Security

Contractors Pose Cyber Risk To Government Agencies (betanews.com) 1

Ian Barker, writing for BetaNews: While US government agencies are continuing to improve their security performance over time, the contractors they employ are failing to meet the same standards according to a new report. The study by security rankings specialist BitSight sampled over 1,200 federal contractors and finds that the security rating for federal agencies was 15 or more points higher than the mean of any contractor sector. It finds more than eight percent of healthcare and wellness contractors have disclosed a data breach since January 2016. Aerospace and defense firms have the next highest breach disclosure rate at 5.6 percent. While government has made a concerted effort to fight botnets in recent months, botnet infections are still prevalent among the government contractor base, particularly for healthcare and manufacturing contractors. The study also shows many contractors are not following best practices for network encryption and email security.
Programming

Who Killed The Junior Developer? (medium.com) 43

Melissa McEwen, writing on Medium: A few months ago I attended an event for women in tech. A lot of the attendees were new developers, graduates from code schools or computer science programs. Almost everyone told me they were having trouble getting their first job. I was lucky. My first "real" job out of college was "Junior Application developer" at Columbia University in 2010. These days it's a rare day to find even a job posting for a junior developer position. People who advertise these positions say they are inundated with resumes. But on the senior level companies complain they can't find good developers. Gee, I wonder why?

I'm not really sure the exact economics of this, because I don't run these companies. But I know what companies have told me: "we don't hire junior developers because we can't afford to have our senior developers mentor them." I've seen the rates for senior developers because I am one and I had project managers that had me allocate time for budgeting purposes. I know the rate is anywhere from $190-$300 an hour. That's what companies believe they are losing on junior devs.

Security

US's Greatest Vulnerability is Ignoring the Cyber Threats From Our Adversaries, Foreign Policy Expert Says (cnbc.com) 40

America's greatest vulnerability is its continued inability to acknowledge the extent of its adversaries' capabilities when it comes to cyber threats, says Ian Bremmer, founder and president of leading political risk firm Eurasia Group. From a report: Speaking to CNBC from the Munich Security Conference on Saturday, the prominent American political scientist emphasized that there should be much more government-level concern and urgency over cyber risk. The adversarial states in question are what U.S. intelligence agencies call the "big four": Russia, China, North Korea, and Iran. "We're vulnerable because we continue to underestimate the capabilities in those countries. WannaCry, from North Korea -- no one in the U.S. cybersecurity services believed the North Koreans could actually do that," Bremmer described, naming the ransomware virus that crippled more than 200,000 computer systems across 150 countries in May of 2017.

Borge Brende, president of the World Economic Forum, weighed in, stressing the economic cost of cyber crimes. "It is very hard to attribute cyberattacks to different actors or countries, but the cost is just unbelievable. Annually more than a thousand billion U.S. dollars are lost for companies or countries due to these attacks and our economy is more and more based on internet and data."

AI

New AI Model Fills in Blank Spots in Photos (nikkei.com) 19

A new technology uses artificial intelligence to generate synthetic images that can pass as real. From a report, shared by a reader (the link may be paywalled): The technology was developed by a team led by Hiroshi Ishikawa, a professor at Japan's Waseda University. It uses convolutional neural networks, a type of deep learning, to predict missing parts of images. The technology could be used in photo-editing apps. It can also be used to generate 3-D images from real 2-D images. The team at first prepared some 8 million images of real landscapes, human faces and other subjects. Using special software, the team generated numerous versions for each image, randomly adding artificial blanks of various shapes, sizes and positions. With all the data, the model took three months to learn how to predict the blanks so that it could fill them in and make the resultant images look identical to the originals. The model's learning algorithm first predicts and fills in blanks. It then evaluates how consistent the added part is with its surroundings.
Android

We've Reached Peak Smartphone (washingtonpost.com) 111

You don't really need a new smartphone. From a column on the Washington Post (may be paywalled): Sure, some of them squeeze more screen into a smaller form. The cameras keep getting better, if you look very close. And you had to live under a rock to miss the hoopla for Apple's 10th-anniversary iPhone X or the Samsung Galaxy S8. Many in the smartphone business were sure this latest crop would bring a "super cycle" of upgrades. But here's the reality: More and more of Americans have decided we don't need to upgrade every year. Or every other year. We're no longer locked into two-year contracts and phones are way sturdier than they used to be. And the new stuff just isn't that tantalizing even to me, a professional gadget guy. Holding onto our phones is better for our budgets, not to mention the environment. This just means we -- and phone makers -- need to start thinking of them more like cars. We may have reached peak smartphone. Global shipments slipped 0.1 percent in 2017 -- the first ever decline, according to research firm IDC. In the United States, smartphone shipments grew just 1.6 percent, the smallest increase ever. Back in 2015, Americans replaced their phones after 23.6 months, on average, according to research firm Kantar Worldpanel. By the end of 2017, we were holding onto them for 25.3 months.
Facebook

Facebook Plans To Use US Mail To Verify IDs of Election Ad Buyers (reuters.com) 92

Facebook will start using postcards sent by U.S. mail later this year to verify the identities and location of people who want to purchase U.S. election-related advertising on its site, a senior company executive said on Saturday. From a report: The postcard verification is Facebook's latest effort to respond to criticism from lawmakers, security experts and election integrity watchdog groups that it and other social media companies failed to detect and later responded slowly to Russia's use of their platforms to spread divisive political content, including disinformation, during the 2016 U.S. presidential election.
Communications

Google is Making it Easier For 911 To Find You in an Emergency (engadget.com) 43

An anonymous reader shares a report: When you call 911 from a cellphone, your location is typically sent to the call taker by a wireless carrier. But that information isn't always so accurate. Well Google might have a better way of going about it and it tested its system across a few states in December and January, the Wall Street Journal reports. In the states where the tests took place, Google sent location data from a random selection of 911 callers using Android phones straight to the people taking those calls. The test included 50 call centers that cover around 2.4 million people in Texas, Tennessee and Florida, and early reports of the results suggest the system is promising.

One company involved in the test told the Wall Street Journal that for over 80 percent of the 911 calls where Googl's system was used, the tech giant's location data were more accurate than what wireless carriers provided. The company, RapidSOS, also said that while carrier data location estimates had, on average, a radius of around 522 feet, Google's data gave estimates with radii around 121 feet. Google's data also arrived more quickly than carrier data typically did.

Businesses

Silicon Valley Singles Are Giving Up On the Algorithms of Love (washingtonpost.com) 183

The Washington Post: Melissa Hobley, an executive at the dating app OkCupid, hears the complaints about the apps [being unable to find good matches] regularly and thinks they get a bad rap. Silicon Valley workers "are in the business of scalable, quick solutions. And that's not what love is," Hobley said. "You can't hurry love. It's reciprocal. You're not ordering an object. You're not getting a delivery in less than seven minutes." Finding love, she added, takes commitment and energy -- and, yes, time, no matter how inefficiently it's spent.

"You have a whole city obsessed with algorithms and data, and they like to say dating apps aren't solving the problem," Hobley said. "But if a city is male-dominant, if a city is known for 16-hour work days, those are issues that dating apps can't solve." One thing distinguishes the Silicon Valley dating pool: The men-to-women ratio for employed, young singles in the San Jose metro area is higher than in any other major area. There were about 150 men for every 100 women, compared with about 125 to 100 nationwide, of never-married young people between 25 and 34 in San Jose, U.S. Census Bureau data from 2016 shows. That ratio permeates the economy here, all the way to the valley's biggest employers, which have struggled for years to bring more women into their ranks. Men make up about 70% of the workforces of Apple, Facebook and Google parent Alphabet, company filings show.

AI

Deep Neural Networks for Bot Detection (arxiv.org) 35

From a research paper on Arxiv: The problem of detecting bots, automated social media accounts governed by software but disguising as human users, has strong implications. For example, bots have been used to sway political elections by distorting online discourse, to manipulate the stock market, or to push anti-vaccine conspiracy theories that caused health epidemics. Most techniques proposed to date detect bots at the account level, by processing large amount of social media posts, and leveraging information from network structure, temporal dynamics, sentiment analysis, etc. In this paper [PDF], we propose a deep neural network based on contextual long short-term memory (LSTM) architecture that exploits both content and metadata to detect bots at the tweet level: contextual features are extracted from user metadata and fed as auxiliary input to LSTM deep nets processing the tweet text.
Privacy

Facebook Admits SMS Notifications Sent Using Two-Factor Number Was Caused by Bug (theverge.com) 43

Facebook has clarified the situation around SMS notifications sent using the company's two-factor authentication (2FA) system, admitting that the messages were indeed caused by a bug. From a report: In a blog post penned by Facebook Chief Security Officer Alex Stamos, the company says the error led it to "send non-security-related SMS notifications to these phone numbers." Facebook uses the automated number 362-65, or "FBOOK," as its two-factor authentication number, which is a secure way of confirming a user's identity by sending a numeric code to a secondary device like a mobile phone. That same number ended up sending users Facebook notifications without their consent. When users would attempt to get the SMS notifications to stop, the replies were posted to their own Facebook profiles as status updates.
Businesses

Most Cities Would Welcome a Tech Billionaire, But Peter Thiel? (bloomberg.com) 212

Sarah McBride, writing for Bloomberg: Tech billionaire Peter Thiel is moving to Los Angeles from San Francisco, adding another dose of legitimacy to a burgeoning startup scene in Southern California -- along with some controversy. The co-founder of PayPal and an early investor in Facebook, Thiel runs Founders Fund, one of the more-respected venture capital firms in Silicon Valley. He comes with a little baggage, though, including his staunch support for President Donald Trump, his secretive funding of the legal battle between Hulk Hogan and Gawker.com, and comments some people say have been derogatory toward women. "I'm not sure why Peter Thiel believes he'll receive a warmer reception on the L.A. tech scene than he's had in Silicon Valley," said Tracy DiNunzio, chief executive officer of Tradesy, a fashion-reselling company based in Santa Monica, California. "Our venture and startup ecosystem is fairly left-leaning."
China

How Does Chinese Tech Stack Up Against American Tech? 140

The Economist: China's tech leaders love visiting California, and invest there, but are no longer awed by it [Editor's note: the link may be paywalled]. By market value the Middle Kingdom's giants, Alibaba and Tencent, are in the same league as Alphabet and Facebook. New stars may float their shares in 2018-19, including Didi Chuxing (taxi rides), Ant Financial (payments) and Lufax (wealth management). China's e-commerce sales are double America's and the Chinese send 11 times more money by mobile phones than Americans, who still scribble cheques.

The venture-capital (VC) industry is booming. American visitors return from Beijing, Hangzhou and Shenzhen blown away by the entrepreneurial work ethic. Last year the government decreed that China would lead globally in artificial intelligence (AI) by 2030. The plan covers a startlingly vast range of activities, including developing smart cities and autonomous cars and setting global tech standards. Like Japanese industry in the 1960s, private Chinese firms take this "administrative guidance" seriously.
Microsoft

LinkedIn Users Will Soon Know What Jobs Pay Before Applying for Them (adweek.com) 56

LinkedIn just introduced a way to help its members avoid going through the interview process for jobs with salaries that do not meet their expectations. From a report: The professional network announced the rollout of Salary Insights, which will add estimated or expected salary ranges to open roles, getting the numbers either through salary ranges provided by employers or estimated ranges from data submitted by members. The feature will launch "in the coming weeks." Salary Insights marks the next step after LinkedIn Salary, which the professional network launched in November 2016 to provide its users with information on salaries, bonuses and equity data for specific job titles, as well as factors that impact those salaries, including experience, industry, company size, location and education level.
Youtube

YouTube Red is Having an Identity Crisis (digiday.com) 40

During an onstage conversation at Recode's Code Media this week, YouTube CEO Susan Wojcicki called YouTube Red a music streaming service -- first time any executive from the company has referred to YouTube Red as foremost a music service. From a report: This differs from comments that other YouTube executives have made in the past, including YouTube's head of global content Susanne Daniels, who last year described YouTube Red as a premium subscription streaming service that offers Hollywood-quality shows and movies.

Launched in October 2015, YouTube Red has always been positioned by YouTube as three services in one: It offers ad-free access to all of YouTube; it's a music streaming service that also gives access to Google Play Music; and it's consistently releasing original movies and TV shows, starring Hollywood talent and homegrown stars that users already subscribe to. Two years later, this has created somewhat of an identity crisis for the streaming service. As Wojcicki said in her interview, she sees YouTube Red as a music service. And she does not expect to spend billions of dollars on content to effectively compete with Netflix, Hulu, Amazon and others.

Education

Learning To Program Is Getting Harder (slashdot.org) 316

theodp writes: While Google suggests that parents and educators are to blame for why kids can't code, Allen Downey, Professor at Olin College argues that learning to program is getting harder . Downey writes: The fundamental problem is that the barrier between using a computer and programming a computer is getting higher. When I got a Commodore 64 (in 1982, I think) this barrier was non-existent. When you turned on the computer, it loaded and ran a software development environment (SDE). In order to do anything, you had to type at least one line of code, even if all it did was another program (like Archon). Since then, three changes have made it incrementally harder for users to become programmers:
1. Computer retailers stopped installing development environments by default. As a result, anyone learning to program has to start by installing an SDE -- and that's a bigger barrier than you might expect. Many users have never installed anything, don't know how to, or might not be allowed to. Installing software is easier now than it used to be, but it is still error prone and can be frustrating. If someone just wants to learn to program, they shouldn't have to learn system administration first.
2. User interfaces shifted from command-line interfaces (CLIs) to graphical user interfaces (GUIs). GUIs are generally easier to use, but they hide information from users about what's really happening. When users really don't need to know, hiding information can be a good thing. The problem is that GUIs hide a lot of information programmers need to know. So when a user decides to become a programmer, they are suddenly confronted with all the information that's been hidden from them. If someone just wants to learn to program, they shouldn't have to learn operating system concepts first.
3. Cloud computing has taken information hiding to a whole new level. People using web applications often have only a vague idea of where their data is stored and what applications they can use to access it. Many users, especially on mobile devices, don't distinguish between operating systems, applications, web browsers, and web applications. When they upload and download data, they are often confused about where is it coming from and where it is going. When they install something, they are often confused about what is being installed where. For someone who grew up with a Commodore 64, learning to program was hard enough. For someone growing up with a cloud-connected mobile device, it is much harder.
theodp continues: So, with the Feds budgeting $200 million a year for K-12 CS at the behest of U.S. tech leaders, can't the tech giants at least put a BASIC on every phone/tablet/laptop for kids?

Slashdot Top Deals