Cellphones

Turning a Smartphone Display Into a Biometric Scanner 13

Posted by Soulskill
from the don't-make-the-obvious-jokes dept.
New submitter jan_jes writes: Recent mobile phones integrate fingerprint scanners to authenticate users biometrically and replace passwords, making authentication more convenient. Researchers at Yahoo Labs have created a new technology called "Bodyprint," which turns your smartphone's touchscreen display into a biometric scanner. It allows the touch sensor to scan users' body parts (PDF) such as ears, fingers, fists, and palms by pressing them against the display. Bodyprint implements the four-eye principle for locking sensitive documents — accessing the document can require the presence of two or more people involved with the project. Another application is authenticating a user to answer a call by scanning their ear pressed against the phone.
Yahoo!

Yahoo Called Its Layoffs a "Remix." Don't Do That. 194

Posted by samzenpus
from the what-to-do-and-what-not-to-do dept.
Nerval's Lobster writes: Yahoo CEO Marissa Mayer, in a conference call with reporters and analysts, referred to the net layoffs of 1,100 employees in the first quarter of 2015 as part of a 'remixing' of the company. A 'remix' is a term most often applied to songs, although it's also appropriate to use in the context of photographs, films, and artwork. CEOs rarely use it to describe something as momentous as a major enterprise's transition, especially if said transition involves layoffs of longtime employees, because it could potentially appear flippant to observers. If you run your own shop (no matter how large), it always pays to choose words as carefully as possible when referring to anything that affects your employees' lives and careers. Despite a renewed focus on mobile and an influx of skilled developers and engineers, Yahoo still struggles to define its place on the modern tech scene; that struggle is no more evident than in the company's most recent quarterly results, which included rising costs, reduced net income, and layoffs.
The Almighty Buck

George Lucas Building Low-Income Housing Next Door To Millionaires 536

Posted by samzenpus
from the rich-and-poor dept.
BarbaraHudson writes His neighbors wouldn't let him build a film studio on his land, so George Lucas is retaliating in a way that only the cream of Hollywood could — by building the largest affordable housing development in the area — and footing the entire $200 million bill, no government subsidies or grants. The complex of affordable housing, funded and designed by Lucas, would sit on 52 acres of land and provide homes to 224 low-income families, and there's very little his fellow Bay Area residents can do about it, because the land is zoned residential.
The Almighty Buck

William Shatner Proposes $30 Billion Water Pipeline To California 670

Posted by samzenpus
from the pipe-it-in dept.
Taco Cowboy writes The 84-year-old Star Trek star wants to build a water pipeline to California. All it'll cost, according to Mr. Shatner, is $30 billion, and he wants to KickStarter the funding campaign. According to Mr. Shatner, if the KickStarter campaign doesn't raise enough money then he will donate whatever that has been collected to a politician who promise to build that water pipe. Where does he wants to get the water? Seattle, "A place where there's a lot of water. There's too much water," says Mr. Shatner.
Space

NASA's Chief Scientist Predicts Evidence For Life Beyond Earth By 2025 160

Posted by Soulskill
from the and-it'll-take-just-a-few-years-after-that-to-make-them-angry-at-us dept.
An anonymous reader writes: Ellen Stofan, chief scientist at NASA, predicts we're not far off from finding evidence for alien life. At a panel discussion yesterday, she said, "I think we're going to have strong indications of life beyond Earth within a decade, and I think we're going to have definitive evidence within 20 to 30 years." She added, "We know where to look. We know how to look. In most cases we have the technology, and we're on a path to implementing it." Stofan thinks putting astronauts on Mars will be a big part of that goal. As efficient as robot missions are, she thinks it'll take humans digging and cracking rocks to find definitive evidence for life on other worlds.
Encryption

The Problem With Using End-to-End Web Crypto as a Cure-All 89

Posted by Soulskill
from the nobody-reads-the-not-so-fine-print dept.
fsterman writes: Since the Snowden revelations, end-to-end web encryption has become trendy. There are browser add-ons that bolt a PGP client onto webmail and both Yahoo and Google are planning to support PGP directly. They attempt to prevent UI spoofing with icons similar to the site-authentication banks use to combat phishing.

The problem is that a decade of research shows that users habituate to these icons and come to ignore them. An attacker can pull off UI spoofing with a 90%+ success rate.
Internet Explorer

Microsoft To Stop Enabling 'Do Not Track' By Default 64

Posted by Soulskill
from the do-not-do-not-track dept.
An anonymous reader writes: The history of the do-not-track setting for web browsers has been rife with debate. It took a long time for web experts to come to anything resembling a consensus on how it should be implemented, and the process isn't over yet. Microsoft took criticism for enabling the do-not-track setting by default in Internet Explorer. While it sounds good in theory, many worried it would just spur websites to completely disregard the setting (and some, like Yahoo, did just that). Now, Microsoft has reversed their stance. The do-not-track setting will not be enabled by default in the company's future browsers. They say, "Put simply, we are updating our approach to DNT to eliminate any misunderstanding about whether our chosen implementation will comply with the W3C standard. ... As a result, DNT will not be the default state in Windows Express Settings moving forward, but we will provide customers with clear information on how to turn this feature on in the browser settings should they wish to do so."
Google

Google 'Makes People Think They Are Smarter Than They Are' 227

Posted by timothy
from the hold-on-while-I-google-for-contradiction dept.
HughPickens.com writes Karen Knapton reports at The Telegraph that according to a study at Yale University, because they have the world's knowledge at their fingertips, search engines like Google or Yahoo make people think they are smarter than they actually are giving people a 'widely inaccurate' view of their own intelligence that can lead to over-confidence when making decisions. In a series of experiments, participants who had searched for information on the internet believed they were far more knowledgeable about a subject that those who had learned by normal routes, such as reading a book or talking to a tutor. Internet users also believed their brains were sharper. "The Internet is such a powerful environment, where you can enter any question, and you basically have access to the world's knowledge at your fingertips," says lead researcher Matthew Fisher. "It becomes easier to confuse your own knowledge with this external source. When people are truly on their own, they may be wildly inaccurate about how much they know and how dependent they are on the Internet." In the tests searching for answers online leads to an illusion such that externally accessible information is conflated with knowledge "in the head" (PDF). This holds true even when controlling for time, content, and search autonomy during the task. "The Internet is an enormous benefit in countless ways, but there may be some trade-offs that aren't immediately obvious and this may be one of them," concludes Fisher. "Accurate personal knowledge is difficult to achieve, and the Internet may be making that task even harder."
Advertising

How Malvertising Abuses Real-Time Bidding On Ad Networks 113

Posted by samzenpus
from the rotten-apples dept.
msm1267 writes Dark corners of the Internet harbor trouble. They're supposed to. But what about when Yahoo, CNN.com, TMZ and other busy destination sites heave disaster upon visitors? That's the challenge posed by malvertising, the latest hacker Golden Goose used in cybercrime operations and even in some targeted attacks. Hackers are thriving in this arena because they have found an unwittingly complicit partner in the sundry ad networks to move malicious ads through legitimate processes. Adding gasoline to the raging fire is the abuse of real-time ad bidding, a revolution in the way online ads are sold. RTB enables better ad targeting for advertisers and less unsold inventory for publishers. Hackers can also hitch a ride with RTB and target malicious ads on any site they wish, much the way a legitimate advertiser would use the same system.
Security

Many Password Strength Meters Are Downright Weak, Researchers Say 159

Posted by timothy
from the it's-like-pressing-the-walk-button dept.
alphadogg writes "Website password strength meters often tell you only what you want to hear rather than what you need to hear. That's the finding from researchers at Concordia University in Montreal, who examined the usefulness of those ubiquitous red-yellow-green password strength testers on websites run by big names such as Google, Yahoo, Twitter and Microsoft/Skype. The researchers used algorithms to send millions of 'not-so-good' passwords through these meters, as well as through the meters of password management services such as LastPass and 1Password, and were largely underwhelmed by what they termed wildly inconsistent results. Inconsistent can go both directions: I've seen password-strength meters that balked at absolutely everything (accepting weak passwords as good, after calling wildly long and random ones poor).
Security

Flash-Based Vulnerability Lingers On Many Websites, Three Years Later 42

Posted by Soulskill
from the what's-old-is-new dept.
itwbennett writes: The vulnerability known as CVE-2011-2461 was unusual because fixing it didn't just require the Adobe Flex Software Development Kit (SDK) to be updated, but also patching all the individual Flash applications (SWF files) that had been created with vulnerable versions of the SDK. The company released a tool that allowed developers to easily fix existing SWF files, but many of them didn't. Last year, Web application security engineers Luca Carettoni from LinkedIn and Mauro Gentile from Minded Security came across the old flaw while investigating Flash-based techniques for bypassing the Same-Origin Policy (SOP) mechanism found in browsers. They found SWF files that were still vulnerable on Google, Yahoo, Salesforce, Adobe, Yandex, Qiwi and many other sites. After notifying the affected websites, they presented their findings last week at the Troopers 2015 security conference in Germany.
Mars

Mars One Delayed 2 Years, CEO Releases Video In Response To Criticism 89

Posted by samzenpus
from the just-a-little-longer dept.
CryoKeen writes It's interesting how different news sites spin #marsgate. From Yahoo News: "The private colonization project Mars One has pushed its planned launch of the first humans toward the Red Planet back by two years, to 2026. The delay was necessitated by a lack of investment funding, which has slowed work on a robotic precursor mission that Mars One had wanted to send toward the Red Planet in 2018, Mars One CEO Bas Lansdorp said in a new video posted today... 'We had a very successful investment round in 2013 that has financed all the things that we have done up to now. And we have actually come to an agreement with a consortium of investors late last year for a much bigger round of investments. Unfortunately, the paperwork of that deal is taking much longer than we expected,' Lansdorp said in the video." This Astrowatch article is a lot more scathing and to the point: "Mars One, the Dutch company planning to send people on a one-way trip to Mars, that recently selected a group of 100 hopefuls, struggles with criticism. In a Medium story this week, Mars One finalist Joseph Roche presented multiple reasons as to why he believed the entire operation is a complete scam. In response, the company published a video Thursday in which Bas Lansdorp, CEO and Co-founder of Mars One, replies to recent criticism concerning the feasibility of Mars One's human trip to Mars. He also revealed that the mission will be delayed for two years. Roche said that the 'only way' to get selected for the next round of the Mars One candidacy process was to donate money. 'My nightmare about it is that people continue to support it and give it money and attention, and it then gets to the point where it inevitably falls on its face,' Roche told Elmo Keep for Medium."
Japan

No Fuel In the Fukushima Reactor #1 234

Posted by timothy
from the oh-this-old-thing? dept.
An anonymous reader writes To nobody's surprise, the Japanese press reports that a new way to look at the inside of one of the Fukushima 1 damaged reactors has shown the fuel is not in place. Engineers have not been able to develop a machine to directly see the exact location of the molten fuel, hampered by extremely high levels of radiation in and around the reactors, but a new scan technique using muons (details on the method in the media are missing) have shown the fuel is not in its place. While Tepco's speculation is that the fuel may be at the bottom of the reactor, it is a safe bet that at least some of it has burned through and has gone on to create an Uruguay syndrom.
Yahoo!

Yahoo Debuts End-To-End Encryption Email Plugin, Password-Free Logins 213

Posted by Soulskill
from the from-one-end-of-the-internet-to-the-other dept.
An anonymous reader writes: Yahoo has released the source code for a plugin that will enable end-to-end encryption for their email service. They're soliciting feedback from the security community to make sure it's built properly. They plan to roll it out to users by the end of the year.

Yahoo also demonstrated a new authentication system that doesn't use permanent passwords. Instead, they allow you to associate your Yahoo account with your phone, and text you a code on demand any time you need to log in. It's basically just the second step of traditional two-step authentication by itself. But Yahoo says they think it's "the first step to eliminating passwords."
United States

Snowden Reportedly In Talks To Return To US To Face Trial 671

Posted by Soulskill
from the bold-strategy dept.
HughPickens.com writes: The Globe and Mail reports that Edward Snowden's Russian lawyer, Anatoly Kucherena, says the fugitive former U.S. spy agency contractor is working with American and German lawyers to return home. "I won't keep it secret that he wants to return back home. And we are doing everything possible now to solve this issue. There is a group of U.S. lawyers, there is also a group of German lawyers and I'm dealing with it on the Russian side." Kucherena added that Snowden is ready to return to the States, but on the condition that he is given a guarantee of a legal and impartial trial. The lawyer said Snowden had so far only received a guarantee from the U.S. Attorney General that he will not face the death penalty. Kucherena says Snowden is able to travel outside Russia since he has a three-year Russian residency permit, but "I suspect that as soon as he leaves Russia, he will be taken to the U.S. embassy."
Yahoo!

Marissa Mayer On Turning Around Yahoo 167

Posted by samzenpus
from the steering-the-ship dept.
An anonymous reader writes For the 20th anniversary of Yahoo, Marissa Mayer discusses how she's trying to reinvent the company. In a wide-ranging interview, Mayer shares her vision for fixing the company's past mistakes, including a major investment in mobile and a new ad platform. Yet she's been dogged by critics who see her as an imperious micromanager, who criticize her $1.1 billion purchase of Tumblr, and who fault her for moving too slowly. The company's executives explain that the business could only return to health after she first halted Yahoo's brain drain and went big on mobile. As one Yahoo employee summarized Mayer's thinking: "First people, then apps."
Businesses

Teamsters Seek To Unionize More Tech Shuttle Bus Drivers In Silicon Valley 301

Posted by samzenpus
from the shuttle-together dept.
An anonymous reader writes with news about the effort to unionize shuttle drivers in Silicon Valley. "Shuttle bus drivers for five prominent tech companies will decide whether to unionize on Friday in a vote that has the potential to dramatically expand organized labor's territory in Silicon Valley and embolden others in the tech industry's burgeoning class of service workers to demand better working conditions. Drivers who ferry Yahoo, Apple, Genentech, eBay and Zynga workers -- all employed by contractor Compass Transportation -- will decide whether to join the Teamsters union in an election overseen by the National Labor Relations Board. Union leaders say they want to bring the drivers into the fold so they can negotiate better pay and benefits -- as well as relief from a split shift that has the drivers working morning and evening shifts with no pay in between. A contract the Teamsters struck over the weekend for Facebook's shuttle bus drivers, who work for Loop Transportation, offers a glimpse of what may be possible: paid sick and vacation time, full health care coverage and wages of up to $27.50 an hour."
Encryption

NSA Director Wants Legal Right To Snoop On Encrypted Data 406

Posted by Soulskill
from the you-can-trust-us dept.
jfruh writes: This may not come as a huge shock, but the director of the NSA doesn't believe that you have the right to encrypt your data in a way that the government can't access it. At a cybersecurity policy event, Michael Rogers said that the U.S. should be able to craft a policy that allows the NSA and law enforcement agencies to read encrypted data when they need to.
Security

'Babar' Malware Attributed To France 65

Posted by Soulskill
from the white-flag dept.
sarahnaomi writes: The NSA, GCHQ, and their allies in the Five Eyes are not the only government agencies using malware for surveillance. French intelligence is almost certainly hacking its targets too — and now security researchers believe they have proof. On Wednesday, the researchers will reveal new details about a powerful piece of malware known as "Babar," which is capable of eavesdropping on online conversations held via Skype, MSN and Yahoo messenger, as well as logging keystrokes and monitoring which websites an infected user has visited. The researchers are publishing two separate but complementary reports that analyze samples of the malware, and all but confirm that France's spying agency the General Directorate for External Security (DGSE) was responsible for its creation.
AI

Breakthrough In Face Recognition Software 142

Posted by Soulskill
from the anonymity-takes-another-hit dept.
An anonymous reader writes: Face recognition software underwent a revolution in 2001 with the creation of the Viola-Jones algorithm. Now, the field looks set to dramatically improve once again: computer scientists from Stanford and Yahoo Labs have published a new, simple approach that can find faces turned at an angle and those that are partially blocked by something else. The researchers "capitalize on the advances made in recent years on a type of machine learning known as a deep convolutional neural network. The idea is to train a many-layered neural network using a vast database of annotated examples, in this case pictures of faces from many angles. To that end, Farfade and co created a database of 200,000 images that included faces at various angles and orientations and a further 20 million images without faces. They then trained their neural net in batches of 128 images over 50,000 iterations. ... What's more, their algorithm is significantly better at spotting faces when upside down, something other approaches haven't perfected."