Feed aggregator

Right to Repair Advocates Accuse Medical Device Manufacturers of Profiteering

Slashdot.org - Sat, 07/11/2020 - 14:34
A new Motherboard article interviews William, a ventilator refurbisher who's repaired at least 70 broken ventilators that he's bought on eBay and from other secondhand websites, then sold to U.S. hospitals and governments to help handle a spike in COVID-19 patients. He's part of a grey-market supply chain that's "essentially identical to one used by farmers to repair John Deere tractors without the company's authorization and has emerged because of the same need to fix a device without a manufacturer's permission..." The issue is that, like so many other electronics, medical equipment, including ventilators, increasingly has software that prevents "unauthorized" people from repairing or refurbishing broken devices, and Medtronic will not help him fix them... Faced with a global pandemic, hospitals, biomedical technicians, right to repair activists, and refurbishers like William say that medical device manufacturers are profiteering by putting up artificial barriers to repair that drive up the cost of medical care in the United States and puts patient lives in danger. They describe difficulty getting parts and software, delays in getting service from "authorized" technicians, and a general sense of frustration as few manufacturers appear ready to loosen their repair restrictions during the COVID-19 crisis. For the past decade, medical device manufacturers have refused to sell replacement parts and software to hospitals and repair professionals unless they pay thousands of dollars annually to become "authorized" to work on machines. The medical device industry has lobbied against legislation that would make it easier to repair their machines, refused to release repair manuals, and used copyright law to threaten those who have made repair manuals available to the public. The technicians who are unable to gain access to repair parts, manuals, and software are not random people who are deciding on a whim to try to fix complex medical equipment that is going to be used on sick patients. Hospitals and trained professionals are regularly unable to fix the equipment that they own unless they pay for expensive service contracts or annual trainings from manufacturers. While hospitals deal with a resurgent coronavirus that is overtaxing intensive care units across the country, their biomedical technicians are wasting time on the phone and in Kafkaesque email exchanges with medical device manufacturers, pleading for spare parts, passwords to unlock diagnostic modes, or ventilator repair manuals. The article notes that newer medical devices even have "more advanced anti-repair technologies built into them. Newer ventilators connect to proprietary servers owned by manufacturers to verify that the person accessing it is authorized by the company to do so."

Read more of this story at Slashdot.

'Guilty' Verdict for Russian Who Stole 117M Dropbox and LinkedIn Login Codes in 2012

Slashdot.org - Sat, 07/11/2020 - 13:34
In 2012 "Russian hacker" Yevgeniy Nikulin breached the internal networks of LinkedIn, Dropbox, and Formspring, and then sold their user databases on the black market, reports ZDNet. (He stole 117 million login codes, according to Bloomberg.) Nikulin was arrested in 2016 (while on vacation in the Czech Republic), and after an extradition battle spent years in U.S. prisons while awaiting his trial, which Bloomberg calls "an ongoing constitutional violation that deeply distressed U.S. District Judge William Alsup." Yesterday a jury finally found Nikulin guilty: It was the first trial in Northern California since the coronavirus pandemic shut Bay Area courtrooms in mid-March... The trial started in early March but was interrupted by the coronavirus pandemic and a shelter-in-place order for the Bay Area on March 16, when almost all in-person court hearings were postponed nationwide... Forced by circumstances to twice delay the trial, Alsup stood firm on a July 7 start. The judge, Nikulin and lawyers wore masks. Witnesses testified from behind a glass panel... Nikulin is scheduled to be sentenced Sept. 29. The Justice Department said he faces as long as 10 years in prison for each count of selling stolen usernames and passwords, installing malware on protected computers and as many as five years for each count of conspiracy and computer hacking. He also faces a mandatory two year sentence for identity theft, according to prosecutors.

Read more of this story at Slashdot.

AI Site Claims Simulated Conversations With Famous Dead Scientists

Slashdot.org - Sat, 07/11/2020 - 12:34
Slashdot reader shirappu writes: AI|Writer is an experiment in which artificial intelligence is used to simulate both real and fictitious famous personalities through written correspondence. Users can ask questions and receive explanations from simulated versions of Isaac Newton, Alfred Hitchcock, Marie Curie, Mary Shelley, and many more. The Next Web calls it "a new experiment by magician and novelist Andrew Mayne," pointing out that it's using OpenAI's new text generator API. Other simulated conversations include Ada Lovelace, Alan Turing, Stephen Hawking, Richard Feynman, Isaac Asimov, Benjamin Franklin, and even Edgar Allen Poe. "We have all kinds of theoretical ideas about AI and what counts as real or not," Mayne said on Twitter, "however I think you just have to be pragmatic and just ask: What can it do? I think this gets lost in a lot of discussions about AI. The end goal isn't a witty chatbot. It's to expand our knowledge." There's a wait list for access to the site "so we can make sure everything works right and we don't accidentally create Skynet," Mayne jokes on Twitter. But assuming this isn't another magic trick, The Next Web is already reporting on some of the early results: The system first works out the purpose of the message and the intended recipient by searching for patterns in the text. It then uses the API's internal knowledge of that person to guess how they would respond in their written voice. The digitized characters can answer questions about their work, explain scientific theories, or offer their opinions. For example, Marie Curie gave a lesson on radiation, H.G. Wells revealed his inspiration for The Time Machine, while Alfred Hitchcock compared Christopher Nolan's Interstellar to Stanley Kubrick's 2001... The characters could also compare their own eras with the present day... Mayne says the characters did well with historical facts, but could be "quite erratic with matters of opinion" and "rarely reply to the same question in the same way." He demonstrated these variations by asking both Newton and Gottfried Leibniz who invented calculus. "Newton almost always insists that he invented Calculus alone and is pretty brusque about it," Mayne wrote on his website. "Leibniz sometimes says he did. Other times he'll be vague." At one point, Leibniz even threatened to kill Mayne if he tried to take the credit for the discovery. As well as historical figures, the system can respond in the voice of fictional characters. In fact, Mayne says the most "touching" message he's received was this reply from the Incredible Hulk. Another conversation shows Bruce Wayne's response when asked to make a donation to support freeing the Joker...

Read more of this story at Slashdot.

Terry Pratchett's Earliest Stories To Be Published In September

Slashdot.org - Sat, 07/11/2020 - 11:34
Long-time Slashdot reader sjritt00 writes: A final collection of Terry Pratchett's early stories will be published in September as The Time-Travelling Caveman. These stories appeared in the Bucks Free Press and Western Daily Press in the 1960s and early '70s and introduce many of the themes which later power his Discworld series. The Guardian reports that the stories "range from a steam-powered rocket's flight to Mars to a Welsh shepherd's discovery of the resting place of King Arthur." In a statement Pratchett's editors said "It is very fitting that some of the first stories he wrote will be in the last collection by him to be published..."

Read more of this story at Slashdot.

Is Twitter Shifting the Balance of Power From Companies to Their Employees?

Slashdot.org - Sat, 07/11/2020 - 10:34
Last week leaked audio surfaced of investors arguing that journalists have too much power. But the Verge's Silicon Valley editor asks, "What if you take the whole discussion of "tech versus journalism" and reframe it as 'managers versus employees'? Then, I think, you get closer to the truth of what's going on." After all, this conflict started with employees. They were the people who initially described their working conditions under Steph Korey at Away, leading her to step aside as CEO. (She later returned, only for the company to say she would step aside later this year after her comments about the media on Instagram.) The employees made their comments at a time of increasing activism inside workplaces. Since the Google walkout in 2018, employees of venture-backed startups and public companies have become increasingly comfortable in speaking out — often using social media platforms to call out their employers. This trend has only accelerated since the Black Lives Matters protests swept the nation last month — which, among other things, led to the first-ever virtual Facebook walkout a few weeks later. Workers still face significant obstacles as they lobby to create more fair and equitable workplaces. But Twitter in particular has given them a place where not only can they be heard, but — crucially — employers can't really fight back... [T]weets have given workers an asymmetric advantage in the unrest — a one-sided argument is easy to win — and we're seeing it play out in new ways all the time. This dynamic, which is tilted heavily against bosses, goes a long way in explaining the disdain that the managerial class has for what they call "hit pieces." A "hit piece," in angry Twitter parlance, is typically a piece of journalism in which one or more employees are granted anonymity to talk about their working conditions. Journalists, myself included, would simply call that reporting. But it's the kind of reporting that tilts the balance away from managers and toward their employees — and in ways that are difficult to fight back against... And so it shouldn't be surprising, when a prominent reporter like Taylor Lorenz calls attention to posts like Korey's, the managerial class rises to Korey's defense. When CEOs can be held accountable not just for their working conditions but for social media defenses of their work, that represents a threat to the entire managerial tribe. And that explains how venture capitalists, who have millions of dollars at their disposal and could comfortably retire without ever participating in a single Twitter fight, have nonetheless come to see themselves as the underdogs in this situation. They got where they are in part because they've been good at winning arguments, and now they find themselves living in a world where they get punished for arguing... [T]he next time you see journalists and tech overlords going a few rounds online, ask yourself whether what you're looking at isn't, on some level, a labor issue... Workers are justifiably outraged about the state of affairs in this country, and some of that outrage is being captured by journalists. David Heinemeier Hansson, creator of Ruby on Rails and the founder of Basecamp, called the piece "a wonderful framing of the issue" in a series of tweets. "While I decry this website as the bane of modern living half the time, the other half it has probably done more to move my own position on many issues than anything else online. "Which is why I'm not actually sure that VC Twitter should be so eager to cheer on 'citizen journalism'. The number of citizens that count themselves in the worker class vs. manager class are far more plentiful. And their unfiltered stories really do add up to paint the picture."

Read more of this story at Slashdot.

DuckDuckGo Restored in India, Responds to Favicon Concerns

Slashdot.org - Sat, 07/11/2020 - 09:34
DuckDuckGo made the news twice this week. First its service was reinstated across India last Saturday, after being unreachable for nearly three days, for reasons which remain unclear. "We have contacted the Indian government but have not yet received a response," a DuckDuckGo spokesperson told The Verge. "We are bewildered on why the Indian government would instruct Indian ISPs to block DuckDuckGo, but are optimistic that this will be resolved soon." But at roughly the same time the search engine faced another controversy about how DuckDuckGo fetches favicons, according to one cybersecurity blog: First submitted as an issue in July 2019, GitHub user Tritonio flagged the offending script, saying: "This seems to be leaking all(?) the domains that users visit to your servers." The script in the Android version of the DuckDuckGo application showed that favicon fetching was routed through DuckDuckGo systems, rather than made via direct website requests. Daniel "tagawa" Davis, communications manager at DuckDuckGo, said at the time that the "internal" favicon service was used to simplify the favicon location process, but as the service is rooted in DuckDuckGo's existing systems, the script adhered to the company's privacy policy which pledges not to collect or store any personal user information. The case was then closed. However, when the issue became public on the GitHub tracker this week, this assurance was not enough for everyone. Some users requested that the case be re-examined, citing potential information leaks caused by the script choice, considered by some as an inherent 'design' flaw or human error. In response to the discussion concerning the favicon telemetry, founder and CEO Gabriel Weinberg said he was "happy to commit us to move to doing this locally in the browser" and will address it as a matter of priority. He added that as DuckDuckGo's services are encrypted and "throw away PII [personally identifiable information] like IP addresses by design", no information was collected, stored, or leaked. The company's slogan is "Privacy Simplified". It is this concept, Weinberg told The Daily Swig, that led to the rapid decision in changing how favicons are managed. Weinberg acknowledged that there is an ongoing security debate concerning which option for fetching favicons is more secure, and arguments can be made for each choice — but added they both offer "basically a similar amount" of privacy... You can ask a browser to connect to a website and fetch the favicon — potentially making multiple requests in the process — or you can use the firm's encrypted service... "It's a known anonymous service," Weinberg told us. "You're already connected to DuckDuckGo because you're using the app. It's not that it is leaking any more information, because you conduct a search with us which has the favicons anyway." DuckDuckGo's service is also faster and uses less bandwidth as the service is running server-side and favicons are cached, Weinberg says.

Read more of this story at Slashdot.

Apple To Teach Teachers To Teach Coding For Free

Slashdot.org - Sat, 07/11/2020 - 08:00
theodp writes: From the Home Office in Cupertino: "Apple today announced a new set of tools to help educators teach coding to students from grade school to college. In addition to significant enhancements to the Develop in Swift and Everyone Can Code curricula, Apple is also starting a new professional learning course for Develop in Swift, available to educators at no cost. The course is designed to supplement the need for computer science educators in the US, and helps instructors of all skill levels build foundational knowledge to teach app development with Swift. In addition, with many institutions operating remotely, Apple is adding resources for educators and parents to help ensure they have the tools they need to help students learn and grow from anywhere. [...] To support parents with kids learning to code at home, Apple is adding a new guide to its set of remote learning resources. 'A Quick Start to Code' is now available and features 10 coding challenges designed for learners ages 10 and up, on iPad or Mac. [...] In 2016, Apple launched Everyone Can Code, a comprehensive program and curriculum to help students of all abilities, from kindergarten to college, learn coding to solve problems and prepare them for the workforce. Develop in Swift was released in 2019, and today more than 9,000 K-12 and higher education institutions worldwide are using the Everyone Can Code and Develop in Swift curricula from Apple." Back in 2018, Apple CEO Tim Cook claimed that most students shunned programming before Apple introduced Swift "because coding languages were 'too geeky.'" As Apple introduced Swift in 2016, Cook called for requiring all children to start coding in 4th grade (9-10 years old), which Cook reiterated to President Trump in a 2017 White House meeting with tech titans.

Read more of this story at Slashdot.

US Secret Service Creates New Cyber Fraud Task Force

Slashdot.org - Sat, 07/11/2020 - 05:00
The U.S. Secret Service announced the creation of the Cyber Fraud Task Force (CFTF) after the merger of its Financial Crimes Task Forces (FCTFs) and Electronic Crimes Task Forces (ECTFs) into a single unified network. Bleeping Computer reports: CFTF's main goal is to investigate and defend American individuals and businesses from a wide range of cyber-enabled financial crimes, from business email compromise (BEC) scams and ransomware attacks to data breaches and the illegal sale of stolen personal information and credit cards on the Internet and the dark web. Consolidating the two task forces into CFTF will allow the Secret Service to boost its agents' ability to prevent, detect, and mitigate financially-motivated cybercrime by improving coordination, sharing of resources and expertise, and best practices dissemination. "The creation of the new Cyber Fraud Task Force (CFTF), will offer a specialized cadre of agents and analysts, trained in the latest analytical techniques and equipped with the most cutting-edge technologies," said Michael D'Ambrosio, U.S. Secret Service Assistant Director. At the moment, the Secret Service has already operationalized CFTFs in 42 domestic offices and in 2 international locations (London and Rome). The Department of Homeland Security federal law enforcement agency also plans to increase the number of CFTF locations through its network of more than 160 offices across the U.S. and around the globe.

Read more of this story at Slashdot.

OpenSSH Server connection drops out after few minutes of inactivity

nixCraft - Sat, 07/11/2020 - 04:46

{Updated} I have already written about how to deny access to users using OpenSSH. Today, I am going to write about another interesting problem that can cause ssh connection time outs and how to increase SSH connection timeout in macOS, Linux, *BSD and Unix-like systems.

The post OpenSSH Server connection drops out after few minutes of inactivity appeared first on nixCraft.

'Broken Heart Syndrome' Has Increased During COVID-19 Pandemic, Small Study Suggests

Slashdot.org - Sat, 07/11/2020 - 02:00
Rick Schumann writes: Researchers at a Cleveland clinic performed a study with 1,914 patients into a phenomenon called "Broken Heart Syndrome," where someone can be experiencing heart attack-like symptoms, but it's not a heart attack or anything related to blocked blood flow to the heart. Turns out that it seems likely that the aggregate stresses of the pandemic (so-called "social distancing," lack of contact with fellow humans, enforced isolation, and so on) appear to create emotional stresses that manifest with physical symptoms that mimic a heart attack. "The pandemic has created a parallel environment which is not healthy," said Dr. Ankur Kalra, the cardiologist who led the study. "Emotional distancing is not healthy. The economic impact is not healthy. We've seen that as an increase in non-coronavirus deaths, and our study says that stress cardiomyopathy has gone up because of the stress that the pandemic has created." The study didn't examine whether or not there could be a medical link between this phenomenon and the coronavirus, but all the participants in the study were tested for infection and were found to be free of the virus. The study has been published in the journal JAMA Network Open.

Read more of this story at Slashdot.

Police Surveilled Protests With Help From Twitter-Affiliated Startup Dataminr

Slashdot.org - Fri, 07/10/2020 - 22:30
An anonymous reader quotes a report from The Intercept: Leveraging close ties to Twitter, controversial artificial intelligence startup Dataminr helped law enforcement digitally monitor the protests that swept the country following the killing of George Floyd, tipping off police to social media posts with the latest whereabouts and actions of demonstrators, according to documents reviewed by The Intercept and a source with direct knowledge of the matter. The monitoring seems at odds with claims from both Twitter and Dataminr that neither company would engage in or facilitate domestic surveillance following a string of 2016 controversies. Twitter, up until recently a longtime investor in Dataminr alongside the CIA, provides the company with full access to a content stream known as the "firehose" -- a rare privilege among tech firms and one that lets Dataminr, recently valued at over $1.8 billion, scan every public tweet as soon as its author hits send. Both companies denied that the protest monitoring meets the definition of surveillance. Dataminr's Black Lives Matter protest surveillance included persistent monitoring of social media to tip off police to the locations and activities of protests, developments within specific rallies, as well as instances of alleged "looting" and other property damage. According to the source with direct knowledge of Dataminr's protest monitoring, the company and Twitter's past claims that they don't condone or enable surveillance are "bullshit," relying on a deliberately narrowed definition. "It's true Dataminr doesn't specifically track protesters and activists individually, but at the request of the police they are tracking protests, and therefore protesters," this source explained. According to internal materials reviewed by The Intercept, Dataminr meticulously tracked not only ongoing protests, but kept comprehensive records of upcoming anti-police violence rallies in cities across the country to help its staff organize their monitoring efforts, including events' expected time and starting location within those cities. A protest schedule seen by The Intercept shows Dataminr was explicitly surveilling dozens of protests big and small, from Detroit and Brooklyn to York, Pennsylvania, and Hampton Roads, Virginia. Company documents also show the firm instructed members of its staff to look for instances of "lethal force used against protesters by police or vice-versa," "property damage," "widespread arson or looting against government or commercial infrastructure," "new instances of officer-involved shootings or death with potential interpretation of racial bias," and occasions when a "violent protests spreads to new major American city." Staff were also specifically monitoring social media for posts about "Officers involved in Floyd's death" -- all of which would be forwarded to Dataminr's governmental customers through a service named "First Alert." [...] First Alert also scans other popular platforms like Snapchat and Facebook, the latter being particularly useful for protest organizers trying to rapidly mobilize their communities. On at least one occasion, according to MPD records, Dataminr was able to point police to a protest's Facebook event page before it had begun.

Read more of this story at Slashdot.