Apr 04

Digital Trends reports:
IBM’s question-answering Watson A.I. is most famous for whooping the butt of human champions on quiz show Jeopardy. Now, IBM has repurposed its famous creation to help government agencies, health care organizations, and academic institutions around the world cope with the massive overload of questions that citizens have about the COVID-19 pandemic.

This is the first time that Watson has been used to help in a pandemic scenario.

A coronavirus-focused version of the Watson A.I. has been called into service as a virtual agent in places including Arkansas, California, Georgia, New York, and Texas in the United States, as well as the Czech Republic, Greece, Poland, Spain and U.K. It is capable of answering locally relevant questions, ranging from those about coronavirus symptoms and testing specifics to queries on things like social distancing. These consistent and accurate responses can be provided to citizens via voice calls or text chat…
Watson Assistant for Citizens pulls data from a range of external sources — local, national, and international.
Digital Trends got an interesting response from one consultant at IBM Watson Health who’s an expert on digital health for the World Health Organization. “Our team is currently adding responses to psychological questions, by which a virtual nurse can help people to deal with their fears and emotional problems and provide comfort to them in these times.”

Read more of this story at Slashdot.

full article

Apr 04

Zoom is making some much-needed changes to prevent “Zoombombing,” a term used to describe when someone successfully invades a public or private meeting over the videoconferencing platform to broadcast shock videos, pornography, or other disruptive content. The act was recently mentioned on the Department of Justice’s website, warning that users who engage in this sort of video hacking could face fines and possible imprisonment. TechCrunch reports: Starting April 5th, it will require passwords to enter calls via Meeting ID, as these may be guessed or reused. Meanwhile, it will change virtual waiting rooms to be on by default so hosts have to manually admit attendees. […] Zoom CEO Eric Yuan apologized for the security failures this week and vowed changes. But at the time, the company merely said it would default to making screensharing host-only and keeping waiting rooms on for its K-12 education users. Clearly it determined that wasn’t sufficient, so now waiting rooms are on by default for everyone.

Zoom communicated the changes to users via an email sent this afternoon that explains “we’ve chosen to enable passwords on your meetings and turn on Waiting Rooms by default as additional security enhancements to protect your privacy.” The company also explained that “For meetings scheduled moving forward, the meeting password can be found in the invitation. For instant meetings, the password will be displayed in the Zoom client. The password can also be found in the meeting join URL.” Some other precautions users can take include disabling file transfer, screensharing or rejoining by removed attendees.

Read more of this story at Slashdot.

full article

Mar 28

The state of New York hopes to “amplify” its response to COVID-19 by launching tech-driven products with top companies, and it’s looking for professional volunteers with experience in software development, hardware deployment/end-user support, and data science (as well as areas like product management, design, operations management).
Meanwhile, IBM’s 2020 “Call for Code Global Challenge” is a virtual hackathon with a $200,000 prize, and they’ve now “expanded its focus” to include the effects of COVID-19.

Tech columnist Mike Melanson writes:
But this is just the beginning of the COVID-19 hackathon boom, which now includes efforts organized by tech giants, state governments, and grassroots initiatives alike. For example, the World Health Organization got together with technology companies and platforms such as AWS, Facebook, Giphy, Microsoft, Pinterest, Salesforce, Slack, TikTok, Twitter and WeChat to launch the COVID-19 Global Hackathon 1.0, which is running as we speak with a deadline for submissions of March 30th at 9 AM PST. If you’re too late, fret not, for there are many more, such as the CODEVID-19 hackathon we mentioned last week that has a weekly rolling deadline. And deadlines aside, the U.S. Digital Response for COVID-19 is working to pair technology, data, and government professionals with those who need them, in a form of nationwide, technological mutual aid…
[T]he COVID-19 open-source help desk is “a fast-track ’stack overflow’ where you can get answers from the very people who wrote the software that you use or who are experts in its use.” And if you happen to be either an open source author or expert, feel free to pitch in on answering questions…

On the open data side of things, for example, GitHub offers a guide on open collaboration on COVID-19, while StackOverflow looks at the myriad ways to help the fight against COVID-19 from home. ProgrammableWeb has a list of developer hackathons to combat COVID-19, and even the Golang team offers some guidance for Go, the Go community, and the pandemic, with Erlang also joining in.

Read more of this story at Slashdot.

full article

Mar 28

The former editor-in-chief of the Linux Journal just published an annotated version of Zoom’s privacy policy. Searls calls it “creepily chummy with the tracking-based advertising biz (also called adtech).
I’ll narrow my inquiry down to the “Does Zoom sell Personal Data?” section of the privacy policy, which was last updated on March 18. The section runs two paragraphs, and I’ll comment on the second one, starting here:

Zoom does use certain standard advertising tools which require Personal Data …

What they mean by that is adtech. What they’re also saying here is that Zoom is in the advertising business, and in the worst end of it: the one that lives off harvested personal data. What makes this extra creepy is that Zoom is in a position to gather plenty of personal data, some of it very intimate (for example with a shrink talking to a patient) without anyone in the conversation knowing about it. (Unless, of course, they see an ad somewhere that looks like it was informed by a private conversation on Zoom.)

A person whose personal data is being shed on Zoom doesn’t know that’s happening because Zoom doesn’t tell them. There’s no red light, like the one you see when a session is being recorded. If you were in a browser instead of an app, an extension such as Privacy Badger could tell you there are trackers sniffing your ass. And, if your browser is one that cares about privacy, such as Brave, Firefox or Safari, there’s a good chance it would be blocking trackers as well. But in the Zoom app, you can’t tell if or how your personal data is being harvested.

(think, for example, Google Ads and Google Analytics).

There’s no need to think about those, because both are widely known for compromising personal privacy. (See here. And here. Also Brett Frischmann and Evan Selinger’s Re-Engineering Humanity and Shoshana Zuboff’s In the Age of Surveillance Capitalism.)
Zoom claims it needs personal data to “improve” its users “experience” with ads — though Searls isn’t satisfied. (”Nobody goes to Zoom for an ‘advertising experience,’ personalized or not. And nobody wants ads aimed at their eyeballs elsewhere on the Net by third parties using personal information leaked out through Zoom.”) His conclusion?

“What Zoom’s current privacy policy says is worse than ‘You don’t have any privacy here.’ It says, ‘We expose your virtual necks to data vampires who can do what they will with it.’”

Read more of this story at Slashdot.

full article

Mar 27

An anonymous reader quotes a report from Bloomberg: With so many people working remotely because of the coronavirus, surveillance software is flying off the virtual shelves. “Companies have been scrambling,” said Brad Miller, CEO of surveillance-software maker InterGuard. “They’re trying to allow their employees to work from home but trying to maintain a level of security and productivity.” Along with InterGuard, software makers include Time Doctor, Teramind, VeriClock, innerActiv, ActivTrak and Hubstaff. All provide a combination of screen monitoring and productivity metrics, such as number of emails sent, to reassure managers that their charges are doing their jobs.

ActivTrak’s inbound requests have tripled in recent weeks, according to CEO Rita Selvaggi. Teramind has seen a similar increase, said Eli Sutton, vice president of global operations. Jim Mazotas, innerActive’s founder, said phones have been ringing off the hook. Managers using InterGuard’s software can be notified if an employee does a combination of worrisome behaviors, such as printing both a confidential client list and a resume, an indication that someone is quitting and taking their book of business with them. “It’s not because of lack of trust,” Miller said, who compared the software to banks using security cameras. “It’s because it’s imprudent not to do it.” The software can also be a way for employers to grant more flexibility to workers to fit their jobs around other parts of their lives. It may also let managers spot areas that are overstaffed or where they may need additional hands. Sutton from software maker Teramind says employers worried about workers’ every moves might have a bigger issue to deal with. “It’s not about spying on the user,” Sutton said. “If you hired them, you should trust them. If you don’t, they have no reason to be part of the organization.”

Have you been required to use surveillance software while working from home? If so, which software is your employer using?

Read more of this story at Slashdot.

full article

Mar 27

An anonymous reader quotes a report from Bleeping Computer: A currently unpatched security vulnerability affecting iOS 13.3.1 or later prevents virtual private network (VPNs) from encrypting all traffic and can lead to some Internet connections bypassing VPN encryption to expose users’ data or leak their IP addresses. While connections made after connecting to a VPN on your iOS device are not affected by this bug, all previously established connections will remain outside the VPN’s secure tunnel as ProtonVPN disclosed.

The bug is due to Apple’s iOS not terminating all existing Internet connections when the user connects to a VPN and having them automatically reconnect to the destination servers after the VPN tunnel is established. “Most connections are short-lived and will eventually be re-established through the VPN tunnel on their own,” ProtonVPN explains. “However, some are long-lasting and can remain open for minutes to hours outside the VPN tunnel.” During the time the connections are outside of the VPN secure communication channels, this issue can lead to serious consequences. For instance, user data could be exposed to third parties if the connections are not encrypted themselves, and IP address leaks could potentially reveal the users’ location or expose them and destination servers to attacks. Until Apple provides a fix, the company recommends using Always-on VPN to mitigate this problem. “However, since this workaround uses device management, it cannot be used to mitigate the vulnerability for third-party VPN apps such as ProtonVPN,” the report adds.

Read more of this story at Slashdot.

full article

Mar 23

For many, the cancellation of major sporting events was the moment that made the coronavirus pandemic feel real for the first time. But while fans of baseball, basketball, soccer are left wondering when they’ll see players back in action, racing fans don’t have to wait — because many of their favorite drivers are already competing in online sim racing competitions that were spun up in the days since the first real world races were canceled. From a report: The first few of these substitute sim races, held last weekend, were successful in ways that surprised even the organizers. Now, many of the people who put them on have spent the intervening week trying to figure out how to use that momentum to fill the gap left by real world racing, as fans around the world hole up at home in a collective attempt to slow the spread of a global virus. It likely won’t be that difficult, though. The success of these first few replacement races was a testament to how far sim racing has come during the rise of esports, but it also sheds light on a truth that a lot of motorsports fans have become familiar with: that a new age of competitive, virtual motorsports is already upon us.

Read more of this story at Slashdot.

full article

Mar 22

This week Politico published predictions from 34 “big thinkers” about what the future will be like after the coronavirus pandemic. (An associate professor of government and politics at the University of Maryland argues that “The Reagan era is over. The widely accepted idea that government is inherently bad won’t persist after coronavirus.”)

Others predict a future with voting from mobile devices (and possibly higher voter turnout), and one author even predicts a society that accepts “restraints on mass consumer culture as a reasonable price to pay to defend ourselves against future contagions and climate disasters alike.”

But several also predict the rise of telemedicine, including the editor-in-chief of Reason, who also argues that the epidemic “will sweep away many of the artificial barriers to moving more of our lives online.”

The resistance — led by teachers’ unions and the politicians beholden to them — to allowing partial homeschooling or online learning for K-12 kids has been swept away by necessity. It will be near-impossible to put that genie back in the bottle in the fall, with many families finding that they prefer full or partial homeschooling or online homework. For many college students, returning to an expensive dorm room on a depopulated campus will not be appealing, forcing massive changes in a sector that has been ripe for innovation for a long time.
And while not every job can be done remotely, many people are learning that the difference between having to put on a tie and commute for an hour or working efficiently at home was always just the ability to download one or two apps plus permission from their boss. Once companies sort out their remote work dance steps, it will be harder — and more expensive — to deny employees those options. In other words, it turns out, an awful lot of meetings (and doctors’ appointments and classes) really could have been an email. And now they will be.

Not everyone agrees. Author Sonia Shah argues that “The hype around online education will be abandoned, as a generation of young people forced into seclusion will reshape the culture around a contrarian appreciation for communal life.”
But the president of Vassar College even wonders if the pandemic will be a boon to virtual reality, hoping for a program that helps self-isolated people socialize. “Imagine putting on glasses, and suddenly you are in a classroom or another communal setting, or even a positive psychology intervention.”

Read more of this story at Slashdot.

full article

Mar 21

“The dramatic expansion of teleworking by U.S. schools, businesses and government agencies in response to the coronavirus is raising fresh questions about the capacity and security of the tools many Americans use to connect to vital workplace systems and data,” reports CNN:

As of last week the Air Force’s virtual private networking software could only support 72,000 people at once, according to a federal contractor who was also not authorized to speak on the record, and telework briefing materials viewed by CNN. The Air Force employs over 145,000 in-house civilian workers, and over 130,000 full-time contractors.

As they increasingly log on from home, Americans are having to meld their personal technology with professional tools at unprecedented scale. For employers, the concern isn’t just about capacity, but also about workers introducing new potential vulnerabilities into their routine — whether that’s weak passwords on personal computers, poorly secured home WiFi routers, or a family member’s device passing along a computer virus.
Long-time Slashdot reader Lauren Weinstein also worries about a world where “doctors switch to heavy use of video office visits, and in general more critical information than ever is suddenly being thrust onto the Internet…”
For example, the U.S. federal government is suspending key aspects of medical privacy laws to permit use of “telemedicine” via commercial services that have never been certified to be in compliance with the strict security and privacy rules associated with HIPAA (Health Insurance Portability and Accountability Act).
The rush to provide more remote access to medical professionals is understandable, but we must also understand the risks of data breaches that once having occurred can never be reversed.

Read more of this story at Slashdot.

full article

Mar 20

The 2020 spring edition of the Pwn2Own hacking contest has come to a close today. This year’s winner is Team Fluoroacetate — made up of security researchers Amat Cama and Richard Zhu — who won the contest after accumulating nine points across the two-day competition, which was just enough to extend their dominance and win their fourth tournament in a row. From a report: But this year’s edition was a notable event for another reason. While the spring edition of the Pwn2Own hacking contest takes place at the CanSecWest cyber-security conference, held each spring in Vancouver, Canada, this year was different. Due to the ongoing coronavirus (COVID-19) outbreak and travel restrictions imposed in many countries around the globe, many security researchers couldn’t attend or weren’t willing to travel to Vancouver and potentially put their health at risk. Instead, this year’s Pwn2Own edition has become the first-ever hacking contest that has been hosted in a virtual setting. Participants sent exploits to Pwn2Own organizers in advance, who ran the code during a live stream with all participants present. During the competition’s two-day schedule, six teams managed to hack apps and operating systems like Windows, macOS, Ubuntu, Safari, Adobe Reader, and Oracle VirtualBox. All bugs exploited during the contest were immediately reported to their respective companies.

Read more of this story at Slashdot.

full article

«     |     ?     |     »