Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Chrome

Google Starts Using HTML5 By Default Instead of Flash For Some Chrome Users (venturebeat.com) 19

Google announced in a blog post today that it will be rolling out a feature over the next few months that starts disabling Flash and displaying HTML5 content instead on certain websites. Google notes, "This change disables Adobe Flash Player unless there's a user indication that they want Flash content on specific sites, and eventually all websites will require the user's permission to run Flash." VentureBeat reports: Google has deployed the change for half of the people who are using Chrome 56 beta, which rolled out yesterday, Google technical program manager Eric Deily wrote in a blog post. Then, "in the next few days," Deily wrote, the feature will be active for 1 percent of users of Chrome 55 stable. And by February 2016 it will be live for all users in Chrome 56 stable, Deily wrote. The idea is to lessen the dependence on a web component that can cause a drag on CPU and memory usage and shorten battery life as a result. Flash also has a track record of security issues.
Google

Google Is Testing User Ratings For Movies, TV Within Search Results (techcrunch.com) 9

Google has confirmed to Search Engine Land that it is testing a feature allowing users to rate movies or TV shows directly in the search results interface. "We're currently experimenting with the feature but have nothing to announce at this time," a Google spokesperson said. TechCrunch reports: Unlike other movie and TV rating platforms, Google's feature is not on a scale from one to five but instead offers a binary choice: like or dislike. Information about weather, ticket purchasing options and more used to be available on unique, individual websites. Today, however, Google has incorporated this information and functionality into the search results layer of its own service. Within the movie ratings feature, users will also be able to see the Rotten Tomatoes and IMDb ratings for the title, as they always have. You can view a screenshot of the rating system here.
Communications

Google Now Lets Developers Write Apps For the Assistant On Google Home (techcrunch.com) 38

Google today announced it will open up Home to third-party developers, allowing all developers to start bringing their applications and services to the Google Assistant. Developers can start building "conversation actions" for the Google Assistant, which "allows developers to create back-and-forth conversations with users through the Assistant," writes Frederic Lardinois via TechCrunch. "Users can simply start these conversations by using a phrase like 'OK Google, talk to Eliza.'" TechCrunch reports: While the Assistant also runs on the Pixel phones and inside the Allo chat app, Google says it plans to bring actions to these other "Assistant surfaces" in the future, but it's unclear when exactly this will happen. To help developers who want to build these new Conversation Actions get started, Google has teamed up with a number of partners, including API.AI, GupShup, DashBot and VoiceLabs, Assist, Notify.IO, Witlingo and Spoken Layer. Google has also allowed a small number of partners to enable their apps on Google Home already. These integrations will roll out as early as next week. Given that users will be able to invoke these new actions with a simple command (and without having to first enable a skill, like on Alexa), Google's platform looks to be a rather accessible and low-friction way for developers to get their voice-enabled services to users. Google will have the final say over which actions will be enabled on Google Home.
Communications

US Presidential Election Was Most 'Talked About' Topic In 2016, Says Facebook (phys.org) 87

What may come as no surprise to Facebook users, the social media company announced in a blog post that the U.S. presidential election was the most "talked about" topic on Facebook in 2016. Phys.Org highlights the other most-discussed topics in its report: The bitterly contested election in which Donald Trump defeated Hillary Clinton was ranked as the leading issue, followed by Brazil's political developments which included the impeachment of president Dilma Rousseff, Facebook said in a blog post. On the lighter side at number three was the runaway success of Pokemon Go, the location-based augmented reality game for smartphone users. Other subject matters shared among Facebook's 1.79 billion users were more sober, with the fourth leading topic the "Black Lives Matter" movement, followed by the election in the Philippines of Rodrigo Duterte. Number six on the list was the Olympic games, followed by Brexit, the Super Bowl and the deaths of rock star David Bowie and boxing icon Muhammad Ali. Facebook said it measured leading topics by how frequently an issue was mentioned in posts made between January 1 and November 27.
Transportation

Transportation Department Proposes Allowing In-Flight Phone Calls (go.com) 101

Yesterday, France's Le Monde newspaper issued a report, citing documents from NSA whistleblower Edward Snowden, that says American and British spies have since 2005 been working on intercepting phone calls and data transfers made from aircraft. Assuming the report is accurate, national security agencies may soon have their hands full if a new proposal by the Department of Transportation becomes official, which would allow each airline to decide whether its passengers will be permitted to make in-flight phone calls using the aircraft's onboard Wi-Fi system. ABC News reports: The Department of Transportation's proposal leaves it up to airlines whether to allow the calls. But carriers would be required to inform passengers at the time they purchase a ticket if the calls are allowed. That would give passengers the opportunity to make other travel arrangements if they don't want to risk the possibility of sitting near passengers making phone calls. The Federal Communications Commission prohibits using mobile phones to make calls during flights, but not Wi-Fi calls. There is a minimum 60-day comment period and the proposal leaves the door open to an outright ban. The Wall Street Journal first reported on the proposal.
Businesses

Yik Yak Lays Off 60 Percent of Employees As Growth Collapses (theverge.com) 69

An anonymous reader quotes a report from The Verge: Yik Yak has laid off 60 percent of employees amid a downturn in the app's growth prospects, The Verge has learned. The three-year-old anonymous social network has raised $73.5 million from top-tier investors on the promise that its young, college-age network of users could one day build a company to rival Facebook. But the challenge of growing its community while moving gradually away from anonymity has so far proven to be more than the company could muster. Employees who were affected were informed of the layoffs Thursday morning, sources told The Verge. Yik Yak employed about 50 people, and now only about 20 remain, the company said. The community, marketing, design, and product teams were all deeply affected, one source said. Atlanta-based Yik Yak was founded in 2014 by Furman University students Tyler Droll and Brooks Buffington. The app updated the concept of dorm newsletters for the mobile era, letting anyone post comments about school, their campus, or life in general. The fact that comments were anonymous initially helped the app grow, as it encouraged more candid forms of sharing than students might otherwise post on Facebook or Instagram.
Privacy

Watchdog Group Claims Smart Toys Are Spying On Kids (mashable.com) 66

The Center for Digital Democracy has filed a complaint with the Federal Trade Commission warning of security and privacy holes associated with a pair of smart toys designed for children. Mashable reports: "This complaint concerns toys that spy," reads the complaint, which claims the Genesis Toys' My Friend Cayla and i-QUE Intelligent Robot can record and collect private conversations and offer no limitations on the collection and use of personal information. Both toys use voice recognition, internet connectivity and Bluetooth to engage with children in conversational manner and answer questions. The CDD claims they do all of this in wildly insecure and invasive ways. Both My Friend Cayla and i-QUE use Nuance Communications' voice-recognition platform to listen and respond to queries. On the Genesis Toy site, the manufacturer notes that while "most of Cayla's conversational features can be accessed offline," searching for information may require an internet connection. The promotional video for Cayla encourages children to "ask Cayla almost anything." The dolls work in concert with mobile apps. Some questions can be asked directly, but the toys maintain a constant Bluetooth connection to the dolls so they can also react to actions in the app and even appear to identify objects the child taps on on screen. While some of the questions children ask the dolls are apparently recorded and sent to Nuance's servers for parsing, it's unclear how much of the information is personal in nature. The Genesis Privacy Policy promises to anonymize information. The CDD also claims, however, that My Friend Cayla and i-Que employ Bluetooth in the least secure way possible. Instead of requiring a PIN code to complete pairing between the toy and a smartphone or iPad, "Cayla and i-Que do not employ... authentication mechanisms to establish a Bluetooth connection between the doll and a smartphone or tablet. The dolls do not implement any other security measure to prevent unauthorized Bluetooth pairing." Without a pairing notification on the toy or any authentication strategy, anyone with a Bluetooth device could connect to the toys' open Bluetooth networks, according to the complaint.
Transportation

Audi Cars Now Talk To Stop Lights In Vegas (ieee.org) 99

Audi says its cars can now tell drivers how many seconds remain until the traffic light turns green. It's the first commercial offering of vehicle-to-infrastructure communication in the United States, it adds. From a report, submitted by an anonymous reader: Of course, nobody would pay much extra for an electronic gadget that just lowered your stoplight waiting anxiety. But this feature is just testing the waters; bigger applications are in view. The cars -- recently manufactured Audi A4 and Q7 models signed onto Audi's prime connection service -- communicate with the Las Vegas traffic management system via 4G LTE, the standard mobile phones use. The countdown appears on the dashboard or heads-up display, then shuts off a few seconds before the light changes (presumably to keep drivers from getting mesmerized). Audi manages the transfer of data with the help of its partner, Traffic Technology Services (TTS), of Beaverton, Ore. The plan is to eventually give drivers the information they need to make fairly ambitious predictions, like choosing the right speed to go sailiing through several green lights in a row. Or the system might bypass the driver and go straight to the engine's "start-stop" system, shutting it down for a long count, then starting it up again seconds before getting a green light.
Printer

Google Cloud Print Is Turning Off Epson Printers (pcmag.com) 73

When Google launched Cloud Print, it removed a lot of the hassle from using a printer. Instead of a printer only printing documents from the PC it was connected to, Cloud Print allowed any device, be it a Windows PC, Mac, Chromebook, smartphone, tablet, etc. to print to any printer either locally or remotely. However, Google Cloud Print has gone awry this week, as reports PCMag, and Epson printer owners are suffering because of it. From the article: A thread appeared on the Chromebook Central Help Forum explaining a problem where an Epson XP-410$185.00 at Amazon printer was turning itself off after 30 seconds. The printer worked without issue for two years, but now it wouldn't stay powered on. At first, this seems like a printer hardware problem, but the printer started working again once it was disconnected from the Internet. However, as soon as Google Print Cloud was enabled, the automatic power down happened again. Later in the support thread an Epson WF-4630 owner reports the same issue, as do XP-215, XP-415, XP-610, WF-545, WF-845, and WF-7610 owners.A change in Google's API for its cloud service triggered the issue, reports ArsTechnica. The change has caused a conflict between Cloud Print and printers' firmware.

Update: Epson has responded to Slashdot, pointing us to its support page that has instructions on how to fix the issue on many of Epson printers.
Yahoo!

Yahoo Fixes Flaw Allowing an Attacker To Read Any User's Emails (zdnet.com) 30

Yahoo says it has fixed a severe security vulnerability in its email service that allowed an attacker to read a victim's email inbox. From a report on ZDNet: The cross-site scripting (XSS) attack only required a victim to view an email in Yahoo Mail. The internet giant paid out $10,000 to security researcher Jouko Pynnonen for privately disclosing the flaw through the HackerOne bug bounty, In a write-up, Pynnonen said that the flaw was similar to last year's Yahoo Mail bug, which similarly let an attacker compromise a user's account. Yahoo filters HTML messages to ensure that malicious code won't make it through into the user's browser, but the researcher found that the filters didn't catch all of the malicious data attributes.
Bug

Adobe Flash Responsible For Six of the Top 10 Bugs Used By Exploit Kits In 2016 (onthewire.io) 72

Trailrunner7 quotes a report from On the Wire: Vulnerabilities in Flash and Internet Explorer dominated the exploit kit landscape in the last year, with a high-profile bug in Flash being found in seven separate kits, new research shows. Exploit kits have long been a key tool in the arsenal of many attackers, from low-level gangs to highly organized cybercrime crews. Their attraction stems from their ease of use and the ability for attackers to add exploits for new vulnerabilities as needed. While there are dozens of exploit kits available, a handful of them attract the most use and attention, including Angler, Neutrino, Nuclear, and Rig. Researchers at Recorded Future looked at more than 140 exploit kits and analyzed which exploits appeared in the most kits in the last year, and it's no surprise that Flash and IE exploits dominated the landscape. Six of the top 10 most-refquently targeted vulnerabilities in the last year were in Flash, while the other four were in Microsoft products, including IE, Windows, and Silverlight. Flash has been a favorite target for attackers for a long time, for two main reasons: it's deployed on hundreds of millions of machines, and it has plenty of vulnerabilities. Recorded Future's analysis shows that trend is continuing, and one Flash bug disclosed October 2015 was incorporated into seven individual exploit kits. The flaw was used by a number of high-level attackers, including some APT groups. "Adobe Flash Player's CVE-2015-7645, number 10 in terms of references to exploit kits, stands out as the vulnerability with the most adoption by exploit kits. Exploit kits adopting the Adobe bug in the past year include Neutrino, Angler, Magnitude, RIG, Nuclear Pack, Spartan, and Hunter," the analysis by Recorded Future says.
Education

Information Overload No Problem For Most Americans: Survey (reuters.com) 75

About 20 percent of American adults feel the burden of information overload, with that figure at least doubling among those from poorer or less educated backgrounds, Pew Research Center said in a new report. Reuters adds: "Generally, Americans appreciate lots of information and access to it," said the report into how U.S. adults cope with information demands. Roughly four in five Americans agree that they are confident about using the internet to keep up with information demands, that a lot of information gives them a feeling of more control over their lives, and that they can easily determine what information is trustworthy. Americans who are 65 or older, have a high school diploma or less and earn less than $30,000 a year are more likely to say they face a glut of information. Eighty-four percent of Americans with online access through three sources -- home broadband, smartphone and tablet computer -- say they like having so much information available. By contrast, 55 percent of those with no online source felt overwhelmed by the amount of possible information.
Movies

Falsely Accused Movie Pirate Deserves $17K Compensation, Court Says (torrentfreak.com) 58

An Oregon District Court has sided with a wrongfully accused man who was sued for allegedly downloading a pirated copy of the Adam Sandler movie "The Cobbler." According to the court's recommendations, reports TorrentFreak, the man is entitled to more than $17,000 in compensation as the result of the filmmakers "overaggressive" and "unreasonable" tactics. From the article: The defendant in question, Thomas Gonzales, operates an adult foster care home where several people had access to the Internet. The filmmakers were aware of this and during a hearing their counsel admitted that any guest could have downloaded the film. [...] "The Court finds that once Plaintiff learned that the alleged infringement was taking place at an adult group care home at which Gonzales did not reside, Plaintiff's continued pursuit of Gonzales for copyright infringement was objectively unreasonable," Judge Beckerman ruled. "The Court shares Gonzales' concern that Plaintiff is motivated, at least in large part, by extracting large settlements from individual consumers prior to any meaningful litigation. "On balance, the Court has concerns about the motivation behind Plaintiff's overaggressive litigation of this case and other cases, and that factor weighs in favor of fee shifting."
Software

Apple Launches Single Sign-On Service To Make Logging Into TV Apps Less Time-Consuming (macrumors.com) 29

Apple has launched Single Sign-on, a service designed to make logging into TV apps much less annoying. It "allows cable subscribers to sign in once with their cable credentials to gain access to all cable-restricted content in iOS and tvOS apps," writes Juli Clover via MacRumors: Single Sign-on is limited to the United States, and according to a support document, is available for the following providers: CenturyLink Prism, DirecTV, Dish, GVTC, GTA, Hawaiian Telecom, Hotwire, MetroCast, and Sling. While Single Sign-on was introduced and tested in the tvOS 10.1 and iOS 10.2 betas, the feature was remotely released today to all iOS 10 and tvOS 10 devices. Using Single Sign-on does not require one of the betas, and is instead immediately available to all iPhone and Apple TV users running iOS 10 or tvOS 10. With Single Sign-on, customers with a supported provider will use the Settings options in iOS or tvOS to sign in with their cable credentials. From then on, when accessing a supported app that requires a cable subscription, the app will ask to use the saved sign-on credentials. Most cable channels and content providers offer individual apps on the Apple TV and iOS devices, but still require cable authentication before users can access content. Prior to Single Sign-on, customers were required to enter their credentials in each individual app, a frustrating and time-consuming process.
Advertising

New Stegano Exploit Kit Hides Malvertising Code In Banner Pixels (bleepingcomputer.com) 204

An anonymous reader quotes a report from BleepingComputer: For the past two months, a new exploit kit has been serving malicious code hidden in the pixels of banner ads via a malvertising campaign that has been active on several high profile websites. Discovered by security researchers from ESET, this new exploit kit is named Stegano, from the word steganography, which is a technique of hiding content inside other files. In this particular scenario, malvertising campaign operators hid malicious code inside PNG images used for banner ads. The crooks took a PNG image and altered the transparency value of several pixels. They then packed the modified image as an ad, for which they bought ad displays on several high-profile websites. Since a large number of advertising networks allow advertisers to deliver JavaScript code with their ads, the crooks also included JS code that would parse the image, extract the pixel transparency values, and using a mathematical formula, convert those values into a character. Since images have millions of pixels, crooks had all the space they needed to pack malicious code inside a PNG photo. When extracted, this malicious code would redirect the user to an intermediary ULR, called gate, where the host server would filter users. This server would only accept connections from Internet Explorer users. The reason is that the gate would exploit the CVE-2016-0162 vulnerability that allowed the crooks to determine if the connection came from a real user or a reverse analysis system employed by security researchers. Additionally, this IE exploit also allowed the gate server to detect the presence of antivirus software. In this case, the server would drop the connection just to avoid exposing its infrastructure and trigger a warning that would alert both the user and the security firm. If the gate server deemed the target valuable, then it would redirect the user to the final stage, which was the exploit kit itself, hosted on another URL. The Stegano exploit kit would use three Adobe Flash vulnerabilities (CVE-2015-8651, CVE-2016-1019 or CVE-2016-4117) to attack the user's PC, and forcibly download and launch into execution various strains of malware.
Businesses

T-Mobile CFO: Less Regulation, Repeal of Net Neutrality By Trump Would Be 'Positive For My Industry' (tmonews.com) 158

An anonymous reader quotes a report from TmoNews: T-Mobile CFO Braxton Carter spoke at the UBS Global Media and Communications Conference in New York City, and he touched a bit on President-elect Donald Trump and what his election could mean for the mobile industry. Carter expects that a Trump presidency will foster an environment that'll be more positive for wireless. "It's hard to imagine, with the way the election turned out, that we're not going to have an environment, from several aspects, that is not going to be more positive for my industry," the CFO said. He went on to explain that there will likely be less regulation, something that he feels "destroys innovation and value creation." Speaking of innovation, Carter also feels that a reversal of net neutrality and the FCC's Open Internet rules would be good for innovation in the industry, saying that it "would provide opportunity for significant innovation and differentiation" and that it'd enable you to "do some very interesting things."
Databases

YouTube, Facebook, Twitter and Microsoft Will Create 'Hash' Database To Remove Extremist Content (reuters.com) 255

bongey writes: Youtube, Facebook, Twitter and Microsoft are teaming up to create a common database to flag extremist videos and pictures. The database is set to go live in 2017. The system will not automatically remove content. Reuters reports: "The companies will share 'hashes' -- unique digital fingerprints they automatically assign to videos or photos -- of extremist content they have removed from their websites to enable their peers to identify the same content on their platforms. 'We hope this collaboration will lead to greater efficiency as we continue to enforce our policies to help curb the pressing global issue of terrorist content online,' the companies said in a statement on Tuesday. Each company will decide what image and video hashes to add to the database and matching content will not be automatically removed, they said. The database will be up and running in early 2017 and more companies could be brought into the partnership."
Communications

Facebook Begins Asking Users To Rate Articles' Use of 'Misleading Language' (techcrunch.com) 113

Facebook is finally cracking down on the fake news stories that run rampant on its site and many other social media sites across the web. The company is rolling out a new feature in the form of a survey that asks users to rate articles' use of "misleading language." The feedback received will likely help Facebook train its algorithms to better detect misleading headlines. TechCrunch reports: The "Facebook Survey," noticed by Chris Krewson of Philadelphia's Billy Penn, accompanied (for him) a Philadelphia Inquirer article about the firing of a well-known nut vendor for publicly espousing white nationalist views. "To what extent do you think that this link's title uses misleading language?" asks the "survey," which appears directly below the article. Response choices range from "Not at all" to "Completely," though users can also choose to dismiss it or just scroll past. Facebook confirmed to TechCrunch that this is an official effort, though it did not answer several probing questions about how it works, how the data is used and retained, and so on. The company uses surveys somewhat like this to test the general quality of the news feed, and it has used other metrics to attempt to define rules for finding clickbait and fake stories. This appears to be the first direct coupling of those two practices: old parts doing a new job.
Software

Windows 10 'Home Hub' Is Microsoft's Response To Amazon Echo and Google Home (mashable.com) 101

Microsoft's response to the Amazon Echo and Google Home is Home Hub, a software update for Windows 10's Cortana personal assistant that turns any Windows PC into a smart speaker of sorts. Mashable reports: Microsoft's smart digital assistant Cortana can already answer your queries, even if the PC's screen is locked. The Home Hub is tied to Cortana and takes this a few steps further. It would add a special app with features such as calendar appointments, sticky notes and shopping lists. A Home Hub-enabled PC might have a Welcome Screen, a full-screen app that displays all these, like a virtual fridge door. Multiple users (i.e. family members) could use the Home Hub, either by authenticating through Windows Hello or by working in a family-shared account. Cortana would get more powerful on Home Hub; it could, for example, control smart home devices, such as lights and locks. And even though all of this will work on any Windows 10 device -- potentially making the PC the center of your smart home experience -- third-party manufacturers will be able to build devices that work with Home Hub. You can read Windows Central's massive report here. Do note that Home Hub is not official and individual features could change over time. The update is slated for 2017.
Communications

Fake News Prompts Gunman To 'Self-Investigate' Pizza Parlor (arstechnica.com) 785

An anonymous reader quotes a report from Ars Technica: A rifle-wielding North Carolina man was arrested Sunday in Washington, DC for carrying his weapon into a pizzeria that sits at the center of the fake news conspiracy theory known as "Pizzagate," authorities said Monday. DC's Metropolitan Police Department said it had arrested 28-year-old Edgar Maddison Welch on allegations of assault with a dangerous weapon. "During a post arrest interview this evening, the suspect revealed that he came to the establishment to self-investigate 'Pizza Gate' (a fictitious online conspiracy theory," the agency said in a statement. "Pizzagate" concerns a baseless conspiracy theory about a secret pedophile group, the Comet Ping Pong restaurant, and Hillary Clinton's campaign chief, John Podesta. The Pizzagate conspiracy names Comet Ping Pong as the secret headquarters of a non-existent child sex-trafficking ring run by Clinton and members of her inner circle. James Alefantis, the restaurant's owner, said he has received hundreds of death threats. According to Buzzfeed, the Pizzagate theory is believed to have been fostered by a white supremacist's tweets, the 4chan message board, Reddit, Donald Trump supporters, and right-wing blogs. The day before Thanksgiving, Reddit banned a "Pizzagate" conspiracy board from the site because of a policy about posting personal information of others. Alefantis, the pizzeria's owner, told CNN, "What happened today demonstrates that promoting false and reckless conspiracy theories comes with consequences. I hope that those involved in fanning these flames will take a moment to contemplate what happened here today, and stop promoting these falsehoods right away."

Slashdot Top Deals