Watchdog Group Claims Smart Toys Are Spying On Kids

See the original posting on Slashdot

The Center for Digital Democracy has filed a complaint with the Federal Trade Commission warning of security and privacy holes associated with a pair of smart toys designed for children. Mashable reports: “This complaint concerns toys that spy,” reads the complaint, which claims the Genesis Toys’ My Friend Cayla and i-QUE Intelligent Robot can record and collect private conversations and offer no limitations on the collection and use of personal information. Both toys use voice recognition, internet connectivity and Bluetooth to engage with children in conversational manner and answer questions. The CDD claims they do all of this in wildly insecure and invasive ways. Both My Friend Cayla and i-QUE use Nuance Communications’ voice-recognition platform to listen and respond to queries. On the Genesis Toy site, the manufacturer notes that while “most of Cayla’s conversational features can be accessed offline,” searching for information may require an internet connection. The promotional video for Cayla encourages children to “ask Cayla almost anything.” The dolls work in concert with mobile apps. Some questions can be asked directly, but the toys maintain a constant Bluetooth connection to the dolls so they can also react to actions in the app and even appear to identify objects the child taps on on screen. While some of the questions children ask the dolls are apparently recorded and sent to Nuance’s servers for parsing, it’s unclear how much of the information is personal in nature. The Genesis Privacy Policy promises to anonymize information. The CDD also claims, however, that My Friend Cayla and i-Que employ Bluetooth in the least secure way possible. Instead of requiring a PIN code to complete pairing between the toy and a smartphone or iPad, “Cayla and i-Que do not employ… authentication mechanisms to establish a Bluetooth connection between the doll and a smartphone or tablet. The dolls do not implement any other security measure to prevent unauthorized Bluetooth pairing.” Without a pairing notification on the toy or any authentication strategy, anyone with a Bluetooth device could connect to the toys’ open Bluetooth networks, according to the complaint.

Read more of this story at Slashdot.

Congress Passes BOTS Act To Ban Ticket-Buying Software

See the original posting on Slashdot

Congress passed a bill yesterday that will make it illegal for people to use software bots to buy concert tickets. Ars Technica reports: The Better Online Ticket Sales (BOTS) Act makes it illegal to bypass any computer security system designed to limit ticket sales to concerts, Broadway musicals, and other public events with a capacity of more than 200 persons. Violations will be treated as “unfair or deceptive acts” and can be prosecuted by the Federal Trade Commission or the states. The bill passed the Senate by unanimous consent last week, and the House of Representatives voted yesterday to pass it as well. It now proceeds to President Barack Obama for his signature. Computer programs that automatically buy tickets have been a frustration for the concert industry and fans for a few years now. The issue had wide exposure after a 2013 New York Times story on the issue. Earlier this year, the office of New York Attorney General Eric Schneiderman completed an investigation into bots. The New York AG’s ticket sales report (PDF) found that the tens of thousands of tickets snatched up by bots were marked up by an average of 49 percent.

Read more of this story at Slashdot.

Audi Cars Now Talk To Stop Lights In Vegas

See the original posting on Slashdot

Audi says its cars can now tell drivers how many seconds remain until the traffic light turns green. It’s the first commercial offering of vehicle-to-infrastructure communication in the United States, it adds. From a report, submitted by an anonymous reader: Of course, nobody would pay much extra for an electronic gadget that just lowered your stoplight waiting anxiety. But this feature is just testing the waters; bigger applications are in view. The cars — recently manufactured Audi A4 and Q7 models signed onto Audi’s prime connection service — communicate with the Las Vegas traffic management system via 4G LTE, the standard mobile phones use. The countdown appears on the dashboard or heads-up display, then shuts off a few seconds before the light changes (presumably to keep drivers from getting mesmerized). Audi manages the transfer of data with the help of its partner, Traffic Technology Services (TTS), of Beaverton, Ore. The plan is to eventually give drivers the information they need to make fairly ambitious predictions, like choosing the right speed to go sailiing through several green lights in a row. Or the system might bypass the driver and go straight to the engine’s “start-stop” system, shutting it down for a long count, then starting it up again seconds before getting a green light.

Read more of this story at Slashdot.

Glue, stitch, cobble: Weighing DIY container management

See the original posting on JavaWorld

You’ve been tasked with helping your company stay competitive by modernizing your IT organization’s delivery of developed applications. Your company has already embraced virtualization and perhaps dabbled in the public cloud. Containers look like the next big thing for you, so you’re considering how to bring container technology to your organization. Some thing needs to create containers on compute resources and network them together. On the drawing board, you’re considering these general components:

diy components 2 Apcera

You start doing the research. You soon discover that cloud management platforms, PaaS, and container management platforms are all readily available as prepackaged software and services. Even the individual components that make up those packages are available in Open Source Land. “Hmm,” you think, “Why pay anyone for a platform when the parts are there to do this myself?”

To read this article in full or to leave a comment, please click here

Android Studio for beginners, Part 4: Advanced tools and plugins

See the original posting on JavaWorld

Android Studio offers a rich palette of development tools, and it’s compatible with many plugins. The first three articles in this series focused on basic tools for building simple mobile apps. Now you’ll get acquainted with some of the more advanced tools that are part of Android Studio, along with three plugins you can use to extend Android Studio.

We’ll start with Android Device Monitor, Lint, and Android Monitor–three tools you can use to debug, inspect, and profile application code in Android Studio. Then I’ll introduce you to plugins ADB Idea, Codota Code Search, and Project Lombok.

Debugging with Android Device Monitor

Android Device Monitor is an Android SDK tool for debugging failing apps. It provides a graphical user interface for the following SDK tools:

To read this article in full or to leave a comment, please click here

20% off Hamilton Beach Breakfast Sandwich Maker – Deal Alert

See the original posting on JavaWorld

This kitchen gadget from Hamilton Beach is all about making a fresh breakfast sandwich that you can grab and go. Just choose your bread and layer on the fixings: egg, cheese, precooked meat, or other ingredients of your choice. In five minutes or less, your perfectly assembled breakfast sandwich is ready to eat. All removable parts simply go in the dishwasher for an easy cleanup. The sandwich maker averages 4.5 out of 5 stars from over 3,000 people on Amazon (read reviews). It’s typical list price of $30 has been reduced to $24, saving you 20%. See it on Amazon.

To read this article in full or to leave a comment, please click here

Microsoft Officially Closes Its $26.2B Acquisition of LinkedIn

See the original posting on Slashdot

After getting its final European Commission approvals earlier this week, Microsoft and LinkedIn today announced that Microsoft’s $26.2 billion acquisition of LinkedIn, the social networking site, has officially closed. From a report on TechCrunch: The news comes six months after news first broke of the deal. In an internal memo, LinkedIn CEO Jeff Weiner went through the areas where the two companies would be working together, and how they will in other ways remain independent. LinkedIn today has over 400 million registered users, making it the largest social networking site focused on the working world. People use the service both to make work connections with other people in their fields, but also to look for jobs and hire people. As we reported earlier this week, the fact that LinkedIn essentially has a dominant position in this area meant that Microsoft had to make concessions to the EC about how it would work to allow other social networking sites to integrate on its platforms.

Read more of this story at Slashdot.

Microsoft and Qualcomm Collaborate To Bring Windows 10, x86 Emulation To Snapdragon Processors

See the original posting on Slashdot

An anonymous reader quotes a report from AnandTech: Today at Microsoft’s WinHEC event in Shenzhen, China, the company announced that it’s working with Qualcomm to bring the full Windows 10 experience to future devices powered by Snapdragon processors. These new Snapdragon-powered devices should support all things Microsoft, including Microsoft Office, Windows Hello, Windows Pen, and the Edge browser, alongside third-party Universal Windows Platform (UWP) apps and, most interestingly, x86 (32-bit) Win32 apps. They should even be able to play Crysis 2. This announcement fits nicely with Microsoft’s “Windows Everywhere” doctrine and should come as no surprise. It’s not even the first time we’ve seen Windows running on ARM processors. Microsoft’s failed Windows RT operating system was a modified version of Windows 8 that targeted the ARMv7-A 32-bit architecture. It grew from Microsoft’s MinWin effort to make Windows more modular by reorganizing the operating system and cleaning up API dependencies. The major change with today’s announcement over Windows RT and UWP is that x86 apps will be able to run on Qualcomm’s ARM-based SoCs, along with support for all of the peripherals that are already supported with Windows 10. This alone is a huge change from Windows RT, which would only work with a small subset of peripherals. Microsoft is also focusing on having these devices always connected through cellular, which is something that is not available for many PCs at the moment. Support will be available for eSIM to avoid having to find room in a cramped design to accommodate a physical SIM, and Microsoft is going so far as to call these “cellular PCs” meaning they are expecting broad support for this class of computer, rather than the handful available now with cellular connectivity. The ability to run x86 Win32 apps on ARM will come through emulation, and to demonstrate the performance Microsoft has released a video of an ARM PC running Photoshop.

Read more of this story at Slashdot.

6 Web Dev Trends You’re Going to See More of in 2017

See the original posting on DZone Python

At the end of each year, people like to look forward and predict what will happen in the next year. The same is true in the web development industry where new technologies and trends come and go at lightning speed. And while the future will most certainly look different than we anticipate, we can always make a few educated guesses.

Here are some trends to keep an eye on:

Paris Makes All Public Transportation Free In Battle Against ‘Worst Air Pollution For 10 Years’

See the original posting on Slashdot

Paris has barred some cars from its streets and has made public transportation free as it suffers from the worst and most prolonged winter pollution for at least 10 years, the Airparif agency said on Wednesday. The Independent reports: Authorities have said only drivers with odd-numbered registration plates can drive in the capital region on Wednesday. Drivers of even-numbered cars were given the same opportunity on Tuesday, but could now be fined up to 35 EUR if they are caught behind the wheel. More than 1,700 motorists were fined for violations on Tuesday. Paris mayor Anne Hidalgo said images of smog blanketing the capital were proof of the need to reduce vehicle use in the city center. The air pollution peak is due to the combination of emissions from vehicles and from domestic wood fires as well as near windless conditions which means pollutants have not been dispersed, the Airparif agency said. “This is a record period (of pollution) for the last 10 years,” Karine Leger of AirParif told AFP by telephone. For more than a week, Airparif has published readings of PM10 at more than 80 micrograms per cubic meter of air particles, triggering the pollution alert. Along with odd-numbered cars, hybrid or electric vehicles as well as those carrying three or more people will be allowed to roam the roads. Foreign and emergency vehicles will be unaffected.

Read more of this story at Slashdot.

Apple Is In Talks With Hollywood For Early Access To Movies On iTunes: Bloomberg

See the original posting on Slashdot

Apple is talking with Hollywood studios to try and get iTunes rentals of movies that are still playing on the big screen. According to a report from Bloomberg, “some studio executives have been pushing to allow home rentals as early as two weeks after theatrical debuts and are considering a deal with iTunes as one option.” Bloomberg reports: The most recent talks are part of longer-running efforts by Cupertino, California-based Apple to get new movies sooner, two of the people said. Such an arrangement could help iTunes stand out in a crowded online market for movies, TV shows and music. While the iTunes store helped Apple build a dominant role in music retailing, the company hasn’t carved out a similar role in music and video streaming. Hollywood studios typically give theaters exclusive rights to new movies for 90 days or more before issuing them on DVD or making them available for online purchase. One of the concerns about iTunes is whether it will be a secure platform for delivering movies that are still in theaters, the people said. While Apple encrypts iTunes video files so they can’t easily be duplicated, it’s possible to use a camera to record a movie playing on a TV screen. A leak of picture that’s still in theaters would jeopardize returns for the studios and cinema owners.

Read more of this story at Slashdot.

Qualcomm Debuts 10nm Server Chip To Attack Intel Server Stronghold

See the original posting on Slashdot

An anonymous reader quotes a report from Tom’s Hardware: Qualcomm and its Qualcomm Datacenter Technologies subsidiary announced today that the company has already begun sampling its first 10nm server processor. The Centriq 2400 is the second generation of Qualcomm server SOCs, but it is the first in its new family of 10nm FinFET processors. The Centriq 2400 features up to 48 custom Qualcomm ARMv8-compliant Falkor cores and comes a little over a year after Qualcomm began developing its first-generation Centriq processors. Qualcomm’s introduction of a 10nm server chip while Intel is still refining its 14nm process appears to be a clear shot across Intel’s bow–due not only to the smaller process, but also its sudden lead in core count. Intel’s latest 14nm E7 Broadwell processors top out at 24 cores. Qualcomm isn’t releasing more information, such as clock speeds or performance specifications, which would help to quantify the benefit of its increased core count. The server market commands the highest margins, which is certainly attractive for the mobile-centric Qualcomm, which found its success in the relatively low-margin smartphone segment. However, Intel has a commanding lead in the data center with more than a 99% share of the world’s server sockets, and penetrating the segment requires considerable time, investment, and ecosystem development. Qualcomm unveiled at least a small portion of its development efforts by demonstrating Apache Spark and Hadoop on Linux and Java running on the Centriq 2400 processor. The company also notes that Falkor is SBSA compliant, which means that it is compatible with any software that runs on an ARMv8-compliant server platform.

Read more of this story at Slashdot.

T-Mobile’s ‘Digits’ Solution Lets You Use One Phone Number Across All Your Devices

See the original posting on Slashdot

An anonymous reader quotes a report from The Verge: T-Mobile just revealed its answer to ATT’s NumberSync technology, which lets customers use one phone number across all their connected devices. T-Mobile’s version is called Digits and it will launch in a limited, opt-in customer beta beginning today before rolling out to everyone early next year. “You can make and take calls and texts on whatever device is most convenient,” the company said in its press release. “Just log in and, bam, your call history, messages and even voicemail are all there. And it’s always your same number, so when you call or text from another device, it shows up as you.” When it leaves beta, Digits will cost an extra monthly fee, but T-Mobile isn’t revealing pricing today. “This is not going to be treated as adding another line to your account,” said COO Mike Sievert. “Expect us to be disruptive here.” And while its main feature is one number for everything, Digits does offer T-Mobile customers another big perk: multiple numbers on the same device. This will let you swap between personal and work numbers without having to maintain separate lines and accounts. You can also give out an “extra set” of Digits in situations where you might be hesitant to give someone your primary number; this temporary number forwards to your devices like any other call. You can have multiple numbers for whatever purposes you want, based on T-Mobile’s promotional video.

Read more of this story at Slashdot.

Backdoor Accounts Found in 80 Sony IP Security Camera Models

See the original posting on Slashdot

Many network security cameras made by Sony could be taken over by hackers and infected with botnet malware if their firmware is not updated to the latest version. Researchers from SEC Consult have found two backdoor accounts that exist in 80 models of professional Sony security cameras, mainly used by companies and government agencies given their high price, PCWorld reports. From the article: One set of hard-coded credentials is in the Web interface and allows a remote attacker to send requests that would enable the Telnet service on the camera, the SEC Consult researchers said in an advisory Tuesday. The second hard-coded password is for the root account that could be used to take full control of the camera over Telnet. The researchers established that the password is static based on its cryptographic hash and, while they haven’t actually cracked it, they believe it’s only a matter of time until someone does. Sony released a patch to the affected camera models last week.

Read more of this story at Slashdot.

1 2 3 2,764