Bitcoin

$31 Million In Tokens Stolen From Dollar-Pegged Cryptocurrency Tether 36

Mark Wilson shares a report from BetaNews: All eyes may be on the meteoric rise of Bitcoin at the moment, but it's far from being the only cryptocurrency on the block. Startup Tether issued a critical announcement after it was discovered that "malicious action by an external attacker" had led to the theft of nearly $31 million worth of tokens. Tether is a dollar-pegged cryptocurrency formerly known as Realcoin, and it says that $30,950,010 was stolen from a treasury wallet. The company says it is doing what it can to ensure exchanges do not process these tokens, including temporarily suspending its backend wallet service. Tether knows the address used by the attacker to make the theft, but is not aware of either who the attacker is, or how the attack took place. The company is releasing a new version of its Omni Core software client in what it says is "effectively a temporary hard fork to the Omni Layer."
Security

Sacramento Regional Transit Systems Hit By Hacker (cbslocal.com) 24

Zorro shares a report from CBS Local: Sacramento Regional Transit is the one being taken for a ride on this night, by a computer hacker. That hacker forced RT to halt its operating systems that take credit card payments, and assigns buses and trains to their routes. The local transit agency alerted federal agents following an attack on their computers that riders may not have noticed Monday. "We actually had the hackers get into our system, and systematically start erasing programs and data," Deputy General Manager Mark Lonergan. Inside RT's headquarters, computer systems were taken down after the hacker deleted 30 million files. The hacker also demanded a ransom in bitcoin, and left a message on the RT website reading "I'm sorry to modify the home page, I'm good hacker, I just want to help you fix these vulnerability."
Transportation

Uber Fined $8.9 Million In Colorado For Allowing Drivers With Felonies, Motor Violations To Work (jalopnik.com) 76

Uber has been fined by a Colorado regulator on Monday for nearly $9 million, after an investigation revealed that 57 people with criminal and motor vehicle offenses were allowed to drive with the ride-hailing company. Jalopnik reports: States across the U.S. have been considering laws to require additional background checks for individuals who drive for Uber and competitors like Lyft. In Colorado, the state's Public Utilities Commission investigated the company's drivers after an incident this past March, reported The Denver Post, when a driver dragged a passenger out of a car and kicked them in the face. The commission said it found 57 drivers had issues that should've disqualified them from driving for Uber, including felony convictions for driving under the influence and reckless driving, while others had revoked, suspended or canceled licenses. A similar investigation was conducted on Lyft, the Post reported, but no violations were revealed. An Uber spokesperson said the situation stems from a "process error" that was "inconsistent with Colorado's ridesharing regulations." The spokesperson said Uber "proactively notified" the commission. "This error affected a small number of drivers and we immediately took corrective action," the company said in a statement to the Post. "Per Uber safety policies and Colorado state regulations, drivers with access to the Uber app must undergo a nationally accredited third-party background screening. We will continue to work closely with the CPUC to enable access to safe, reliable transportation options for all Coloradans."
Privacy

Uber Concealed Cyberattack That Exposed 57 Million People's Data (bloomberg.com) 24

According to Bloomberg, hackers stole the personal data of 57 million customers and drivers from Uber. The massive breach was reportedly concealed by the company for more than a year. From the report: Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers were accessed as well, including some 600,000 U.S. driver's license numbers. No Social Security numbers, credit card details, trip location info or other data were taken, Uber said. At the time of the incident, Uber was negotiating with U.S. regulators investigating separate claims of privacy violations. Uber now says it had a legal obligation to report the hack to regulators and to drivers whose license numbers were taken. Instead, the company paid hackers $100,000 to delete the data and keep the breach quiet. Uber said it believes the information was never used but declined to disclose the identities of the attackers.

Here's how the hack went down: Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company. From there, the hackers discovered an archive of rider and driver information. Later, they emailed Uber asking for money, according to the company.

Businesses

Why Apple's HomePod Is Three Years Behind Amazon's Echo (bloomberg.com) 78

Apple unveiled the HomePod, its first smart speaker to take on market-leading Amazon's Echo lineup of speakers, in June this year. Despite being three years late to the party, the HomePod has largely been pitched more as a speaker that sounds great instead of a device that sounds great but more importantly can also help you with daily chores. On top of this, Apple said last week it was delaying the shipment of HomePod from December this year to "early 2018." So why does a company, the market valuation of which is quickly reaching a trillion dollar, so behind its competitors? Bloomberg reports on Tuesday: Apple audio engineers had been working on an early version of the HomePod speaker for about two years in 2014 when they were blindsided by the Echo, a smart speaker from Amazon with a voice-activated assistant named Alexa. The Apple engineers jokingly accused one another of leaking details of their project to Amazon, then bought Echos so they could take them apart and see how they were put together. They quickly deemed the Echo's sound quality inferior and got back to work building a better speaker. More than two years passed. In that time Amazon's Echo became a hit with consumers impressed by Alexa's ability to answer questions, order pizzas and turn lights on and off. Meanwhile, Apple dithered over its own speaker, according to people familiar with the situation. The project was cancelled and revived several times, they said, and the device went through multiple permutations (at one point it stood 3 feet tall) as executives struggled to figure out how it would fit into the home and Apple's ecosystem of products and services. In the end, the company plowed ahead, figuring that creating a speaker would give customers another reason to stay loyal. Yet despite having all the ingredients for a serious competitor to the Echo -- including Siri and the App Store -- Apple never saw the HomePod as anything more than an accessory, like the AirPods earphones.
Businesses

FCC Announces Plan To Repeal Net Neutrality (nytimes.com) 285

FCC on Tuesday said it plans to dismantle landmark regulations that ensure equal access to the internet, clearing the way for companies to charge more and block access to some websites. From a report on the New York Times: The proposal, put forward by the F.C.C. chairman, Ajit Pai, is a sweeping repeal of rules put in place by the Obama administration that prohibited high-speed internet service providers from blocking or slowing down the delivery of websites, or charging extra fees for the best quality of streaming and other internet services for their subscribers. The clear winners from the move would be telecom giants like AT&T and Comcast that have lobbied for years against regulations of broadband and will now have more control over the online experiences of American consumers. The losers could be internet sites that will have to answer to telecom firms to get their content in front of consumers. And consumers may see their bills increase for the best quality of internet service. Note from the editor: the aforementioned link could be paywalled; consider the alternative sources: NPR, ArsTechnica, Associated Press, BBC, Axios, Reuters, TechCrunch, and Slate.

FTC Commissioner Terrell McSweeny criticized the move. She said, "So many things wrong here, like even if FCC does this FTC still won't have jurisdiction. But even if we did, most discriminatory conduct by ISPs will be perfectly legal. This won't hurt tech titans with deep pockets. They can afford to pay all the trolls under the bridge. But the entrepreneurs and innovators who truly make the Internet great won't be so lucky. It will be harder for them to compete. The FCC is upending the Internet as we know it, not saving it."

This is what the internet looks like when there is no net neutrality. Earlier today, news outlet Motherboard suggested we should build our own internet if we want to safeguard the essence of open internet.
Communications

To Save Net Neutrality, We Must Build Our Own Internet (vice.com) 173

In light of reports that FCC plans to announce a full repeal of net neutrality protections later this week, Jason Koebler, editor-in-chief of Motherboard, suggests that it is time we cut our reliance on big telecom monopolies. He writes: Net neutrality as a principle of the federal government will soon be dead, but the protections are wildly popular among the American people and are integral to the internet as we know it. Rather than putting such a core tenet of the internet in the hands of politicians, whose whims and interests change with their donors, net neutrality must be protected by a populist revolution in the ownership of internet infrastructure and networks. In short, we must end our reliance on big telecom monopolies and build decentralized, affordable, locally owned internet infrastructure. The great news is this is currently possible in most parts of the United States. There has never been a better time to start your own internet service provider, leverage the publicly available fiber backbone, or build political support for new, local-government owned networks. For the last several months, Motherboard has been chronicling the myriad ways communities passed over by big telecom have built their own internet networks or have partnered with small ISPs who have committed to protecting net neutrality to bring affordable high speed internet to towns and cities across the country. Update: FCC has announced a plan to repeal net neutrality.
Businesses

Trump Administration Tightens Scrutiny of Skilled Worker Visa Applicants (inc.com) 226

wyattstorch516 writes: The Trump administration is tightening the scrutiny on the H-1B visa program (Warning: paywalled; alternative source). Changes would undo actions by the Obama administration. There are two big regulatory changes looming that would undo actions by the Obama administration. "The first change allowed spouses of H-1B workers the right to work. That regulation is being challenged in court and the Trump administration is expected to eliminate the provision rather than defend it," reports WSJ. "The second change affects the Optional Practical Training program, which allows foreign graduates from U.S. colleges in science and technology an extra two years of work authorization, giving them time to win an H-1B visa. The Trump administration could kill that benefit or reduce the two-year window, according to people familiar with the discussions." The Journal highlights a "series of more modest changes that have added scrutiny to visa processing":

- "USCIS directed last month that adjudicators no longer pay 'deference' to past determinations for renewal applications. This means an applicant's past approval won't carry any weight if he or she applies for a renewal.

- The agency is conducting more applicant interviews, which critics say slows the system. The agency spokesman says this process will ramp up over several years and is needed to detect fraud and make accurate decisions.

- In the spring, the agency suspended premium processing, which allowed for fast-track consideration to those who paid an extra fee. This option wasn't resumed until October, meaning many workers who qualified for a coveted H-1B visa had to wait months for a decision.

- State Department officials have been told to consider that Mr. Trump's 'Buy American, Hire American' executive order directs visa programs must 'protect the interests of United States workers.' And the Foreign Affairs Manual now instructs officers to scrutinize applications of students to ensure they plan to return to their home countries. A State Department official said the official rules haven't changed but said a 'comprehensive' review is under way."
Graphics

Google Cloud Platform Cuts the Price of GPUs By Up To 36 Percent (techcrunch.com) 28

In a blog post, Google's Product Manager, Chris Kleban, announced that the company is cutting the price of using Nvidia's Tesla GPUs through its Compute Engine by up to 36 percent. The older K80 GPUs will now cost $0.45 per hour while the more powerful P100 machines will cost $1.46 per minute (all with per-second billing). TechCrunch reports: The company is also dropping the prices for preemptible local SSDs by almost 40 percent. "Preemptible local SSDs" refers to local SSDs attached to Google's preemptible VMs. You can't attach GPUs to preemptible instances, though, so this is a nice little bonus announcement -- but it isn't going to directly benefit GPU users. As for the new GPU pricing, it's clear that Google is aiming this feature at developers who want to run their own machine learning workloads on its cloud, though there also are a number of other applications -- including physical simulations and molecular modeling -- that greatly benefit from the hundreds of cores that are now available on these GPUs. The P100, which is officially still in beta on the Google Cloud Platform, features 3594 cores, for example. Developers can attach up to four P100 and eight K80 dies to each instance. Like regular VMs, GPU users will also receive sustained-use discounts, though most users probably don't keep their GPUs running for a full month.
Bitcoin

An Ethereum Startup Just Vanished After People Invested $374K (vice.com) 188

An anonymous reader quotes a report from Motherboard: A startup on the Ethereum platform vanished from the internet on Sunday after raising $374,000 USD from investors in an Initial Coin Offering (ICO) fundraiser. Confido is a startup that pitched itself as a blockchain-based app for making payments and tracking shipments. It sold digital tokens to investors over the Ethereum blockchain in an ICO that ran from November 6 to 8. During the token sale, Confido sold people bespoke digital tokens that represent their investment in exchange for ether, Ethereum's digital currency. But on Sunday, the company unceremoniously deleted its Twitter account and took down its website. A company representative posted a brief comment to the company's now-private subforum on Reddit, citing legal problems that prevent the Confido team from continuing their work. The same message was also posted to Medium but quickly deleted.

"Right now, we are in a tight spot, as we are having legal trouble caused by a contract we signed," the message stated (a cached version of the Medium post is viewable). "It is likely that we will be able to find a solution to rectify the situation. However, we cannot assure you with 100% certainty that we will get through this." The message was apparently written by Confido's founder, one Joost van Doorn, who seems to have no internet presence besides a now-removed LinkedIn profile. Even the Confido representative on Reddit doesn't seem to know what's going on, though, posting hours after the initial message, "Look I have absolutely no idea what has happened here. The removal of all of our social media platforms and website has come as a complete surprise to me." Confido tokens had a market cap of $10 million last week, before the company disappeared, but now the tokens are worthless. And investors are crying foul.

Businesses

Dark Side of Gig Economy: Some Instacart Workers Go On Strike Over Pay That Can Be as Low as $1 Per Hour (fastcompany.com) 415

From a report: Instacart shoppers and drivers -- the people who gather your groceries and deliver them to you after you order via the Instacart app -- are on strike. While independent contractors can't technically strike, via a Facebook group some of the company's thousands of employees have organized a "no delivery day" in the hopes of getting higher wages, the San Francisco Chronicle reports. The strike is only taking place in a few of the 154 cities nationwide that Instacart operates in. The action may be small, but the grievances are big. While Instacart, the 5-year-old San Francisco startup, is valued at $3.4 billion, it allegedly pays its workers as little as $1 per order. Ars Technica has a great breakdown of all the issues surrounding how Instacart employees get paid and it's complex, with three different income streams coming together Voltron-like to form a wage. The result, though, is that some shoppers are being paid less than the federal minimum wage, like a Jackson, Miss., worker who put in a 19-hour week in Jackson, Mississippi, that paid out $37.75 (roughly $2/hour). That's far below the $14/hour wage that Ars Technica says Instacart is targeting.
Spam

Spam Is Back (theoutline.com) 149

Jon Christian, writing for The Outline: For a while, spam -- unsolicited bulk messages sent for commercial or fraudulent purposes -- seemed to be fading away. The 2003 CAN-SPAM Act mandated unsubscribe links in email marketing campaigns and criminalized attempts to hide the sender's identity, while sophisticated filters on what were then cutting-edge email providers like Gmail buried unwanted messages in out-of-sight spam folders. In 2004, Microsoft co-founder Bill Gates told a crowd at the World Economic Forum that "two years from now, spam will be solved." In 2011, cybersecurity reporter Brian Krebs noted that increasingly tech savvy law enforcement efforts were shutting down major spam operators -- including SpamIt.com, alleged to be a major hub in a Russian digital criminal organization that was responsible for an estimated fifth of the world's spam. These efforts meant that the proportion of all emails that are spam has slowly fallen to a low of about 50 percent in recent years, according to Symantec research.

But it's 2017, and spam has clawed itself back from the grave. It shows up on social media and dating sites as bots hoping to lure you into downloading malware or clicking an affiliate link. It creeps onto your phone as text messages and robocalls that ring you five times a day about luxury cruises and fictitious tax bills. Networks associated with the buzzy new cryptocurrency system Ethereum have been plagued with spam. Facebook recently fought a six-month battle against a spam operation that was administering fake accounts in Bangladesh, Indonesia, Saudi Arabia, and other countries. Last year, a Chicago resident sued the Trump campaign for allegedly sending unsolicited text message spam; this past November, ZDNet reported that voters were being inundated with political text messages they never signed up for. Apps can be horrid spam vectors, too. Repeated mass data breaches that include contact information, such as the Yahoo breach in which 3 billion user accounts were exposed, surely haven't helped. Meanwhile, you, me, and everyone we know is being plagued by robocalls.

The Almighty Buck

Bitcoin Prices Surge 26% in November, Pass $8000 (bloomberg.com) 205

Bitcoin's value has increased more than 26% in less than three weeks, writes Bloomberg. An anonymous reader quotes their report: Bitcoin topped $8,000 for the first time, as investors set aside technology concerns that had derailed its advance earlier this month. Bitcoin rose 4.8 percent to $8,071.05 as of 7:17 a.m. Sydney time on Monday. It's now up more than 700 percent this year after shrugging off a tumble of as much as 29 percent earlier this month. It's been a tumultuous year for the largest cryptocurrency, with three separate slumps of more than 25 percent in value all giving way to subsequent rallies.
Transportation

DJI Threatens Researcher Who Reported Exposed Cert Key, Credentials, and Customer Data (arstechnica.com) 81

An anonymous reader quotes Ars Technica: DJI, the Chinese company that manufactures the popular Phantom brand of consumer quadcopter drones, was informed in September that developers had left the private keys for both the "wildcard" certificate for all the company's Web domains and the keys to cloud storage accounts on Amazon Web Services exposed publicly in code posted to GitHub. Using the data, researcher Kevin Finisterre was able to access flight log data and images uploaded by DJI customers, including photos of government IDs, drivers licenses, and passports. Some of the data included flight logs from accounts associated with government and military domains.

Finisterre found the security error after beginning to probe DJI's systems under DJI's bug bounty program, which was announced in August. But as Finisterre worked to document the bug with the company, he got increasing pushback -- including a threat of charges under the Computer Fraud and Abuse Act. DJI refused to offer any protection against legal action in the company's "final offer" for the data. So Finisterre dropped out of the program and published his findings publicly yesterday, along with a narrative entitled, "Why I walked away from $30,000 of DJI bounty money."

The company says they're now investigating "unauthorized access of one of DJI's servers containing personal information," adding that "the hacker in question" refused to agree to their terms and shared "confidential communications with DJI employees."
Education

The House's Tax Bill Levies a Tax On Graduate Student Tuition Waivers (nytimes.com) 575

Camel Pilot writes: The new GOP tax plan -- which just passed the House -- will tax tuition waivers as income. Graduate students working as research assistants on meager stipends would have to declare tuition waivers as income on the order of $80,000 income. This will force many graduate students of modest means to quit their career paths and walk away from their research. These are the next generation of scientists, engineers, inventors, educators, medical miracle workers and market makers. As Prof Claus Wilke points out: "This would be a disaster for U.S. STEM Ph.D. education." Slashdot reader Camel Pilot references a report via The New York Times, where Erin Rousseau explains how the House of Representatives' recently passed tax bill affects graduate research in the United States. Rousseau is a graduate student at M.I.T. who studies the neurological basis of mental health disorders. "My peers and I work between 40 and 80 hours a week as classroom teachers and laboratory researchers, and in return, our universities provide us with a tuition waiver for school. For M.I.T. students, this waiver keeps us from having to pay a tuition bill of about $50,000 every year -- a staggering amount, but one that is similar to the fees at many other colleges and universities," he writes. "No money from the tuition waivers actually ends up in our pockets, so under Section 117(d)(5), it isn't counted as taxable income." Rousseau continues by saying his tuition waivers will be taxed under the House's tax bill. "This means that M.I.T. graduate students would be responsible for paying taxes on an $80,000 annual salary, when we actually earn $33,000 a year. That's an increase of our tax burden by at least $10,000 annually."
Open Source

Proprietary Software is the Driver of Unprecedented Surveillance: Richard Stallman (factor-tech.com) 196

From a wide-ranging interview of Richard Stallman, president of the Free Software Foundation, programming legend and recipient of at least 15 honorary doctorates and professorships: "The reason that we are subject now to more surveillance than there was in the Soviet Union is that digital technology made it possible," he says. "And the first disaster of digital technology was proprietary software that people would install and run on their own computers, and they wouldn't know what it was doing. They can't tell what it's doing. And that is the first injustice that I began fighting in 1983: proprietary software, software that is not free, that the users don't control." Here, Stallman is keen to stress, he doesn't mean free in the sense of not costing money -- plenty of free software is paid for -- but free in the sense of freedom to control. Software, after all, instructs your computer to perform actions, and when another company has written and locked down that software, you can't know exactly what it is doing. "You might think your computer is obeying you, when really its obeying the real master first, and it only obeys you when the real master says it's ok. With every program there are two possibilities: either the user controls the program or the program controls the users," he says. "It's free software if users control it. And that's why it respects their freedom. Otherwise it's a non-free, proprietary, user subjugating program."
United States

Foreign Students Have Begun To Shun the United States (axios.com) 752

In a potential threat to future U.S. innovation, new international enrollment at U.S. colleges is down for the first time in more than a decade, according to a new report. From the report: It is the first hard sign that the Trump administration's rhetoric may be frightening away some of the world's best and brightest who traditionally have been drawn to settle and work in the U.S. Why it matters: "The Chinese whiz kid, if he can find a way to America, he'll come here. If you're good, you can make a lot of money," Anthony Carnevale, director of Georgetown University's Center on Education and the Workforce, tells Axios. "That whole set of incentives has always been tied to the immigrant stream, and we're severing that connection." By the numbers: The findings are from the Institute of International Education's annual Open Doors report and its smaller joint "snapshot" report on international enrollment. It found that new international student enrollment dropped by 3.3% for the 2016-2017 academic year, and by a far higher 6.9% in the Fall 2017 semester.
Businesses

TechShop Announces Chapter 7 Bankruptcy; Closes All Locations 66

ewhac writes: To the shock and dismay of many, TechShop today announced the immediate closure of all of its U.S. locations and is entering Chapter 7 bankruptcy proceedings. Their homepage has been replaced with a PDF relating TechShop's history, and detailing the circumstances leading to shutting down the company. First launched ten years ago, TechShop was one of the first "shared maker spaces," a members-only machine and work shop where tinkerers, makers, inventors, and innovators were able to prototype their ideas, launch products, or even just fix their own stuff. Its closing will be a huge loss to the tech and maker communities.
Security

Amazon Is Cutting Prices at Whole Foods Again (cnn.com) 122

An anonymous reader shares a report: Amazon is giving Whole Foods shoppers an early gift for the holidays. The grocer announced Wednesday it's slashing prices again, this time on several "holiday staples," including sweet potatoes, canned pumpkin and turkey. If you're an Amazon Prime member, you'll pay even less for turkey: Whole Foods slashed turkey prices to $1.99 per pound (compared to $2.49 for non-Prime members), or $2.99 per pound for an organic turkey ($3.49 for non-Prime members).
Businesses

Technology Invading Nearly All US Jobs, Even Lower Skilled, Study Finds (reuters.com) 135

An anonymous reader shares a Reuters report: Forget robots. The real transformation taking place in nearly every workplace is the invasion of digital tools. The use of digital tools has increased, often dramatically, in 517 of 545 occupations since 2002, with a striking uptick in many lower-skilled occupations, according to a study released Wednesday by the Brookings Institution, a Washington think tank. The report underscores the growing need for workers of all types to gain digital skills and explains why many employers say they struggle to fill jobs, including many that in the past required few digital skills. There is anxiety about automation displacing workers and in many cases, new digital tools allow one worker to do work previously done by several. Those 545 occupations reflect 90 percent of all jobs in the economy. The report found that jobs with greater digital content tend to pay more and are increasingly concentrated in traditional high-tech centers like Silicon Valley, Seattle and Austin, Texas.

Slashdot Top Deals