Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×
Iphone

Cellebrite Can Now Unlock Apple iPhone 6, 6 Plus (cyberscoop.com) 6

Patrick O'Neill writes: A year after the battle between the FBI and Apple over unlocking an iPhone 5s used by a shooter in the San Bernardino terrorist attack, smartphone cracking company Cellebrite announced it can now unlock the iPhone 6 and 6 Plus for customers at rates ranging from $1,500 to $250,000. The company's newest products also extract and analyze data from a wide range of popular apps including all of the most popular secure messengers around. From the Cyberscoop report: "Cellebrite's ability to break into the iPhone 6 and 6 Plus comes in their latest line of product releases. The newest Cellebrite product, UFED 6.0, boasts dozens of new and improved features including the ability to extract data from 51 Samsung Android devices including the Galaxy S7 and Galaxy S7 Edge, the latest flagship models for Android's most popular brand, as well as the new high-end Google Pixel Android devices."
Piracy

Google Says Almost Every Recent 'Trusted' DMCA Notices Were Bogus (torrentfreak.com) 63

Reader AmiMoJo writes: In comments submitted to a U.S. Copyright Office consultation, Google has given the DMCA a vote of support, despite widespread abuse. Noting that the law allows for innovation and agreements with content creators, Google says that 99.95% of URLs it was asked to take down last month didn't even exist in its search indexes. "For example, in January 2017, the most prolific submitter submitted notices that Google honored for 16,457,433 URLs. But on further inspection, 16,450,129 (99.97%) of those URLs were not in our search index in the first place."
Google

Google Has Demonstrated a Successful Practical Attack Against SHA-1 (googleblog.com) 83

Reader Artem Tashkinov writes: Ten years after of SHA-1 was first introduced, Google has announced the first practical technique for generating an SHA-1 collision. It required two years of research between the CWI Institute in Amsterdam and Google. As a proof of the attack, Google has released two PDF files that have identical SHA-1 hashes but different content. The amount of computations required to carry out the attack is staggering: nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total which took 6,500 years of CPU computation to complete the attack first phase and 110 years of GPU computation to complete the second phase.

Google says that people should migrate to newer hashing algorithms like SHA-256 and SHA-3, however it's worth noting that there are currently no ways of finding a collision for both MD5 and SHA-1 hashes simultaneously which means that we still can use old proven hardware accelerated hash functions to be on the safe side.

Facebook

'Social Media Needs A Travel Mode' (idlewords.com) 116

Maciej CegÅowski, a Polish-American web developer, entrepreneur, and social critic, writes on a blog post: We need a 'trip mode' for social media sites that reduces our contact list and history to a minimal subset of what the site normally offers. Not only would such a feature protect people forced to give their passwords at the border, but it would mitigate the many additional threats to privacy they face when they use their social media accounts away from home. Both Facebook and Google make lofty claims about user safety, but they've done little to show they take the darkening political climate around the world seriously. A 'trip mode' would be a chance for them to demonstrate their commitment to user safety beyond press releases and anodyne letters of support. What's required is a small amount of engineering, a good marketing effort, and the conviction that any company that makes its fortune hoarding user data has a moral responsibility to protect its users. To work effectively, a trip mode feature would need to be easy to turn on, configurable (so you can choose how long you want the protection turned on for) and irrevocable for an amount of time chosen by the user once it's set. There's no sense in having a 'trip mode' if the person demanding your password can simply switch it off, or coerce you into switching it off.
Google

Google Releases an AI Tool For Publishers To Spot and Weed Out Toxic Comments (bbc.com) 167

Google today launched a new technology to help news organizations and online platforms identify and swiftly remove abusive comments on their websites. The technology, called Perspective, will review comments and score them based on how similar they are to comments people said were "toxic" or likely to make them leave a conversation. From a report on BBC: The search giant has developed something called Perspective, which it describes as a technology that uses machine learning to identify problematic comments. The software has been developed by Jigsaw, a division of Google with a mission to tackle online security dangers such as extremism and cyberbullying. The system learns by seeing how thousands of online conversations have been moderated and then scores new comments by assessing how "toxic" they are and whether similar language had led other people to leave conversations. What it's doing is trying to improve the quality of debate and make sure people aren't put off from joining in.
Google

Google Releases Open Source File Sharing Project 'Upspin' On GitHub (betanews.com) 55

BrianFagioli quotes a report from BetaNews: Today, Google unveiled yet another way to share files. Called "Upspin," the open source project aims to make sharing easier for home users. With that said, the project does not seem particularly easy to set up or maintain. For example, it uses Unix-like directories and email addresses for permissions. While it may make sense to Google engineers, I am dubious that it will ever be widely used. "Upspin looks a bit like a global file system, but its real contribution is a set of interfaces, protocols, and components from which an information management system can be built, with properties such as security and access control suited to a modern, networked world. Upspin is not an "app" or a web service, but rather a suite of software components, intended to run in the network and on devices connected to it, that together provide a secure, modern information storage and sharing network," says Google. The search giant adds: "Upsin is a layer of infrastructure that other software and services can build on to facilitate secure access and sharing. This is an open source contribution, not a Google product. We have not yet integrated with the Key Transparency server, though we expect to eventually, and for now use a similar technique of securely publishing all key updates. File storage is inherently an archival medium without forward secrecy; loss of the user's encryption keys implies loss of content, though we do provide for key rotation."
Cellphones

Cellphones As a Fifth-Order Elaboration of Maxwell's Theory (ieee.org) 125

schwit1 shares a report from IEEE Spectrum that reflects on the "Stages of Electronics" based on James Clerk Maxwell's theory: Now that the world has become addicted to portable electronics, billions of people have come to see the companies providing these gadgets as the most innovative, and the people who head those companies as the most exalted, of all time. "Genius" is a starter category in this discussion. But clever and appealing though today's electronic gadgets may be, to the historian they are nothing but the inevitable fifth-order elaborations of two fundamental ideas: electromagnetic radiation, the theory of which was formulated by James Clerk Maxwell in the 1860s, and miniaturized fabrication, which followed Richard Feynman's 1959 dictum [PDF] that "there's plenty of room at the bottom." Maxwell was a true genius. The history of science offers few examples of work as brilliant as unifying electricity, magnetism, and light as aspects of a single phenomenon: electromagnetic waves. As Max Planck put it, "in doing so he achieved greatness unequalled."

Vaclav Smil writes via IEEE: "As I pass the zombielike figures on the street, oblivious to anything but their cellphone screens, I wonder how many of them know that the most fundamental advances enabling their addictions came not from Nokia, Apple, Google, Samsung, or LG. These companies' innovations are certainly admirable, but they amount only to adding a few fancy upper floors to a magnificent edifice whose foundations were laid by Maxwell 152 years ago and whose structure depends on decades-old advances that made it possible to build electronics devices ever smaller."

Businesses

The Death of the Click (axios.com) 129

Sara Fischer, writing for Axios: For the past 10 years, we've operated on the premise that the most important digital metric is the click that refers a person to a website. That click usually comes from a social distribution channel, like Facebook or Twitter, or a search engine, like Google or Bing. But according to industry experts, the click referral is becoming an idea of the past, soon to be replaced by content exposure. [...] Most publishers have designed their websites to measure user interaction through clicks, not scroll rates or time spent on stories. As the industry moves away from click-through rates (CTR's) as the most meaningful marketing metric, those publishers will have a difficult time justifying the effectiveness of their platforms for marketers.
Piracy

Google and Microsoft To Crackdown On Piracy Sites In Search Results (telegraph.co.uk) 103

Google and Microsoft pledged on Monday to crack down on sites hosting pirated content that show up on their search engines. In what is being called a first of its kind agreement, Google and Microsoft's Bing will demote U.K. search results of copyright infringing websites. From a report on The Telegraph: The search engine operators have signed up to a clampdown that will see the UK's copyright watchdog monitor the search results they provide for unlawful websites. The agreement follows years of campaigning by record labels and film studios, which have accused Google and Microsoft of turning a blind eye to piracy and dragging their feet over measures to protect copyright online. Under a new voluntary code, the tech giants have committed to demote websites that have repeatedly been served with copyright infringement notices, so that they do not appear on the first page for common searches.
Bug

Google Discloses An Unpatched Windows Bug (Again) (bleepingcomputer.com) 121

An anonymous reader writes: "For the second time in three months, Google engineers have disclosed a bug in the Windows OS without Microsoft having released a fix before Google's announcement," reports BleepingComputer. "The bug in question affects the Windows GDI (Graphics Device Interface) (gdi32.dll)..." According to Google, the issue allows an attacker to read the content of the user's memory using malicious EMF files. The bad news is that the EMF file can be hidden in other documents, such as DOCX, and can be exploited via Office, IE, or Office Online, among many.

"According to a bug report filed by Google's Project Zero team, the bug was initially part of a larger collection of issues discovered in March 2016, and fixed in June 2016, via Microsoft's security bulletin MS16-074. Mateusz Jurczyk, the Google engineer who found the first bugs, says the MS16-074 patches were insufficient, and some of the issues he reported continued to remain vulnerable." He later resubmitted the bugs in November 2016. The 90-days deadline for fixing the bugs expired last week, and the Google researcher disclosed the bug to the public after Microsoft delayed February's security updates to next month's Patch Tuesday, for March 15.

Microsoft has described Google's announcements of unpatched Windows bugs as "disappointing".
Communications

Alaska Gets 'Artificial Aurora' As HAARP Antenna Array Listens Again (hackaday.com) 69

Freshly Exhumed quotes Hackaday: The famous HAARP antenna array is to be brought back into service for experiments by the University of Alaska. Built in the 1990s for the US Air Force's High Frequency Active Auroral Research Program, the array is a 40-acre site containing a phased array of 180 high-frequency antennas and their associated high-power transmitters. Its purpose is to conduct research on charged particles in the upper atmosphere, but that hasn't stopped an array of bizarre conspiracy theories.
A university space physics researcher will actually create an artificial aurora starting Sunday (and continuing through Wednesday) to study how yjr atmosphere affects satellite-to-ground communications, and "observers throughout Alaska will have an opportunity to photograph the phenomenon," according to the University. "Under the right conditions, people can also listen to HAARP radio transmissions from virtually anywhere in the world using an inexpensive shortwave radio."
Cellphones

Should International Travelers Leave Their Phones At Home? (freecodecamp.com) 510

Long-time Slashdot reader Toe, The sums up what he learned from freeCodeCamp's Quincy Larson: "Before you travel internationally, wipe your phone or bring/rent/buy a clean one." Larson's article is titled "I'll never bring my phone on an international flight again. Neither should you." All the security in the world can't save you if someone has physical possession of your phone or laptop, and can intimidate you into giving up your password... Companies like Elcomsoft make 'forensic software' that can suck down all your photos, contacts -- even passwords for your email and social media accounts -- in a matter of minutes.... If we do nothing to resist, pretty soon everyone will have to unlock their phone and hand it over to a customs agent while they're getting their passport swiped... And with this single new procedure, all the hard work that Apple and Google have invested in encrypting the data on your phone -- and fighting for your privacy in court -- will be a completely moot point.
The article warns Americans that their constitutional protections don't apply because "the U.S. border isn't technically the U.S.," calling it "a sort of legal no-man's-land. You have very few rights there." Larson points out this also affects Canadians, but argues that "You can't hand over a device that you don't have."
Google

YouTube Will Kill Unskippable 30-Second Ads Next Year (theverge.com) 158

YouTube is planning to do away with the non-skippable 30-second ads that appear before a YouTube video. From a report: In a statement first given to Campaign then confirmed by The Verge, a Google spokesperson said the company will focus on commercial formats that are more engaging for both advertisers and viewers. "We're committed to providing a better ads experience for users online. As part of that, we've decided to stop supporting 30-second unskippable ads as of 2018 and focus instead on formats that work well for both users and advertisers," Google said.
Google

Breakthrough in Alphabet's Balloon-Based Internet Project Means It Might Actually Wor (recode.net) 82

Loon, the balloon project that aims to deliver internet to parts of the world that lack reliable connectivity, announced this week that due to advancements in the machine learning software, it can now deploy fewer balloons to provide greater connectivity. From a report on Recode: The Loon balloon project is part of X, the experimental division of Alphabet, Google's parent company. Now in its fourth year, the engineers at Loon say their new machine learning techniques significantly shorten their timeline for launching the project. Initially, engineers proposed that the Loon balloons would float around the globe and that they would have to find a way to keep the balloons a safe traveling distance apart and replace a balloon that drifted from an area that needed connectivity. Now, the team says they've found a way to keep the balloons in a much more concentrated location, thanks to their improved altitude control and navigation system. Loon says that balloons will now make small loops over a land mass, instead of circumnavigating the whole planet.
Businesses

McDonald's Hires Project Ara Design Team To Reinvent the Drinking Straw (fastcodesign.com) 102

An anonymous reader writes: McDonald's has hired the creators of Google's Project Ara to reinvent the drinking straw. Their new invention, the "Suction Tube for Reverse Axial Withdrawal" (STRAW for short), is a J-shaped device that allows the user to drink both layers of the company's dual-layer Chocolate Shamrock shake simultaneously, receiving an optimal mixture of chocolate and, um, shamrock. McDonald's announced the new product at a Facebook live event yesterday, which included a keynote by McDonald's Senior Director of Menu Innovation Darci Forrest, a Silicon-Valley-style panel moderated by Austin Evans, and interviews with engineers from NK Labs and JACE. Computational fluid dynamics simulations, 3D printing, and extensive real-world testing (drinking shakes) were required to get the design ready for its eventual unveiling. McDonald's is producing a limited first run of 2000 of the straws for distribution at restaurants across the U.S. "My first reaction was, that doesn't seem too hard. We could have a double straw -- one longer, one shorter. No problem," says Seth Newburg, principal engineer and managing partner at NK Labs, which teamed up with JACE Design on the STRAW. "Then we immediately thought, once you get halfway down, one straw is going to start sucking air... It's one of those things that seems so simple, but as we got into it there were a lot more issues exposed. It turned out to present quite a few engineering and scientific challenges." NK Labs and JACE Design were the two companies who also worked on Project Ara together, the Google initiative to build a phone with interchangeable modules for various components like cameras and batteries. Unfortunately, the plans for Project Ara were scrapped late last year.
Privacy

Scottish Court Awards Damages For CCTV Camera Pointed At Neighbor's House (boingboing.net) 95

AmiMoJo quotes a report from BoingBoing: Edinburgh's Nahid Akram installed a CCTV system that let him record his downstairs neighbors Debbie and Tony Woolley in their back garden, capturing both images and audio of their private conversations, with a system that had the capacity to record continuously for five days. A Scottish court has ruled that the distress caused by their neighbor's camera entitled the Woolleys to $21,000 (17,000 British Pounds) in damages, without the need for them to demonstrate any actual financial loss. The judgment builds on a 2015 English court ruling against Google for spying on logged out Safari users, where the users were not required to show financial losses to receive compensation for private surveillance.
Google

Google Fiber Sheds Workers As It Looks to a Wireless Future (engadget.com) 107

Mariella Moon, writing for Engadget: Alphabet is making some huge changes to steer Google Fiber in a new, more wireless direction. According to Wired, the corporation has reassigned hundreds of Fiber employees to other parts of the company and those who remained will mostly work in the field. It has also hired broadband veteran Greg McCray as the new CEO for Access, the division that runs Google Fiber. These changes don't exactly come out of left field: back in October, Google announced that it's pausing the high-speed internet's expansion to new markets and that it's firing nine percent of the service's staff. Wired says running fiber optic cables into people's homes has become too expensive for the company. A Recode report last year says it costs Mountain View $1 billion to bring Fiber to a new market.
Youtube

YouTube Has 1 Billion Videos With Closed-Captioning (But Not All of Them Are Accurate) (variety.com) 52

Over a billion videos on YouTube are accessible to viewers with difficulties in hearing, thanks to the video giant's automated captions, it said Thursday. From a report on Variety: That certainly sounds impressive -- except when you realize that many of the site's automatically generated captions aren't completely right. The Google-owned video giant first launched captions back in 2006, and three years later introduced automatic speech recognition to add closed-captioning to YouTube content. Today, YouTube users watch video with auto-generated captions more than 15 million times per day. But the system is prone to errors. For example, the trailer for Amazon Studio's Oscar-nominated "Manchester by the Sea" (at this link) includes numerous inaccuracies in the auto-transcribed captions, sometimes to hilarious -- not to mention frustrating -- effect.
AI

Google Releases TensorFlow 1.0 With New Machine Learning Tools (venturebeat.com) 20

An anonymous reader shares a VentureBeat report: At Google's inaugural TensorFlow Dev Summit in Mountain View, California, today, Google announced the release of version 1.0 of its TensorFlow open source framework for deep learning, a trendy type of artificial intelligence. Google says the release is now production-ready by way of its application programing interface (API). But there are also new tools that will be part of the framework, which includes artificial neural networks that can be trained on data and can then make inferences about new data. Now there are more traditional machine learning tools, including K-means and support vector machines (SVMs), TensorFlow's engineering director, Rajat Monga, said at the conference. And there's an integration with the Python-based Keras library, which was originally meant to ease the use of the Theano deep learning framework. And there are now "canned estimators," or models, Monga said, including simple neural networks to start using quickly.
Communications

Voice Calls May Be Coming To the Amazon Echo and Google Home (theverge.com) 23

Amazon and Google are interested in adding the ability to make and receive phone calls to their popular home speaker devices -- Echo and Home, reports WSJ, adding that telecom regulations and privacy are some of the things both the companies are tackling. If the companies are able to sort out the issues, the feature could make way to the home speaker devices as soon as this year, the paper reported. From The Verge: There's also the fact that you would only make calls over speakerphone, which could limit the usefulness of the feature for some users. Theoretically, it would be easier for Google to get a phone service up and running on the Home, given that it's been operating Google Voice for seven years and launched Project Fi back in 2015, while Amazon has to start from scratch to get its phone service up and running. According to the Journal, Amazon is considering a number of different options, including syncing to the user's existing phone number, call forwarding, or the Echo getting its own phone number.

Slashdot Top Deals