's own big customers turning into competitors. Amazon, Facebook, Google and Tesla are among the companies that buy Nvidia's graphics cards and have kicked off chip-development projects. "There's really one I know of that have silicon that's really in production," Huang told CNBC in an interview on Thursday. That company would be Google, he said. "But our conversation with large customers is intensifying," Huang said. "We're talking to more large customers." Google first announced its entrance into the data center AI chip-making world in 2016. As it came up with new versions, the web company pointed to performance advantages over graphics cards that were available at the time. Google hasn't started selling data center chips for training AI models to other companies, though. (Google has started offering various products that use its Edge tensor processing unit chips, but those chips aren't as powerful as the TPU chips for training AI models in Google's cloud.)

Read more of this story at Slashdot.

Huge Survey of Firmware Finds No Security Gains In 15 Years

Slashdot - Fri, 08/16/2019 - 7:20pm
A survey of more than 6,000 firmware images spanning more than a decade finds no improvement in firmware security and lax security standards for the software running connected devices by Linksys, Netgear and other major vendors. The Security Ledger reports: "Nobody is trying," said Sarah Zatko, the Chief Scientist at the Cyber Independent Testing Lab (CITL), a non-profit organization that conducts independent tests of software security. "We found no consistency in a vendor or product line doing better or showing improvement. There was no evidence that anybody is making a concerted effort to address the safety hygiene of their products," she said. The CITL study surveyed firmware from 18 vendors including ASUS, D-link, Linksys, NETGEAR, Ubiquiti and others. In all, more than 6,000 firmware versions were analyzed, totaling close to 3 million binaries created from 2003 to 2018. It is the first longitudinal study of IoT software safety, according to Zatko. CITL researchers studied publicly available firmware images and evaluated them for the presence of standard security features such as the use of non-executable stacks, Address Space Layout Randomization (ASLR) and stack guards, which prevent buffer overflow attacks. The results were not encouraging. Time and again, firmware from commonly used manufacturers failed to implement basic security features even when researchers studied the most recent versions of the firmware. For example: firmware for the ASUS RT-AC55U wifi router did not employ ASLR or stack guards to protect against buffer overflow attacks. Nor did it employ a non-executable stack to protect against "stack smashing," another variety of overflow attack. CITL found the same was true of firmware for Ubiquiti's UAP AC PRO wireless access points, as well as DLink's DWL-6600 access point. Router firmware by vendors like Linksys and NETGEAR performed only slightly better on CITL's assessment. CITL researchers also "found no clear progress in any protection category over time," reports The Security Ledger. "Researchers documented 299 positive changes in firmware security scores over the 15 years covered by the study... but 370 negative changes over the same period. Looking across its entire data set, in fact, firmware security actually appeared to get worse over time, not better." On the bright side, the survey found that almost all recent router firmware by Linksys and NETGEAR boasted non-executable stacks. "However, those same firmware binaries did not employ other common security features like ASLR or stack guards, or did so only rarely," says the report.

Read more of this story at Slashdot.

Patti Payne's Cool Pads: Former Microsoft exec puts San Juan compound on the market (Photos)

Mass High Tech News - Fri, 08/16/2019 - 7:11pm
Retired Microsoft executive Bob McDowell and his wife Lisa McDowell, a former teacher, are selling their West Winds estate at Friday Harbor on San Juan Islands.  Brokers Tere Foster with Team Foster at Compass, and Forbes Hansen with American Dream Real Estate Services have the $3.48 million listing. The McDowells bought the property in 1997 when Bob was still working at the tech giant. At that time the island property was a bed-and-breakfast on five acres. “It was compelling to us —…

Benchmark Electronics hires first chief revenue officer

Mass High Tech News - Fri, 08/16/2019 - 7:00pm
Rob Crawford has been named to the newly created position as chief revenue officer of Benchmark Electronics Inc. (NYSE: BHE), a Tempe-based electronics component manufacturer. Crawford will direct Benchmark’s global go-to-market strategy, including executing vertical sector strategies, determining portfolio optimization, accelerating marketing and demand generation, and ensuring revenue realization to achieve growth objectives. He joined the company in July. Most recently, Crawford was the vice…

Uber, Lyft Finally Admit They're Making Traffic Congestion Worse In Cities

Slashdot - Fri, 08/16/2019 - 6:40pm
Uber and Lyft tapped transportation consultancy Fehr & Peers to examine their combined vehicle miles traveled (VMT) in six cities in September 2018, and compare that number to the total VMT in each area for the same month. "The results show that while they are vastly out-stripped by personal and commercial vehicles, Uber and Lyft are still responsible for significant shares of VMT in those cities," reports The Verge. From the report: The analysis looks at Boston, Chicago, Los Angeles, San Francisco, Seattle, and Washington, DC. The results are presented on two levels: the regional area, including the surrounding towns and suburbs, and the "core" county of each region that contains the main part of the city with the densest concentration of jobs. The findings show that Uber and Lyft account for just 1-3 percent of VMT in the broader metropolitan areas of each city. But those numbers spike when zooming in on the core county of each city. In San Francisco County, for example, Uber and Lyft make up as much as 13.4 percent of all vehicle miles. In Boston, it's 8 percent; in Washington, DC, it's 7.2 percent. These figures suggest that Uber and Lyft are hitting some cities harder than previously thought. An independent study commissioned by the San Francisco County Transportation Authority looked at 2017 traffic patterns in the county and concluded that TNCs generated about 6.5 percent of the total VMT on weekdays, and 10 percent on weekends. (TNC, which stands for transportation network company, is an industry term used to describe ride-hailing apps like Uber and Lyft.) The findings from Fehr & Peers show totals "nearly twice that previous estimate," said Gregory Erhardt, a professor of civil engineering at the University of Kentucky who has researched Uber and Lyft's effects on public transit ridership. "This difference may be due to the continued increase in TNC use over the intervening two years."

Read more of this story at Slashdot.

Judge Orders Georgia To Switch To Paper Ballots For 2020 Elections

Slashdot - Fri, 08/16/2019 - 6:00pm
An anonymous reader quotes a report from Ars Technica: Election security advocates scored a major victory on Thursday as a federal judge issued a 153-page ruling ordering Georgia officials to stop using its outdated electronic voting machines by the end of the year. The judge accepted the state's argument that it would be too disruptive to switch to paper ballots for municipal elections being held in November 2019. But she refused to extend that logic into 2020, concluding that the state had plenty of time to phase out its outdated touchscreen machines before then. The state of Georgia was already planning to phase out its ancient touchscreen electronic voting machines in favor of a new system based on ballot-marking machines. Georgia hopes to have the new machines in place in time for a presidential primary election in March 2020. In principle, that switch should address many of the critics' concerns. The danger, security advocates said, was that the schedule could slip and Georgia could then fall back on its old, insecure electronic machines in the March primary and possibly in the November 2020 general election as well. The new ruling by Judge Amy Totenberg slams the door shut on that possibility. If Georgia isn't able to switch to its new high-tech system, it will be required to fall back on a low-tech system of paper ballots rather than continue using the insecure and buggy machines it has used for well over a decade. Alex Halderman, a University of Michigan computer scientist who served as the plaintiffs' star witness in the case, hailed the judge's ruling. "The court's ruling recognizes that Georgia's voting machines are so insecure, they're unconstitutional," Halderman said in an email to Ars. "That's a huge win for election security that will reverberate across other states that have equally vulnerable systems."

Read more of this story at Slashdot.

Looking to hire a programmer? Here are the 13 schools in the Americas that train the best ones

Mass High Tech News - Fri, 08/16/2019 - 5:51pm
Companies looking to hire qualified programmers may want to overlook Stanford, Caltech and MIT in favor of UC Berkeley, the University of Southern California and Carnegie Mellon University, according to new data released by Mountain View-based HackerRank. The company offers employers a platform to assess job candidates’ skills. After compiling almost 1.5 million such assessments of new college graduates, HackerRank identified the 13 schools in the Americas where candidates ranked the highest on…

Ag tech company Biome Makers gets $4 million in VC funding from Europe

Mass High Tech News - Fri, 08/16/2019 - 5:41pm
Biome Makers Inc. has closed a $4 million venture round from European investors. The soil biome health analysis company, which was launched in San Francisco in 2015, was the first tenant in early 2018 of the Bayer Crop Science CoLaborator co-working research and wet lab space in West Sacramento. Biome Makers is pioneering profiling soil microbe DNA so farmers and vintners can monitor and control the quality of their soil. The company examines the health of the soil's microbiome life rather than…

Barracuda Networks founder has a 1,200-HP, $1.25M supercar he wants to sell you

Mass High Tech News - Fri, 08/16/2019 - 5:38pm
Barracuda Networks founder Dean Drako on Friday took the wraps off of a fully electric supercar at the Quail Motorsports Gathering in Carmel — a car that he is selling for $1.25 million and up. The Drako GTE is built on a chassis from Fisker Automotive, boasting 1,200 horsepower and rapid acceleration up to 206 mph. The limited production supercar was designed by Lowie Vermeersch and his Italian GranStudio team in consultation with veteran race car driver and Santa Cruz native Bruce Canepa,…

Customs Computer Systems Down Nationwide, Causing Massive Delays At Airports

Slashdot - Fri, 08/16/2019 - 5:22pm
A computer issue is preventing U.S. immigration officials from processing arriving passengers at several airports across the country. "It wasn't immediately clear what caused the problem at U.S. Customs and Border Protection, but the agency said it was investigating," reports CNBC. Agents will be processing people manually until the systems are resolved. One Twitter user posted a video of a long line of an estimated 5,000+ passengers at Dulles International Airport. Another traveler tweeted that passengers on her flight from London weren't allowed to deplane upon arrival in Boston because of the issue. UPDATE 21:28 UTC: NBC News has confirmed that the system shutdown is nationwide, and U.S. Customs and Border Patrol officials are working to determine the cause. You can view the thread here. Story is developing...

Read more of this story at Slashdot.

U.S. is preparing to sue to block Sabre’s planned acquisition, report says

Mass High Tech News - Fri, 08/16/2019 - 5:11pm
Sabre may be heading to court over its proposed deal to buy Farelogix after all. The U.S. Justice Department is preparing to sue to block Sabre Corp.’s (Nasdaq: SABR) proposed acquisition of Farelogix over concerns the deal will harm competition, Bloomberg reported Friday, citing a person familiar with the matter. The move would follow Sabre’s decision to inform the DOJ was planning to wrap the acquisition Aug. 21. The more-than-$300 million deal was announced last year – and had been expected…


Subscribe to TechMaine aggregator