info4PHP.com : PHP, MySQL Hosting , HTML Books, News, Links, Free Script Directory, Codes for PHP, php tutorials mysql tutorials free php hosting, forum discussions, XML ,php manual, tips, software, applications, website, mysql tutorials, documentation, reference, PHP and MySQL hosting
   PHP Scripts   |    Add Script/Link   |    PHP 5 Manual   |    PEAR Manual   |    PHP Functions   |    Forums   |
PHP General

PHP Categories

PHP CMS

MySQL General

HTML General

Latest Computer News

Partners

About 5000 PHP Scripts For You - Our PHP Scripts Directory

Big Brother is Being Increasingly Outsourced To Silicon Valley, Says Report

The federal and local governments have long relied on private companies for defense and law enforcement technologies, from Lockheed Martin jetfighters to Booz Allen Hamilton data analysis. But increasingly, the government is expanding beyond the usual defense contractors to the company that also provides free shipping and online TV. From a report: "The ... thing that was shocking for me was to understand just how the federal authorizations are allowing Amazon to have such a monopoly over the storage of government information," says Jacinta Gonzalez, field organizer for immigrant advocacy group Mijente. Along with the National Immigration Project and the Immigrant Defense Project, Mijente funded a new report entitled, "Who's Behind ICE?: The Tech and Data Companies Fueling Deportations." Its findings are based on documents such as contracts, memoranda, and corporate financial reports --which are publicly available but take a lot of digging to decipher. While Amazon plays the leading role, the report also details the involvement of companies including Peter Thiel's Palantir, NEC, and Thomson Reuters in storing, transferring, and analyzing data on both undocumented residents and U.S. citizens. The U.S. government is moving its databases from federal facilities to cloud providers, especially Amazon Web Services (AWS), raising concerns about accountability.

Read more of this story at Slashdot.


Russia Is Behind Cyberattack On Saudi Petrochemical Plant, Researchers Say

U.S. researchers from FireEye have linked a Russian research lab to a cyberattack on a Saudi petrochemical plant. The malware strain called Triton -- or Trisis -- "was designed to either shut down a production process or allow SIS-controlled machinery to work in an unsafe state," reports ZDNet, citing technical reports from FireEye, Dragos, and Symantec. From the report: The group behind the malware, which FireEye has been tracking under the codename of TEMP.Veles, nearly succeeded last year, when it almost caused an explosion at a Saudi petrochemical plant owned by Tasnee, a privately owned Saudi company, according to a New York Times report. The malware's origins were a mystery when FireEye first discovered Triton in 2017 and remained a mystery even after the New York Times report in March 2018. But in a report published today, FireEye says that following further research into incidents where the Triton malware was deployed, it can now assess with "high confidence" that the Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM), a government-owned technical research institution located in Moscow, was involved in these attacks. FireEye's report does not link the Triton malware itself to CNIIHM, but the secondary malware strains used by TEMP.Veles and deployed during the incidents where Triton was deployed. Clues in these secondary malware strains used to aid the deployment of the main Triton payloads contained enough artifacts that allowed researchers to identify their source.

Read more of this story at Slashdot.


Yahoo To Pay $50 Million, Offer Credit Monitoring For Massive Security Breach

Yahoo has agreed to pay $50 million in damages and provide two years of free credit-monitoring services to 200 million people whose email addresses and other personal information were stolen as part of the biggest security breach in history. "The restitution hinges on federal court approval of a settlement filed late Monday in a 2-year-old lawsuit seeking to hold Yahoo accountable for digital burglaries that occurred in 2013 and 2014, but weren't disclosed until 2016," reports ABC News. From the report: Claims for a portion of the $50 million fund can be submitted by any eligible Yahoo accountholder who suffered losses resulting from the security breach. The costs can include such things as identity theft, delayed tax refunds or other problems linked to having had personal information pilfered during the Yahoo break-ins. The fund will compensate Yahoo accountholders at a rate of $25 per hour for time spent dealing with issues triggered by the security breach, according to the preliminary settlement. Those with documented losses can ask for up to 15 hours of lost time, or $375. Those who can't document losses can file claims seeking up to five hours, or $125, for their time spent dealing with the breach. Yahoo accountholders who paid $20 to $50 annually for a premium email account will be eligible for a 25 percent refund. The free credit monitoring service from AllClear could end up being the most valuable part of the settlement for most accountholders. The lawyers representing the accountholders pegged the retail value of AllClear's credit-monitoring service at $14.95 per month, or about $359 for two years -- but it's unlikely Yahoo will pay that rate. The settlement didn't disclose how much Yahoo had agreed to pay AllClear for covering affected accountholders.

Read more of this story at Slashdot.


An ISP Left Corporate Passwords, Keys, and All Its Data Exposed On the Internet

Security researchers at UpGuard discovered that a Washington-based ISP called Pocket iNet left 73 gigabytes of essential operational data publicly exposed in a misconfigured Amazon S3 storage bucket for months. "Said bucket, named 'pinapp2,' contained the 'keys to the kingdom,' according to the security firm, including internal network diagramming, network hardware configuration photos, details and inventory lists -- as well as lists of plain text passwords and AWS secret keys for Pocket iNet employees," reports Motherboard. From the report: Upguard says the firm contacted Pocket iNet on October 11 of this year, the same day the exposed bucket was discovered, but the ISP took an additional week before the data was adequately secured. "Seven days passed before Pocket iNet finally secured the exposure," noted the firm. "Due to the severity of this exposure, UpGuard expended significant effort during those seven days, repeatedly contacting Pocket iNet and relevant regulators, including using contact information found within the exposed dataset." According to UpGuard, the list of plain text passwords was particularly problematic, given it provided root admin access to the ISP's firewalls, core routers and switches, servers, and wireless access points. "Documents containing long lists of administrative passwords may be convenient for operations, but they create single points of total risk, where the compromise of one document can have severe and extensive effects throughout the entire business," noted UpGuard. "If such documents must exist, they should be strongly encrypted and stored in a known secure location," said the firm. "Unfortunately, a single folder of PocketiNet's network operation historical data (non-customer) was publicly accessible to Amazon administrative users," the ISP said in a statement to Motherboard. "It has since been secured."

Read more of this story at Slashdot.


Why the Google Pixel 3 Charges Faster On a Pixel Stand Than Other Wireless Chargers

An anonymous reader quotes a report from Ars Technica: Google's Pixel 3 smartphone is shipping out to the masses, and people hoping to take advantage of the new Qi wireless charging capabilities have run into a big surprise. For some unexplained reason, Google is locking out third-party Qi chargers from reaching the highest charging speeds on the Pixel 3. Third-party chargers are capped to a pokey 5W charging speed. If you want 10 watts of wireless charging, Google hopes you will invest in its outrageously priced Pixel Stand, which is $79. Android Police reports that a reader purchased an Anker wireless charger for their Pixel 3, and, after noticing the slow charging speed, this person contacted the company. Anker confirmed that something screwy was going on with Google's charging support, saying "Pixel sets a limitation for third-party charging accessories and we are afraid that even our fast wireless charger can only provide 5W for these 2x devices." Normally we would chalk this up to some kind of bug, but apparently Google told Android Police that this was on purpose. The site doesn't have a direct quote, but it writes that, after reaching out to Google PR, it was "told that the Pixel 3 would charge at 10W on the Pixel Stand [and that] due to a 'secure handshake' being established that third-party chargers would indeed be limited to 5W." In an update, Google said the reason has to do with the "proprietary wireless charging technology" it has via its Pixel Stand and other select wireless chargers. The Pixel 3 only supports 5W Qi charging; "Google's 10W proprietary wireless charging technology" is what will allow the phone to charge at faster speeds. "Google says it is 'certifying' chargers for the Pixel 3 via the 'Made for Google' program and pointed us to one such device, a Belkin charger called the 'Boost Up Wireless Charging Pad 10W for Pixel 3 and Pixel 3 XL,'" reports Ars Technica. "Belkin's description is very enlightening, saying 'Made with the Google Pixel 3 and Pixel 3 XL in mind, this wireless charging pad uses Google's 10W proprietary wireless charging technology. It's certified for Pixel, so you know that the BOOST UP Wireless Charging pad has been made specifically for your Pixel 3 and meets Google's high product standards.'"

Read more of this story at Slashdot.


IBM Open Sources Mac@IBM Code

PolygamousRanchKid shares a report from 9to5Mac: At the Jamf Nation User Conference, IBM has announced that it is open sourcing its Mac@IBM provisioning code. The code being open-sourced offers IT departments the ability to gather additional information about their employees during macOS setup and allows employees to customize their enrollment by selecting apps or bundles of apps to install. Back in 2015, IBM discussed how it went from zero to 30,000 Macs in six months. In 2016, IBM said Apple products were cheaper to manage when you looked at the entire life cycle: "IBM is saving a minimum of $265 (up to $535 depending on model) per Mac compared to a PC, over a 4-year lifespan. While the upfront workstation investment is lower for PCs, the residual value for Mac is higher The program's success has improved IBM's ability to attract and retain top talent -- a key advantage in today's competitive market."

Read more of this story at Slashdot.


Apple's Upcoming TV Service To Launch In Over 100 Countries In 2019, Starting With the US

A new report from The Information says that Apple's upcoming TV service that is in the works to showcase its original TV shows will be available in more than 100 countries next year. The service will launch in the United States in the first half of 2019, with a global expansion to follow later in the year. MacRumors reports: According to The Information, Apple's original content will be made available for free to Apple device owners, a rumor we heard earlier this month from CNBC. While Apple's content will be available at no cost, Apple will encourage users to sign up for television subscriptions from other cable networks such as HBO or STARZ. Apple has reportedly started negotiating with content providers about what it will pay to carry TV shows and movies, but programming is not expected to be the same in each country. It is also not quite clear how Apple content will be positioned alongside content from third-party services.

Read more of this story at Slashdot.


Coinbase Lets You Buy and Sell USDC Stablecoin

An anonymous reader quotes a report from TechCrunch: A few weeks after Circle announced the launch of USD Coin (or USDC for short), Coinbase also announced that customers can now buy, sell, send and receive USDC on Coinbase. A USDC is a token that is worth exactly 1 USD. Its value is going to stay stable against USD -- hence the name stablecoin for this type of coins. Unlike traditional cryptocurrencies, you can be sure that the value of your USDC wallet isn't going to fluctuate like crazy. It opens up new possibilities and use cases. While Coinbase lets you hold USD in your Coinbase account, this isn't safe. If somebody hacks into your account, you could end up with an empty wallet. That's why you should always try to control the keys of your wallet and transfer your coins to a safer wallet, such as a Ledger wallet or at least a software solution like MyEtherWallet. But if you want to short cryptocurrencies without sending your USD back to your bank account, you can now convert your tokens to USDC. This way, it'll be easier to buy cryptocurrencies again in the future. And maybe you can avoid paying taxes by hiding your tokens from taxation authorities USDC is an ERC-20 token that leverages the Ethereum blockchain and ecosystem. In an effort to regulate USDC, Circle, Coinbase and others have created the CENTRE consortium to define the policies around stablecoins. "For instance, if you want to handle stablecoins on your exchange, you need to send regular audited reports that prove that you have as many USD sitting on a bank account as issued tokens," reports TechCrunch.

Read more of this story at Slashdot.


Multiple iCloud Services Experiencing Issues

Several iCloud services are experiencing problems this afternoon, users reported. While Apple PR has not issued a statement yet, the status page of Apple services reflect the issues, too. Citing people and the status page, news outlet MacRumors reports that Cloud Drive, iCloud Mail, iCloud Keychain, iCloud Contacts, iCloud Calendar, Mail Drop, Find My iPhone, and more services are performing "slower than normal" for some users.

Read more of this story at Slashdot.


DARPA Wants To Build 'Contextual' AI That Understands the World

The Defense Advanced Research Projects Agency (DARPA), a division of the U.S. Department of Defense responsible for the development of emerging technologies, is one of the birthplaces of machine learning, a kind of artificial intelligence (AI) that mimics the behavior of neurons in the brain. Dr. Brian Pierce, director of DARPA's Innovation Office, spoke about the agency's recent efforts at a VentureBeat summit. From the report: One area of study is so-called "common sense" AI -- AI that can draw on environmental cues and an understanding of the world to reason like a human. Concretely, DARPA's Machine Common Sense Program seeks to design computational models that mimic core domains of cognition: objects (intuitive physics), places (spatial navigation), and agents (intentional actors). "You could develop a classifier that could identify a number of objects in an image, but if you ask a question, you're not going to get an answer," Pierce said. "We'd like to get away from having an enormous amount of data to train neural networks [and] get away with using fewer labels [to] train models." The agency's also pursuing explainable AI (XAI), a field which aims to develop next-generation machine learning techniques that explain a given system's rationale. "[It] helps you to understand the bounds of the system, which can better inform the human user," Pierce said.

Read more of this story at Slashdot.


Almost 9 in 10 Android Apps Are Able To Share Data With Google, Says Study

A peer-reviewed study [PDF] of almost one million Android apps has revealed how data from smartphones are harvested and shared, with nearly 90 percent of apps set up to transfer information back to Google. From a report: Researchers at Oxford university analysed approximately a third of the apps available in Google's Play Store in 2017 and found that the median app could transfer data to 10 third parties, with one in five apps able to share data with more than 20. This year has seen unprecedented scrutiny over how websites use the data they collect from their users, but little attention has so far been paid to the sprawling and fast-growing world of smartphone apps. Reuben Binns, the computer scientist who led the project, said that because most apps have now moved to a "freemium" model, where they make revenues from advertising rather than sales, data sharing has spiralled out of control. Users, regulators and sometimes even the app developers and advertisers are unaware of the extent to which data flow from smartphones to digital advertising groups, data brokers and intermediaries that buy, sell and blend information, he said. "This industry was growing already on the webâ...âwhen smartphones came along, that was a new opportunity," he said. "It feels like this legitimate business model has gone completely out of control and created a kind of chaotic industry that is not understood by the people who are most affected by it."

Read more of this story at Slashdot.


Facebook's Ex Security Boss: Asking Big Tech To Police Hate Speech is 'a Dangerous Path'

Like many people, Alex Stamos, former Facebook chief security officer, thinks tech platforms like Facebook and Google have too much power. But he doesn't agree with the calls to break them up. And he argues that the very people who say Facebook and Google are too powerful are giving them more power by insisting they do more to control hate speech and propaganda. From a report: "That's a dangerous path," he warns. If democratic countries make tech firms impose limits on free speech, so will autocratic ones. Before long, the technology will enable "machine-speed, real-time moderation of everything we say online." In attempting to rein in Big Tech, we risk creating Big Brother. So what's the solution? I spoke to Stamos at his Stanford office to find out. Technology Review: So is the disinformation/propaganda problem mostly solved? Stamos: In a free society, you will never eliminate that problem. I think the most important thing [in the US] is the advertising transparency. With or without any foreign interference, the parties, the campaigns, the PACs [political action committees] here in the US are divvying up the electorate into tiny little buckets, and that is a bad thing. Transparency is a good start. The next step we need is federal legislation to put a limit on ad targeting. There are thousands of companies in the internet advertising ecosystem. Facebook, Google, and Twitter are the only ones that have done anything, because they have gotten the most press coverage and the most pressure from politicians. So without legislation we're just going to push all of the attackers into the long tail of advertising, to companies that don't have dedicated teams looking for Russian disinformation groups. Technology Review: Facebook has been criticized over Russian political interference both in the US and in other countries, the genocide in Myanmar, and a lot of other things. Do you feel Facebook has fully grasped the extent of its influence and its responsibility? Stamos: I think the company certainly understands its impact. The hard part is solving it. Ninety percent of Facebook users live outside the United States. Well over half live in either non-free countries or democracies without protection for speech. One of the problems is coming up with solutions in these countries that don't immediately go to a very dark place [i.e., censorship]. Another is figuring out what issues to put engineering resources behind. No matter how big a company is, there are only a certain number of problems you [can tackle]. One of the problems that companies have had is that they're in a firefighting mode where they jump from emergency to emergency. So as they staff up that gets better, but we also need a more informed external discussion about the things we want the companies to focus on -- what are the problems that absolutely have to be solved, and what aren't. You mentioned a bunch of a problems that are actually very different, but people blur them all together. Technology Review: How do you regulate in a world in which tech is advancing so fast while regulation moves so slowly? How should a society set sensible limits on what tech companies do? Stamos: But right now, society is not asking for limits on what they do. It's asking that tech companies do more. And I think that's a dangerous path. In all of the problems you mentioned -- Russian disinformation, Myanmar -- what you're telling these companies is, "We want you to have more power to control what other people say and do." That's very dangerous, especially with the rise of machine learning. Five or ten years from now, there could be machine-learning systems that understand human languages as well as humans. We could end up with machine-speed, real-time moderation of everything we say online. So the powers we grant the tech companies right now are the powers those machines are going to have in five years.

Read more of this story at Slashdot.


Apps Installed On Millions Of Android Phones Tracked User Behavior To Execute A Multimillion Dollar Ad Fraud Scheme

A new investigation uncovers a sophisticated ad fraud scheme involving more than 125 Android apps and websites, some of which were targeted at kids. From a report: Last April, Steven Schoen received an email from someone named Natalie Andrea who said she worked for a company called We Purchase Apps. She wanted to buy his Android app, Emoji Switcher. But right away, something seemed off. "I did a little bit of digging because I was a little sketched out because I couldn't really find even that the company existed," Schoen told BuzzFeed News. The We Purchase Apps website listed a location in New York, but the address appeared to be a residence. "And their phone number was British. It was just all over the place," Schoen said. It was all a bit weird, but nothing indicated he was about to see his app end up in the hands of an organization responsible for potentially hundreds of millions of dollars in ad fraud, and which has funneled money to a cabal of shell companies and people scattered across Israel, Serbia, Germany, Bulgaria, Malta, and elsewhere. Schoen had a Skype call with Andrea and her colleague, who said his name was Zac Ezra, but whose full name is Tzachi Ezrati. They agreed on a price and to pay Schoen up front in bitcoin. "I would say it was more than I had expected," Schoen said of the price. That helped convince him to sell. A similar scenario played out for five other app developers who told BuzzFeed News they sold their apps to We Purchase Apps or directly to Ezrati. (Ezrati told BuzzFeed News he was only hired to buy apps and had no idea what happened to them after they were acquired.) The Google Play store pages for these apps were soon changed to list four different companies as their developers, with addresses in Bulgaria, Cyprus, and Russia, giving the appearance that the apps now had different owners. But an investigation by BuzzFeed News reveals that these seemingly separate apps and companies are today part of a massive, sophisticated digital advertising fraud scheme involving more than 125 Android apps and websites connected to a network of front and shell companies in Cyprus, Malta, British Virgin Islands, Croatia, Bulgaria, and elsewhere. More than a dozen of the affected apps are targeted at kids or teens, and a person involved in the scheme estimates it has stolen hundreds of millions of dollars from brands whose ads were shown to bots instead of actual humans. (A full list of the apps, the websites, and their associated companies connected to the scheme can be found in this spreadsheet.) One way the fraudsters find apps for their scheme is to acquire legitimate apps through We Purchase Apps and transfer them to shell companies. They then capture the behavior of the app's human users and program a vast network of bots to mimic it, according to analysis from Protected Media, a cybersecurity and fraud detection firm that analyzed the apps and websites at BuzzFeed News' request. This means a significant portion of the millions of Android phone owners who downloaded these apps were secretly tracked as they scrolled and clicked inside the application. By copying actual user behavior in the apps, the fraudsters were able to generate fake traffic that bypassed major fraud detection systems. Response from Google.

Read more of this story at Slashdot.


Silicon Valley's Dirty Secret: Using a Shadow Workforce of Contract Employees To Drive Profits

An anonymous reader shares a report: As the gig economy grows, the ratio of contract workers to regular employees in corporate America is shifting. Google, Facebook, Amazon, Uber and other Silicon Valley tech titans now employ thousands of contract workers to do a host of functions -- anything from sales and writing code to managing teams and testing products. This year at Google, contract workers outnumbered direct employees for the first time in the company's 20-year history. It's not only in Silicon Valley. The trend is on the rise as public companies look for ways to trim HR costs or hire in-demand skills in a tight labor market. The U.S. jobless rate dropped to 3.7 percent in September, the lowest since 1969, down from 3.9 percent in August, according to the Bureau of Labor Statistics. Some 57.3 million Americans, or 36 percent of the workforce, are now freelancing, according to a 2017 report by Upwork. In San Mateo and Santa Clara counties alone, there are an estimated 39,000 workers who are contracted to tech companies, according to one estimate by University of California Santa Cruz researchers. Spokespersons at Facebook and Alphabet declined to disclose the number of contract workers they employ. A spokesperson at Alphabet cited two main reasons for hiring contract or temporary workers. One reason is when the company doesn't have or want to build out expertise in a particular area such as doctors, food service, customer support or shuttle bus drivers. Another reason is a need for temporary workers when there is a sudden spike in workload or to cover for an employee who is on leave.

Read more of this story at Slashdot.


World's Longest Sea Bridge Opens After 9 Years of Construction

Chinese President Xi Jinping inaugurated China's latest mega-infrastructure project on Tuesday: The world's longest sea crossing. From a report: The 34.2-mile bridge and tunnel that have been almost a decade in the making for the first time connect the semi-autonomous cities of Hong Kong and Macau to the mainland Chinese city of Zhuhai by road. The Hong Kong-Zhuhai-Macau Bridge spans the mouth of the Pearl River and significantly cuts the commuting time between the three cities. The previously four-hour drive between Zhuhai and Hong Kong will now take 45 minutes. One section of the crossing dives underwater into a 4.2 mile tunnel that creates a channel above for large cargo ship containers to pass through. The project came in over budget -- with Hong Kong alone investing $15 billion in it -- and delayed, as it was originally slate to open in 2016.

Read more of this story at Slashdot.


Search Slashdot

Search Slashdot stories

All Computer Programming Related Books

© 2004-2009 info4PHP.com All rights Reserved. Privacy Policy