Secret Terrorist Watchlist With 2 Million Records Exposed Online Slashdotby BeauHD on security at January 1, 1970, 1:00 am (cached at August 16, 2021, 11:35 pm)

A secret terrorist watchlist with 1.9 million records, including classified "no-fly" records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. BleepingComputer reports: July this year, Security Discovery researcher Bob Diachenko came across a plethora of JSON records in an exposed Elasticsearch cluster that piqued his interest. The 1.9 million-strong recordset contained sensitive information on people, including their names, country citizenship, gender, date of birth, passport details, and no-fly status. The exposed server was indexed by search engines Censys and ZoomEye, indicating Diachenko may not have been the only person to come across the list. The researcher discovered the exposed database on July 19th, interestingly, on a server with a Bahrain IP address, not a US one. However, the same day, he rushed to report the data leak to the U.S. Department of Homeland Security (DHS). "I discovered the exposed data on the same day and reported it to the DHS." "The exposed server was taken down about three weeks later, on August 9, 2021." "It's not clear why it took so long, and I don't know for sure whether any unauthorized parties accessed it," writes Diachenko in his report. The researcher considers this data leak to be serious, considering watchlists can list people who are suspected of an illicit activity but not necessarily charged with any crime. "In the wrong hands, this list could be used to oppress, harass, or persecute people on the list and their families." "It could cause any number of personal and professional problems for innocent people whose names are included in the list," says the researcher.

Read more of this story at Slashdot.

Sonos Gets Early Patent Victory Against Google Smart Speakers Slashdotby BeauHD on music at January 1, 1970, 1:00 am (cached at August 16, 2021, 11:05 pm)

An anonymous reader quotes a report from Ars Technica: Sonos scored an early victory in its case against Google Friday, when the US International Trade Commission ruled that Google infringed five of Sonos' smart speaker patents. The ruling is preliminary and subject to a full ITC review, but it could lead to a ban on Google smart speakers. In January 2020, Sonos brought a patent infringement case against Google targeting Google's smart speakers, the Google Home, and later the Nest Audio line. Sonos is the originator of Internet-connected speakers that easily hook up to streaming services, while Google speakers combine a similar feature set with voice-activated Google Assistant commands. To hear Sonos tell the story, Google got a behind-the-scenes look at Sonos' hardware in 2013, when Google agreed to build Google Play Music support for Sonos speakers. Sonos claims Google used that access to "blatantly and knowingly" copy Sonos' audio features for the Google Home speaker, which launched in 2016. TechCrunch got statements from both sides of the fight. First up, Sonos Chief Legal Officer Eddie Lazarus told the site, "Today the ALJ has found all five of Sonos' asserted patents to be valid and that Google infringes on all five patents. We are pleased the ITC has confirmed Google's blatant infringement of Sonos' patented inventions. This decision re-affirms the strength and breadth of our portfolio, marking a promising milestone in our long-term pursuit to defend our innovation against misappropriation by Big Tech monopolies." Meanwhile, Google said, "We do not use Sonos' technology, and we compete on the quality of our products and the merits of our ideas. We disagree with this preliminary ruling and will continue to make our case in the upcoming review process." A final ruling should happen on December 13, and it's not just speakers that could be banned if the two companies don't make nice. The products that connect to those speakers, like Pixels and Chromecasts, could also be banned.

Read more of this story at Slashdot.

Nokia's Smartphone: 25 Years Since it Changed the World Slashdotby msmash on hardware at January 1, 1970, 1:00 am (cached at August 16, 2021, 10:35 pm)

The Nokia 9000 Communicator -- "the office in your back pocket" -- was a smartphone even before the word was invented. It has been 25 years since it revolutionized the market. DW: Nokia presented its 9000 Communicator at the CeBIT 1996 computer fair in Hanover, Germany, and launched on August 15 of that year. "The office in your back pocket" added to the IBM Simon from 1994 and the HP OmniGo 700LX from March 1996. The 9000 Communicator was a smartphone even before the word had been invented. For a decade, the device was ââwhat a smartphone was supposed to look like. After the Communicator, Blackberry perfected the idea -- until Apple's iPhone with its multitouch screen in 2007 came along. Opened like a minilaptop, with a keyboard and a black-and-white display with a diagonal of just 11.5 centimeters (4.5 inches), the retrofuturistic-looking device was made famous by actor Val Kilmer in the remake of the film The Saint. The 9000 Communicator was the first device to offer a combination of keyboard, quality screen, and business and internet software in one package. It had for the first time all of the features of a computer on a phone, putting email, web browsing, fax, word processing and spreadsheets into a single pocketable device.

Read more of this story at Slashdot.

How International Scam Artists Pulled off an Epic Theft of Covid Benefits Slashdotby msmash on money at January 1, 1970, 1:00 am (cached at August 16, 2021, 9:35 pm)

Russian mobsters, Chinese hackers and Nigerian scammers have used stolen identities to plunder tens of billions of dollars in pandemic aid, officials say. From a report: In June, the FBI got a warrant to hunt through the Google accounts of Abedemi Rufai, a Nigerian state government official. What they found, they said in a sworn affidavit, was all the ingredients for a "massive" cyberfraud on U.S. government benefits: stolen bank, credit card and tax information of Americans. Money transfers. And emails showing dozens of false unemployment claims in seven states that paid out $350,000. Rufai was arrested in May at John F. Kennedy International Airport in New York as he prepared to fly first class back to Nigeria, according to court records. He is being held without bail in Washington state, where he has pleaded not guilty to five counts of wire fraud. Rufai's case offers a small window into what law enforcement officials and private experts say is the biggest fraud ever perpetrated against the U.S., a significant part of it carried out by foreigners. Russian mobsters, Chinese hackers and Nigerian scammers have used stolen identities to plunder tens of billions of dollars in Covid benefits, spiriting the money overseas in a massive transfer of wealth from U.S. taxpayers, officials and experts say. And they say it is still happening. Among the ripest targets for the cybertheft have been jobless programs. The federal government cannot say for sure how much of the more than $900 billion in pandemic-related unemployment relief has been stolen, but credible estimates range from $87 million to $400 billion -- at least half of which went to foreign criminals, law enforcement officials say.

Read more of this story at Slashdot.

Jeff Bezos's space firm sues Nasa over SpaceX deal BBC News | Science/Nature | UK Edition(cached at August 16, 2021, 9:30 pm)

Mr Bezos's Blue Origin says it was unfairly treated after being excluded from lunar landing contract.
How Google Bought Android -- According To Folks in the Room Slashdotby msmash on google at January 1, 1970, 1:00 am (cached at August 16, 2021, 9:05 pm)

Chet Haase, who worked at several Silicon Valley tech companies and in 2010 joined the Android engineering team at Google and watched Android rise from the bottom of the smartphone field to where it is today, writes in a new book: The final part of the pitch (and the most important part, for the VCs they were pitching to) was how Android was going to make money. The open source platform described in the slides is essentially what the Android team eventually built and shipped. But if that was all there was, the company would not have been worth funding for VCs. Developing and giving away an open source platform sounds great from a save-the-world standpoint, but where's the payoff? Where's the upside for investors? That is, how did Android plan to make money off of a product that they planned to simply give away? Venture capitalists fund companies that they hope will make more (far more) than their investment back. The path to revenue was clear for the other platform companies in the game. Microsoft made money by licensing its platform to Windows Phone partners; every phone sold contributed a per-device cost back to Microsoft. RIM made money both on the handsets they sold as well as the lucrative service contracts that their loyal enterprise customers signed up for. Nokia and the other Symbian adopters made money by selling the phones that they manufactured with variations of that operating system. Similarly, all of the other handset manufacturers funded their own software development through the revenue generated by the phones they sold. So what was Android's play that would fund the development of this awesome platform that they had yet to build and which they would give away free to other manufacturers to build their own devices? Carrier services. Carriers would provide applications, contacts, and other cloud-based data services to their customers for Android-based handsets. The carriers would pay Android for providing these services. Swetland explained: "Rather than running and hosting the services [like Danger did for its Hiptop phones], we would build the services and sell them to the carriers." (In fact, the system that the team eventually built and shipped stayed true to the vision laid out in the pitch deck, except for this part about revenue from carrier services, which went away entirely.)

Read more of this story at Slashdot.

Pearson To Pay $1 Million Fine for Misleading Investors About 2018 Data Breach Slashdotby msmash on security at January 1, 1970, 1:00 am (cached at August 16, 2021, 8:35 pm)

Pearson, a London-based publishing and education giant that provides software to schools and universities has agreed to pay $1 million to settle charges that it misled investors about a 2018 data breach resulting in the theft of millions of student records. From a report: The U.S. Securities and Exchange Commission announced the settlement on Monday after the agency found that Pearson made "misleading statements and omissions" about its 2018 data breach, which saw millions of student usernames and scrambled passwords stolen, along with the administrator login credentials of 13,000 schools, district and university customer accounts. The agency said that in Person's semi-annual review filed in July 2019, the company referred to the incident as a "hypothetical risk," even after the data breach had happened. Similarly, in a statement that same month, Pearson said the breach may include dates of birth and email addresses, when it knew that such records were stolen, according to the SEC. Pearson also said that it had "strict protections" in place when it actually took the company six months to patch the vulnerability after it was notified.

Read more of this story at Slashdot.

Walmart Seeks Crypto Expert To Oversee Digital Currency Push Slashdotby msmash on bitcoin at January 1, 1970, 1:00 am (cached at August 16, 2021, 7:35 pm)

Walmart is looking to hire a cryptocurrency expert to develop a blockchain strategy, joining a growing number of major corporations exploring the viability of digital currencies such as Bitcoin. From a report: The position will be responsible for "developing the digital currency strategy and product roadmap" and identifying "crypto-related investment and partnerships," according to a job posting Sunday on the retail giant's website. The senior director will be based in Walmart's corporate offices in Bentonville, Arkansas. While Walmart's specific intentions weren't immediately clear, the job description refers to the "broad set of payment options for its customers" in stores and online. The company didn't immediately respond to a request for additional information. The recruitment effort by Walmart comes several weeks after a similar job posting by rival Amazon.com, indicating that the biggest retailers in the U.S. may soon let customers use cryptocurrencies to pay for their purchases. PayPal Holdings began letting select customers of its Venmo app buy, sell and hold digital currencies earlier this year and expanded the effort last week.

Read more of this story at Slashdot.

Jeff Bezos' Blue Origin Sues NASA, Escalating Its Fight for a Moon Lander Contract Slashdotby msmash on space at January 1, 1970, 1:00 am (cached at August 16, 2021, 7:05 pm)

Jeff Bezos' space company Blue Origin brought its fight against NASA's Moon program to federal court on Monday, doubling down on accusations that the agency wrongly evaluated its lunar lander proposal. From a report: The complaint escalates a monthslong crusade by the company to win a chunk of lunar lander funds that was only given to its rival, Elon Musk's SpaceX and comes weeks after Blue Origin's first protest over the Moon program was squashed by a federal watchdog agency. Now in court, Blue Originâ(TM)s challenge could add another pause to SpaceX's contract and a new lengthy delay to NASA's race to land astronauts on the Moon by 2024. Blue Origin's complaint, filed with the US Court of Federal Claims, was shrouded behind a protective order. The company is broadly challenging NASA's decision to pick SpaceX for the lunar lander award, and "more specifically ... challenges NASA's unlawful and improper evaluation of proposals submitted under the HLS Option A BAA," according to its request to file its complaint under seal. Blue Origin was one of three firms vying for a contract to land NASA's first astronauts on the Moon since 1972. In April, NASA shelved the company's $5.9 billion proposal of its Blue Moon landing system and went with SpaceX's $2.9 billion Starship proposal instead, opting to pick just one company for the project after saying it might pick two. Limited funding from Congress only allowed one contract, NASA has argued.

Read more of this story at Slashdot.

Intel Enters the PC Gaming GPU Battle With Arc Slashdotby msmash on intel at January 1, 1970, 1:00 am (cached at August 16, 2021, 6:05 pm)

Dave Knott writes: Intel is branding its upcoming consumer GPUs as Intel Arc. This new Arc brand will cover both the hardware and software powering Intel's high-end discrete GPUs, as well as multiple hardware generations. The first of those, known previously as DG2, is expected to arrive in the form of codename "Alchemist" in Q1 2022. Intel's Arc GPUs will be capable of mesh shading, variable rate shading, video upscaling, and real-time ray tracing. Most importantly, Intel is also promising AI-accelerated super sampling, which sounds like Intel has its own competitor to Nvidia's Deep Learning Super Sampling (DLSS) technology.

Read more of this story at Slashdot.

[no title] Scripting News(cached at August 16, 2021, 6:02 pm)

Brent Ashley had exactly the advice I needed. opml.org problem solved everywhere. I can start with a fresh slate. Excellent.
Amazon Encourages Teachers To Use Social Media To Obtain Classroom Supplies Slashdotby msmash on education at January 1, 1970, 1:00 am (cached at August 16, 2021, 5:35 pm)

theodp writes: By purchasing items from hundreds of teachers' Wish Lists this back-to-school season," Amazon explained in a Monday corporate post, "Amazon is working to ensure teachers can fill their classrooms with the items they need, from essential school supplies like pencils and markers to books to help stock up the classroom library. [...] If you are an educator who needs help fulfilling your list, or if you know someone who does, share your Amazon Wish List on social media and tag @amazon with #ClearTheList." In a Twitter post last week, Amazon called on its 3.7 million followers to "learn about our Amazon Future Engineer Teacher of the Year award recipients and help them #ClearTheList." Amazon Future Engineer (AFE) is "a comprehensive childhood-to-career program aimed at increasing access to computer science education for children and young adults." Explaining the importance of #ClearTheList school funding in a video shared with Amazon's 29.2 million Facebook followers, one AFE Teacher of the Year explains, "You can't teach 21st century skills without 21st century funding, so supplies are super important for classrooms." A second AFE Teacher of the Year also endorsed #ClearTheList funding in Amazon's Monday post, explaining that ""When teachers have all their classroom supplies, they can focus on nurturing their students' curiosity." Each of the 10 AFE Teachers of the Year 2021 received a $30,000+ prize package from Amazon in June, which should clear their lists.

Read more of this story at Slashdot.

Trumping on Twitter Scripting News(cached at August 16, 2021, 5:32 pm)

Someone I follow on Twitter complained that people thought just because he was a VC he wasn't allowed to have opinions. So I decided to take a look at what his opinion was.

This is what I wrote to him.

I don't see him as a troll. I think there are VCs in Calif who have a very limited set of people they talk with, and they actually fit into Trump's target. Even though they;'re hugely rich, young, healthy, super super privileged, they really feel misunderstood and victimized. It's real. They really feel it.

So it was worth one shake of the shoulders. Hey this isn't a good look.

Beijing Tightens Grip on ByteDance by Quietly Taking Stake, China Board Seat Slashdotby msmash on china at January 1, 1970, 1:00 am (cached at August 16, 2021, 5:05 pm)

For months, China has sought to bring its bustling internet sector to heel with an intensifying series of antitrust crackdowns and data security probes. In one example that hasn't been previously reported, the Chinese government in April quietly took a stake and a board seat in TikTok owner ByteDance's key Chinese entity, according to corporate records and people with knowledge of the matter. The Information (paywalled): The move gives Beijing more insight into the inner workings of ByteDance, the world's most valuable privately held tech company, which owns some of the most popular apps in China, such as Douyin and Toutiao, along with TikTok. The government's right to one seat on a three-person board of directors at Beijing ByteDance Technology, which holds Chinese business licenses related to Douyin and Toutiao, raises questions about how much more influence Beijing can exert over ByteDance as a whole.

Read more of this story at Slashdot.

[no title] Scripting News(cached at August 16, 2021, 5:02 pm)

The problem re opml.org, below, has narrowed quite a bit.