feed on feeds - 2019/09/07 - items 0 to 15

Long-time Slashdot reader AmiMoJo quotes VentureBeat: Google, which has already paid security researchers over $15 million since launching its bug bounty program in 2010, today increased the scope of its Google Play Security Reward Program (GPSRP). Security researchers will now be rewarded for finding bugs across all apps in Google Play with 100 million or more installs. At the same time, the company launched the Developer Data Protection Reward Program (DDPRP) in collaboration with [bug bounty platform] HackerOne. That program is for data abuses in Android apps, OAuth projects, and Chrome extensions.... Google also uses this vulnerability data to create automated checks that scan all Google Play apps for similar vulnerabilities. Affected app developers are notified via the Play Console. The App Security Improvement (ASI) program provides them with information on the vulnerability and how to fix it. In February, Google revealed that ASI has helped over 300,000 developers fix over 1,000,000 apps on Google Play. The article also notes that Android apps and Chrome extensions found to be abusing data "will be removed from Google Play and the Chrome Web Store."

Read more of this story at Slashdot.

MPs ready for legal fight over possible delay to UK's exit from EU with PM Johnson non-committal over new Brexit bill.

Anger remains despite government withdrawing a controversial extradition legislation.

An anonymous reader quotes Forbes: How do you communicate when the government censors the internet? With a peer-to-peer mesh broadcasting network that doesn't use the internet. That's exactly what Hong Kong pro-democracy protesters are doing now, thanks to San Francisco startup Bridgefy's Bluetooth-based messaging app. The protesters can communicate with each other — and the public — using no persistent managed network... While you can chat privately with contacts, you can also broadcast to anyone within range, even if they are not a contact. That's clearly an ideal scenario for protesters who are trying to reach people but cannot use traditional SMS texting, email, or the undisputed uber-app of China: WeChat. All of them are monitored by the state. Wednesday another article in Forbes confirmed with Bridgefy that their app uses end-to-end RSA encryption -- though an associate professor at the Johns Hopkins Information Security Institute warns in the same article about the possibility of the Chinese government demanding that telecom providers hand over a list of all users running the app and where they're located. Forbes also notes that "police could sign up to Bridgefy and, at the very least, cause confusion by flooding the network with fake broadcasts" -- or even use the app to spread privacy-compromising malware. "But if they're willing to accept the risk, Bridgefy could remain a useful tool for communicating and organizing in extreme situations."

Read more of this story at Slashdot.

Kyriakos Mitsotakis set to legislate four-point tax cut for businesses, followed by similar cut in 2020 to boost growth.

The South African government has been conducting mass surveillance on all communications in the country, reports Reclaim the Net:, citing a report from Privacy International as well as recently-revealed affidavits and other documents from former State Security Agency (SSA) director-general Arthur Fraser: Interestingly, the mass surveillance has been happening since 2008... The surveillance was supposedly designed to cover information about organized crime and acts of terrorism. It even involves surveillance on food security, water security, and even illegal financial flows. The report also revealed that the South African government has done bulk interception of Internet traffic by way of tapping into fiber-optic cables under the sea. What is not clear though is whether the surveillance covers all Internet traffic or limited only to some of the fiber cables. The SSA said that the automated collection of data was specifically geared for foreign communications that pose threats to state security only. However, even the SSA admits to the fact that it will require human intervention to determine whether any communications that pass through the fiber cables are foreign or not. Hence, it would be difficult to distinguish between foreign and local communications. The iAfrikan site interviewed a digital rights researcher at South Africa's amaBhungane Centre for Investigative Journalism, whose legal filings helped bring this information to light. "We had details of the state's mass surveillance activities at least as early as 2006...." he tells the site, adding later that "The government has been quite upfront that it's collecting data from a vast number of people who are not suspected of any wrongdoing... Essentially, the State Security Agency is collecting as much haystack as it can, just in case it needs to look for a needle." Privacy International reports that the U.K. government has also recently acknowledged their "bulk interception of internet traffic by tapping undersea fibre optic cables." The site describes the work of the two countries as "some of the most pervasive surveillance programmes in human history."

Read more of this story at Slashdot.

ZDNet remembers when the only programming languages "were machine and assembler," until Burroughs Corporation programmer Mary Hawes proposed a vendor-neutral language with an English-like vocabulary. (Grace Hopper suggested they approach the Department of Defense, leading to a summit of 41 computer users and manufacturers at the Pentagon in 1959.) But ZDNet argues that 60 years later, COBOL isn't done yet. In 2016, the Government Accountability Office reported the Department of Homeland Security, Department of Veterans Affairs, and the Social Security Administration, to name just three, were still using COBOL. According to a COBOL consulting company, which goes by the delightful name, COBOL Cowboys, 200 billion lines of COBOL code are still in use today and 90% of Fortune 500 companies still having COBOL code keeping the lights on. And, if you've received cash out of an ATM recently, it's almost certain COBOL was running behind the scenes. ZDNet explains that's the largest number of businesses using COBOL are financial institutions, which, according to Micro Focus includes "banking, insurance and wealth management/equities trading. Second is government services (federal, provincial, local)." Micro Focus is the company that now maintains COBOL, and their global director of marketing and "application modernization" tells ZDNet that "the number of organizations running COBOL systems today is in the tens of thousands. It is impossible to estimate the tens of millions of end users who interface with COBOL-based applications on a daily basis, but the language's reliance is clearly seen with its use in 70 percent of global transaction processing systems. Any time you phone a call center, any time you transfer money, or check your account, or pay a mortgage, or renew or get an insurance quote, or when contacting a government department, or shipping a parcel, or ordering some flowers, or buying something online at a whole range of retailers, or booking a vacation, or a flight, or trading stocks, or even checking your favorite baseball team's seasonal statistics, you are interacting with COBOL. ZDNet notes that some people are even moving their COBOL applications into the cloud, concluding "At this rate, COBOL programs will outlive us all."

Read more of this story at Slashdot.

This is a clean impeachment. Clear violation of the Constitution, repeated, openly. Hand it off to the Senate.

Hurricane Dorian now threatens Canada while Typhoon Lingling makes landfall and Faxai won't be long but threatens Tokyo.

On Tuesday the University of Texas at Texas launched the fastest supercomputer at any academic facility in the world. The computer -- named "Frontera" -- is also the fifth most-powerful supercomputer on earth. Slashdot reader aarondubrow quotes their announcement: The Texas Advanced Computing Center (TACC) at The University of Texas is also home to Stampede2, the second fastest supercomputer at any American university. The launch of Frontera solidifies UT Austin among the world's academic leaders in this realm... Joined by representatives from the National Science Foundation (NSF) -- which funded the system with a $60 million award -- UT Austin, and technology partners Dell Technologies, Intel, Mellanox Technologies, DataDirect Networks, NVIDIA, IBM, CoolIT and Green Revolution Cooling, TACC inaugurated a new era of academic supercomputing with a resource that will help the nation's top researchers explore science at the largest scale and make the next generation of discoveries. "Scientific challenges demand computing and data at the largest and most complex scales possible. That's what Frontera is all about," said Jim Kurose, assistant director for Computer and Information Science and Engineering at NSF. "Frontera's leadership-class computing capability will support the most computationally challenging science applications that U.S. scientists are working on today." Frontera has been supporting science applications since June and has already enabled more than three dozen teams to conduct research on a range of topics from black hole physics to climate modeling to drug design, employing simulation, data analysis, and artificial intelligence at a scale not previously possible. Here's more technical details from the announcement about just how fast this supercomputer really is.

Read more of this story at Slashdot.

Arthur Graaff's father was a Dutch resistance fighter. He says the exhibition glorifies the Nazi era and should be banned.

When the fighting began, a three-month state of emergency was imposed. The army was deployed, there were dozens of arrests and weapons were seized.

Toppled 75-year-old leader is charged with possessing illicit foreign currency and unauthorised use of foreign funds.

I did a lot of work on the persists package today, including a new section in the readme that explains why I wanted it, what I'm using it for. It's going to be part of every Node app I create from now on.