In Private Conversation, Hackers Behind Ransomware Outbreak Lower Demand To $50 Mill Slashdotby msmash on business at January 1, 1970, 1:00 am (cached at July 5, 2021, 11:34 pm)

The hackers who have claimed responsibility for an international ransomware outbreak have lowered their asking price in a private conversation with a cybersecurity expert, something he said may be a sign the group was having trouble monetizing their massive breach. From a report: The REvil ransomware gang, also known as Sodinokibi, is publicly demanding $70 million to restore the data it's holding ransom after their data-scrambling software affected hundreds of small and medium businesses across a dozen countries - including schools in New Zealand and supermarkets in Sweden. But in a conversation with Jack Cable of the cybersecurity-focused Krebs Stamos Group, one of the gang's affiliates said he could sell a "universal decryptor" for all the victims for $50 million. Cable told Reuters he managed to get through to the hackers after obtaining a cryptographic key needed to log on to the group's payment portal. Reuters was subsequently able to log on to the payment portal and chat with an operator who said the price was unchanged at $70 million "but we are always ready to negotiate."

Read more of this story at Slashdot.

Uber, Lyft Sweeten Job Perks Amid Driver Shortage, Lofty Fares Slashdotby msmash on business at January 1, 1970, 1:00 am (cached at July 5, 2021, 10:35 pm)

A shortage of drivers in the U.S. is propelling prices for Uber and Lyft rides to record highs and pushing the services to rethink how they attract gig workers. From a report: Uber and Lyft are pouring millions of dollars into incentives for drivers to return, a short-term fix that has helped alleviate the scarcity and tempered fare increases in some areas but that has also raised the companies' costs. The labor crunch isn't projected to end anytime soon. Some analysts expect the problem will persist through the third quarter, pressuring Uber and Lyft to deal with shifting dynamics of gig labor that they acknowledge will require long-term solutions. Executives say the model they built their businesses on -- luring riders with deep discounts and then incentivizing drivers to provide those rides -- can't be the model that sustains them. "This is a moment of deep introspection and reflection for a company like ours to pause and say, 'How do we make the proposition for drivers more attractive longer term?" said Carrol Chang, Uber's chief of driver operations for the U.S. and Canada. "It is absolutely a reckoning," she said. Ms. Chang's team, tasked with managing the shortage for Uber, is in talks to fund education and career-building programs for drivers. Lyft is exploring a new partnership aimed at reducing drivers' expenses, which could involve sizable discounts on gas or insurance or help with buying vehicles, according to a person familiar with its plans. Both companies recently began emailing drivers more insights into earnings opportunities, previously a black box for them.

Read more of this story at Slashdot.

European Plan for Gigantic New Gravitational Wave Detector Passes Milestone Slashdotby msmash on science at January 1, 1970, 1:00 am (cached at July 5, 2021, 9:05 pm)

It's far from a done deal, but plans by European physicists to build a huge new gravitational wave observatory with a radical design received a boost last week. From a report: The European Strategy Forum on Research Infrastructures (ESFRI), which advises European governments on research priorities, added the $2.25 billion observatory, called the Einstein Telescope, to a road map of large science projects ripe for progress. Developers hope the move will give them the political validation needed to transform the Einstein Telescope idea into a project. "This isn't a promise of any funding, but it shows the clear intention to pursue this," says Harald Luck, a gravitational wave physicist at Leibniz University Hannover and the Max Planck Institute for Gravitational Physics and co-chair of the Einstein Telescope steering committee. âoeIt is more of a political commitment." U.S. gravitational wave physicists welcomed the announcement, too, as they think it may bolster their plans to build a pair of detectors even bigger than the Einstein Telescope in a project called Cosmic Explorer. "In the U.S., I think the momentum is going to start to build," says David Reitze, executive director of the Laser Interferometer Gravitational-Wave Observatory (LIGO) and a physicist at the California Institute of Technology.

Read more of this story at Slashdot.

Facebook, Twitter, Google Threaten To Quit Hong Kong Over Proposed Data Laws Slashdotby msmash on facebook at January 1, 1970, 1:00 am (cached at July 5, 2021, 8:37 pm)

Facebook, Twitter, and Alphabet's Google have privately warned the Hong Kong government that they could stop offering their services in the city if authorities proceed with planned changes to data-protection laws that could make them liable for the malicious sharing of individuals' information online. From a report: A letter sent by an industry group that includes the internet firms said companies are concerned that the planned rules to address doxing could put their staff at risk of criminal investigations or prosecutions related to what the firms' users post online. Doxing refers to the practice of putting people's personal information online so they can be harassed by others. Hong Kong's Constitutional and Mainland Affairs Bureau in May proposed amendments to the city's data-protection laws that it said were needed to combat doxing, a practice that was prevalent during 2019 protests in the city. The proposals call for punishments of up to 1 million Hong Kong dollars, the equivalent of about $128,800, and up to five years' imprisonment. "The only way to avoid these sanctions for technology companies would be to refrain from investing and offering the services in Hong Kong," said the previously unreported June 25 letter [PDF] from the Singapore-based Asia Internet Coalition, which was reviewed by The Wall Street Journal.

Read more of this story at Slashdot.

Antarctic Expedition To Renew Search for Shackleton's Ship Endurance Slashdotby msmash on science at January 1, 1970, 1:00 am (cached at July 5, 2021, 7:34 pm)

Endurance22 will launch early next year with aim of locating and surveying wreck in the Weddell Sea. From a report: The location of Sir Ernest Shackleton's Endurance has been one of the great maritime mysteries since the ship became trapped in ice and sank in 1915. Finding this symbol of the "heroic age" of polar exploration at the bottom of the Weddell Sea was long thought impossible because of the harshness of the Antarctic environment -- "the evil conditions," as Shackleton described them. Now a major scientific expedition, announced on Monday, is being planned with a mission to locate, survey and film the wreck. Endurance22 will launch early next year, in a vessel that will brave the most treacherous frozen waters, pounding its way through miles of pack ice. The effects of climate change will make the expedition a little less difficult, with melting ice easing the vessel's passage. An international team of scientists with expertise in the study of ice and climate will be onboard, advancing knowledge of the Antarctic environment. Mensun Bound, its director of exploration, headed the 2019 search for the Endurance that had to be called off because of extreme weather conditions, after an underwater vehicle became trapped beneath the ice. He told the Guardian: "There's a complexity of emotions all swishing around within me. On the one hand, there's great excitement. On the other, for the last three years, I've had to carry this persistent sadness in me that we didn't find it last time. It's never far from my thoughts. That ship is always teasing my imagination." Bound said global warming in the Antarctic is "absolutely devastating," but that the melting ice "has improved our chances" of discovering the shipwreck.

Read more of this story at Slashdot.

[no title] Scripting News(cached at July 5, 2021, 7:03 pm)

Podcast/rant: Our ongoing civil war is about slavery.
[no title] Scripting News(cached at July 5, 2021, 6:32 pm)

BTW, there's a new version of PagePark, v0.8.20, that has the feature described in the RFC from Friday. It makes it a bit simpler to set up a Glitch server, for example, for people who are new to PP.
Didi App Pulled from App Stores in China After Suspension Order Slashdotby msmash on china at January 1, 1970, 1:00 am (cached at July 5, 2021, 6:05 pm)

China has ordered app-store operators to remove the app of Didi from their stores, the latest as tension escalates between the nation's largest ride-hailing giant and local regulators. From a report: The app has disappeared from several stores including Apple's App Store in China, TechCrunch can confirm. The nation's cyberspace administration, which unveiled the order on Sunday, said Didi was illegally collecting users' personal data. The ride-hailing giant, which counts Apple, SoftBank, and Tencent and Uber among its investors and filed for an IPO late last month, has been ordered to make changes to comply with Chinese data protection rules. The move comes after the Chinese internet watchdog announced a probe into Didi over "national security" concerns earlier this week. Didi raised at least $4 billion this week after the New York Stock Exchange debut in one of the largest U.S. IPOs. In a statement, Didi said it had removed its app from various app stores and begun the "corrections." It also said it had halted new user registrations on Saturday. For existing users, the Didi app remains operational.

Read more of this story at Slashdot.

[no title] Scripting News(cached at July 5, 2021, 6:03 pm)

A problem happens when an app running in PagePark makes a request of another app that's running on the same machine. It reared its ugly head again today, and I had a heck of a time finding this thread by searching. In this post I used all the terms I used in my search, so hopefully if I ever hit it again, I'll find my way back here, with this link to the answer.
Swedish Watchdog To Investigate Klarna for Bank Secrecy Breach Slashdotby msmash on business at January 1, 1970, 1:00 am (cached at July 5, 2021, 5:35 pm)

Sweden's financial watchdog said on Monday it was investigating payments firm Klarna over a potential breach of banking secrecy laws in connection with an IT incident at the firm in May. From a report: For a 30 minute period on May 27, Klarna customers were shown other users' data - a digital mishap which the firm, in a statement on June 4, blamed on human error. "(We) will investigate whether Klarna has violated bank secrecy in connection with an IT incident in May where the bank's customers were able to access information about each other for a limited time," Sweden's Finansinspektionen said in a statement. A spokesperson for Klarna told Reuters that the probe, "was very much expected as part of our regular dialogue with the Swedish FSA and as always we approach this with full cooperation and transparency."

Read more of this story at Slashdot.

[no title] Scripting News(cached at July 5, 2021, 5:32 pm)

America’s politics appear to be stubbornly fixed. The bigger problem is the US has a genetic defect that makes it impossible for it to be united. Slavery.
Climate change: Planting extra trees will boost rainfall across Europe BBC News | Science/Nature | UK Edition(cached at July 5, 2021, 5:30 pm)

Converting agricultural land to forestry would boost summer rains by 7.6% on average, a study finds.
Why Email Providers Scan Your Emails Slashdotby msmash on privacy at January 1, 1970, 1:00 am (cached at July 5, 2021, 4:34 pm)

An anonymous reader shares a report: If you receive emails flagged as spam or see a warning that a message might be a phishing attempt, it's a sign that your email provider is scanning your emails. The company may do that just to protect you from danger, but in some situations it can delve into your communications for other purposes, as well. Google announced that it would stop scanning Gmail users' email messages for ad targeting in 2017 -- but that doesn't mean it stopped scanning them altogether. Verizon didn't respond to requests for comments about Yahoo and AOL's current practices, but in 2018 the Wall Street Journal reported that both email providers were scanning emails for advertising. And Microsoft scans its Outlook users' emails for malicious content. Here's what major email providers say about why they currently scan users' messages. Email providers can scan for spam and malicious links and attachments, often looking for patterns. [...] You may see lots of ads in your email inbox, but that doesn't necessarily mean your email provider is using the content of your messages to target you with marketing messages. For instance, like Google, Microsoft says that it refrains from using your email content for ad targeting. But it does target ads to consumers in Outlook, along with MSN, and other websites and apps. The data to do that come from partnering with third-party providers, plus your browsing activity and search history on Bing and Microsoft Edge, as well as information you've given the company, such as your gender, country, and date of birth. [...] If you're using an email account provided by your employer, an administrator with qualifying credentials can typically access all your incoming and outgoing emails on that account, as well as any documents you create using your work account or that you receive in your work account. This allows companies to review emails as part of internal investigations and access their materials after an employee leaves the company. [...] Law enforcement can request access to emails, though warrants, court orders, or subpoenas may be required. Email providers may reject requests that don't satisfy applicable laws, and may narrow requests that ask for too much information. They may also object to producing information altogether.

Read more of this story at Slashdot.

[no title] Scripting News(cached at July 5, 2021, 4:03 pm)

If you think archive.org is backing up all the stuff you care about, check it out, see if they are.
[no title] Scripting News(cached at July 5, 2021, 3:32 pm)

Here's a screen shot that shows how frequently the OPML 2.0 spec is sampled. I can think of three differences. 1. RSS is more famous than OPML. 2. RSS spec is on a Harvard website, the OPML spec is on opml.org. 3. The RSS spec is served via HTTPS, the OPML spec via HTTP.