You are here

Technology

School Custodian Refuses To Download Phone App That Monitors Location, Says It Got Her Fired

Slashdot - Wed, 2021-04-14 00:20
Michelle Dionne, a former employee at a cleaning company in Darwell, Alberta, says she was fired for refusing to download an app that would check her location and ensure she was working her scheduled hours. CBC.ca reports: Dionne says she was thrilled to get the job last fall -- responsible for things like disinfecting door handles, light switches and bathrooms to prevent possible spread of the coronavirus. When her boss told her to download the app, Dionne says she was concerned about her privacy. The app would go on her personal phone and, she says, her boss didn't clearly explain how it worked or what would happen to any data it collected.[...] The app, called Blip, generates a geofence -- a virtual boundary, created by the employer using GPS -- that detects when an employee enters or leaves. The app registers a signal from the worker's cell phone, when their "locations" setting is turned on, so the boss can tell whether an employee is on site and how many hours that person works. It only registers an employee's location when they enter and exit the geofence and doesn't track their specific movements. It's not clear where that data is stored, or whether any other employee information might be included. Go Public reached out to the maker of the app, U.K.-based BrightHR. Spokesperson Natalie Shallow said, although the app collects data, that data "belongs to the customer organization" -- meaning, the company using the app -- and therefore is subject to the company's own policies. The data's protection "complies with all applicable laws, including Alberta's Personal Information Protection Act," Shallow said. Dionne worried about where the information might end up. She knew apps like Instagram, Facebook and others had been breached. She says no one told her how securely the information would be protected. Dionne's former boss admits she didn't know where the data generated by Blip would be stored when she introduced the app to her workforce last fall. "I never asked that question and it never came up in my mind to ask," said Hanan Yehia, founder and owner of H.Y. Cleaning Services, which operates cleaning services for eight locations in northern Alberta. She says after Dionne raised concerns, she went back to BrightHR for more information and was told employees' movements within the geofence are not specifically monitored. Yehia says she shared that information with Dionne. The app was a solution to a problem, says Yehia -- she was looking for a way to simplify payroll by easily tracking hours and making sure employees who claimed they were working were actually on the job. "We had some issues in some locations where they would say they were on site, that they were working, but they weren't," she said, clarifying that attendance was not an issue with Dionne. She also says Dionne's refusal to download the app wasn't the sole reason she was fired.

Read more of this story at Slashdot.

Categories: Technology

Journalists wanted: News reporter and copy editor

The Register - Wed, 2021-04-14 00:15
Want to write for El Reg or help us polish our output? Apply within

Job alert  The Register has a couple of vacancies open on our editorial team that we would like to fill immediately. Without further ado, here are the details:…

Categories: Technology

Las Vegas Pushes To Become First To Ban Ornamental Grass

Slashdot - Tue, 2021-04-13 23:40
With a first-in-the-nation policy, Las Vegas is seeking to ban grass that nobody walks on. "Las Vegas-area water officials have spent two decades trying to get people to replace thirsty greenery with desert plants, and now they're asking the Nevada Legislature to outlaw roughly 40% of the turf that's left," reports The Associated Press. By outlawing this ornamental grass that requires four times as much water as drought-tolerant landscaping, the region can reduce annual water consumption by roughly 15% and save about 14 gallons of water per person per day. From the report: The proposal is part of a turf war waged since at least 2003, when the water authority banned developers from planting green front yards in new subdivisions. It also offers owners of older properties the region's most generous rebate policies to tear out sod -- up to $3 per square foot. Those efforts are slowing. The agency says the number of acres converted under its rebate program fell last year to six times less than what it was in 2008. Meanwhile, water consumption in southern Nevada has increased 9% since 2019. Justin Jones, a Clark County commissioner who serves on the water authority's board, doesn't think ripping out ornamental turf will upend people's lives. "To be clear, we are not coming after your average homeowner's backyard," he said. But grass in the middle of a parkway, where no one walks: "That's dumb." "The only people that ever set foot on grass that's in the middle of a roadway system are people cutting the grass," Jones said. The agency has different regulations for yards and public parks. Based on satellite imaging, it believes banning ornamental grass will primarily affect common areas maintained by homeowner associations and commercial property owners.

Read more of this story at Slashdot.

Categories: Technology

After years of dragging its feet, FCC finally starts tackling America's robocall scourge

The Register - Tue, 2021-04-13 23:34
New law implementation, cease-and-desist letters, and mobile companies asked to detail free blocking tools

The FCC is finally taking concrete action on the scourge of robocalls after years of dithering on the issue.…

Categories: Technology

Global PC Market Swells by 55% in Q1 2021 To 82.7 Million

Slashdot - Tue, 2021-04-13 23:04
The latest data from research firm Canalys shows continued strength in the worldwide PC market in the first quarter of 2021, with shipments of desktops and notebooks, including workstations, up 55% year on year. From the report: Though this growth rate was buoyed by a weak Q1 2020, total shipments of 82.7 million units is still impressive, and the highest Q1 shipment number since 2012. Backlogs on orders from 2020, particularly for notebooks, were a key driver, though new demand is also a factor as smaller businesses begin their recoveries. Shipments of notebooks and mobile workstations increased 79% year on year to reach 67.8 million units. Desktops improved slightly at the start of 2021 after a string of poor quarters in 2020, with the level of shipment decline easing. Shipments of desktop and desktop workstations fell 5% year on year to 14.8 million units. The strong recovery from a weak Q1 2020 saw all vendors in the top five achieve double-digit year-on-year shipment growth. Lenovo maintained pole position in the PC market, securing a 25% market share and posting year-on-year growth of 61%, with shipments of 20.4 million units. HP, spurred by strong Chromebook shipments, came second with total shipments of 19.2 million units, a 64% increase on Q1 2020. Dell lost market share against Q4, but took third place in the rankings, growing shipments 23% year on year to hit 12.9 million units. Apple and Acer made up the rest of the top five, shipping 6.6 million and 5.7 million units to enjoy the highest and second-highest annual growth respectively. Cumulatively, the top five vendors accounted for 78.5% of all PC shipments in Q1 2021.

Read more of this story at Slashdot.

Categories: Technology

Who'd have thought the US senator who fist pumped Jan 6 insurrectionists would propose totally unworkable anti-Big Tech law?

The Register - Tue, 2021-04-13 22:44
This one seems as well thought-out as his Capitol rally salute

US Senator Josh Hawley (R-MO) has proposed his latest anti-Big Tech legislation: a complete ban on mergers and acquisitions for companies valued at over $100bn if it may harm competition in any way possible.…

Categories: Technology

Tech Workers At the New York Times Have Formed a Union

Slashdot - Tue, 2021-04-13 22:25
An anonymous reader quotes a report from The Verge: Tech workers at The New York Times have formed a union under the NewsGuild of New York, and they are demanding voluntary recognition from the paper's management. The new union, called the Tech Times Guild, represents more than 650 workers from the digital side of the company, including software engineers, designers, and data analysts. Those employees are not included in the editorial union of The New York Times, which represents more than 3,000 reporters and media professionals at the newspaper and is also organized under NewsGuild. The editorial union has historically excluded employees on the digital side of the paper, even as the company has expanded into more ambitious data and digital work. As a result, the Tech Times Guild is seeking a separate bargaining unit, which would negotiate separately with the Times management. "As of now, we face a number of challenges," the Tech Times Guild said in a statement on Twitter, "including sudden or unexplained termination, opaque promotion processes, unpaid overtime, and underinvestment in diverse representation. Without a union, we lack the data or bargaining rights to address these issues." The Times has not formally responded to the union's request for recognition. "Voluntary recognition is a significant decision," The New York Times Company said in a statement. "We have heard questions from colleagues such as what a union would mean for staff, who might be included in the union, and how colleagues would have a say in who might represent them. We want to make sure all voices are heard."

Read more of this story at Slashdot.

Categories: Technology

1Password targets developers with Secrets Automation, acquisition of SecretHub

The Register - Tue, 2021-04-13 21:53
Existing users covered until 2022

Password specialist 1Password has acquired SecretHub, a secrets management platform aimed at IT engineers, and made a new service called Secrets Automation, previously in beta, generally available.…

Categories: Technology

EU Poised To Set AI Rules That Would Ban Surveillance and Social Behavior Ranking

Slashdot - Tue, 2021-04-13 21:44
The European Union is poised to ban artificial intelligence systems used for mass surveillance or for ranking social behavior, while companies developing AI could face fines as high as 4% of global revenue if they fail to comply with new rules governing the software applications. From a report: The rules are part of legislation set to be proposed by the European Commission, the bloc's executive body, according to a draft of the proposal obtained by Bloomberg. The details could change before the commission unveils the measure, which is expected to be as soon as next week. The EU proposal is expected to include the following rules: * AI systems used to manipulate human behavior, exploit information about individuals or groups of individuals, used to carry out social scoring or for indiscriminate surveillance would all be banned in the EU. Some public security exceptions would apply. * Remote biometric identification systems used in public places, like facial recognition, would need special authorization from authorities. * AI applications considered to be 'high-risk' would have to undergo inspections before deployment to ensure systems are trained on unbiased data sets, in a traceable way and with human oversight. * High-risk AI would pertain to systems that could endanger people's safety, lives or fundamental rights, as well as the EU's democratic processes -- such as self-driving cars and remote surgery, among others. * Some companies will be allowed to undertake assessments themselves, whereas others will be subject to checks by third-parties. Compliance certificates issued by assessment bodies will be valid for up to five years. * Rules would apply equally to companies based in the EU or abroad.

Read more of this story at Slashdot.

Categories: Technology

There's Another Facebook Phone Number Database Online

Slashdot - Tue, 2021-04-13 21:05
An online tool lets customers pay to unmask the phone numbers of Facebook users that liked a specific Page, and the underlying dataset appears to be separate from the 500 million account database that made headlines last week, signifying another data breach or large scale scraping of Facebook users' data, Motherboard reports. From the report: Motherboard verified the tool, which comes in the form of a bot on the social network and messaging platform Telegram, outputs accurate phone numbers of Facebook users that aren't included in the dataset of 500 million users. The data also appears to be different to another Telegram bot outputting Facebook phone numbers that Motherboard first reported on in January. "Hello, can you tell me how you got my number?" one person included in the dataset asked Motherboard when reached for comment. "Omg, this is insane," they added. Another person returned Motherboard's call and, after confirming their name, said "If you have my number then yes it seems the data is accurate." A description for the bot reads "The bot give [sic] out the phone numbers of users who have liked the Facebook page." To use the bot, customers need to first identify the unique identification code of the Facebook Page they want to get phone numbers from, be that a band, restaurant, or any other sort of Page. This is possible with at least one free to use website. From there, customers enter that code into the bot, which provides a cost of the data in U.S. dollars and the option to proceed with the purchase, according to Motherboard's tests. A Page with tens of thousands of likes from Facebook users can cost a few hundred dollars, the bot shows. The data for Motherboard's own Page would return 134,803 results and cost $539, for example.

Read more of this story at Slashdot.

Categories: Technology

NSA helps out Microsoft with critical Exchange Server vulnerability disclosures in an April shower of patches

The Register - Tue, 2021-04-13 20:47
114 fixes for the Windows world – with SAP and Adobe joining in as usual

Patch Tuesday  April showers bring hours of patches as Microsoft delivers its Patch Tuesday fun-fest consisting of over a hundred CVEs, including four Exchange Server vulnerabilities reported to the company by the US National Security Agency (NSA).…

Categories: Technology

'Why It's Easier To Move Country Than Switch Social Media'

Slashdot - Tue, 2021-04-13 20:25
Cory Doctorow, writing at Wired: When we talk about social media monopolies, we focus too much on network effects, and not enough on switching costs. Yes, it's true that all your friends are already stuck in a Big Tech silo that doesn't talk to any of the other Big Tech silos. It needn't be that way: interoperable platforms have existed since the first two Arpanet nodes came online. You can phone anyone with a phone number and email anyone with an email address. The reason you can't talk to Facebook users without having a Facebook account isn't that it's technically impossible -- it's that Facebook forbids it. What's more, Facebook (and its Big Tech rivals) have the law on their side: the once-common practice of making new products that just work with existing ones (like third-party printer ink, or a Mac program that can read Microsoft Office files, or an emulator that can play old games) has been driven to the brink of extinction by Big Tech. They were fine with this kind of "competitive compatibility" when it benefited them, but now that they dominate the digital world, it's time for it to die. To restore competitive compatibility, we would need reform to many laws: software copyright and patents, the anti-circumvention laws that protect digital rights management, and the cybersecurity laws that let companies criminalize violations of their terms of service.

Read more of this story at Slashdot.

Categories: Technology

What's Red and scale-y and shacked up with NEC? A new Red Hat network function virtualization solution, apparently

The Register - Tue, 2021-04-13 20:01
Living on the Edge as SA networks roll out

The move to 5G has allowed vendors and carriers to fundamentally rethink how their networks are structured. Once the norm, tightly integrated vendor-specific hardware is gradually being supplanted by virtualized alternatives that run happily on standards-agnostic kit. Jumping on the bandwagon is Japanese provider NEC, which today said it would use RedHat's OpenShift Kubernetes platform for its upcoming 5G hardware.…

Categories: Technology

NAME:WRECK Vulnerabilities Impact Millions of Smart and Industrial Devices

Slashdot - Tue, 2021-04-13 19:49
Catalin Cimpanu, reporting at Record: Security researchers have found a new set of vulnerabilities that impact hundreds of millions of servers, smart devices, and industrial equipment. Called NAME:WRECK, the vulnerabilities have been discovered by enterprise IoT security firm Forescout as part of its internal research program named Project Memoria -- which the company describes as "an initiative that aims at providing the cybersecurity community with the largest study on the security of TCP/IP stacks." Although never visible to end-users, TCP/IP stacks are libraries that vendors add to their firmware to support internet connectivity and other networking functions for their devices. These libraries are very small but, in most cases, underpin the most basic functions of a device, and any vulnerability here exposes users to remote attacks. The NAME:WRECK research is the fifth set of vulnerabilities impacting TCP/IP libraries that have been disclosed over the past three years, and the third set disclosed part of Project Memoria.

Read more of this story at Slashdot.

Categories: Technology

Counter Strike' Bug Allows Hackers To Take Over a PC With a Steam Invite

Slashdot - Tue, 2021-04-13 19:03
Hackers could take control of victims' computers just by tricking them into clicking on a Steam invite to play Counter Strike: Global Offensive, Motherboard reports, citing a bug filing review. From a report: A bug in the game engine used in Counter Strike: Global Offensive could be exploited by hackers to take full control of a target's machine. A security researcher alerted Valve about the bug in June of 2019. Valve is the maker of Source Engine, which is used by CS:GO, Team Fortress 2, and several other games. The researcher, who goes by the name Florian, said that while that the bug has been fixed in some games that use the Source engine, it is still present in CS:GO, and he demonstrated it in a call with Motherboard. Florian's correspondence with Valve occurred on HackerOne, the bug bounty platform used by the company to get reports about vulnerabilities. Valve admitted that it was being slow to respond, even though it classified the bug as "critical" in the thread with the researchers, which Motherboard reviewed. "I am honestly very disappointed because they straight up ignored me most of the time," Florian said in an online chat.

Read more of this story at Slashdot.

Categories: Technology

With $1 Billion in Hand, What’s Next for SambaNova?

The Next Platform - Tue, 2021-04-13 18:57

We knew the day would come when an AI chip startup hit the $1 billion funding mark and so it has. …

With $1 Billion in Hand, What’s Next for SambaNova? was written by Nicole Hemsoth at The Next Platform.

Categories: Technology

The Global Business of Professional Trolling

Slashdot - Tue, 2021-04-13 18:23
Professional political trolling is still a thriving underground industry around the world, despite crackdowns from the biggest tech firms. From a report: Coordinated online disinformation efforts offer governments and political actors a fast, cheap way to get under rivals' skin. They also offer a paycheck to people who are eager for work, typically in developing countries. "It's a more sophisticated means of disinformation to weaken your advisories," said Todd Carroll, CISO and VP of Cyber Operations at CybelAngel. Facebook last week said it had uncovered a massive troll farm in Albania, linked to an Iranian militant group. The operation had the the hallmarks of a typical troll farm, which Facebook defines as "a physical location where a collective of operators share computers and phones to jointly manage a pool of fake accounts as part of an influence operation." "The main thing we saw was strange signals centralized coordination between different fake accounts," said Ben Nimmo, Facebook's global influence operations threat intelligence lead. Like numerous troll farms uncovered over the past few years, there was one easy giveaway: content from the network targeted Iran, but was posted on social media during normal working hours on Central European Time.

Read more of this story at Slashdot.

Categories: Technology

Cracked copies of Microsoft Office and Adobe Photoshop steal your session cookies, browser history, crypto-coins

The Register - Tue, 2021-04-13 18:12
It's like the 2000s all over again, sighs Bitdefender

Cracked copies of Microsoft Office and Adobe Photoshop are stealing browser session cookies and Monero cryptocurrency wallets from tightwads who install the pirated software, Bitdefender has warned.…

Categories: Technology

Security Researcher Drops Chrome and Edge Exploit on Twitter

Slashdot - Tue, 2021-04-13 17:44
An Indian security researcher has published today proof-of-concept exploit code for a recently discovered vulnerability impacting Google Chrome, Microsoft Edge, and other Chromium-based browsers like Opera and Brave. From a report: The researcher, Rajvardhan Agarwal, told The Record today that the exploit code is for a Chromium bug that was used during the Pwn2Own hacking contest that took place last week. During the contest, security researchers Bruno Keith (@bkth_) & Niklas Baumstark (@_niklasb) of Dataflow Security used a vulnerability to run malicious code inside Chrome and Edge, for which they received $100,000. Per contest rules, details about this bug were handed over to the Chrome security team so the bug could be patched as soon as possible. While details about the exact nature of the bug were never publicly disclosed, Agarwal told The Record he spotted the patches for this bug by looking at the source code commits to the V8 JavaScript engine, a component of the Chromium open-source browser project, which allowed him to recreate the Pwn2Own exploit, which he uploaded earlier today on GitHub, and shared on Twitter. However, while Chromium developers have patched the V8 bug last week, the patch has not yet been integrated into official releases of downstream Chromium-based browsers such as Chrome, Edge, and others, which are still vulnerable to attacks.

Read more of this story at Slashdot.

Categories: Technology

Microsoft's Surface Laptop 4 now includes AMD options for biz customers, boasts up to 19 hours of battery life

The Register - Tue, 2021-04-13 17:15
Surface Headphones 2+ also available and a range of 'Modern' kit coming in the next few months

Microsoft has opened the order books on the fourth generation of its Surface Laptop, replete with Intel-baiting AMD chippery in the line-up.…

Categories: Technology

Pages

Subscribe to www.ewan.cc aggregator - Technology