Sep 30

Microsoft today announced that Windows Virtual Desktop has hit worldwide general availability. As a result, you can deploy and scale your Windows desktops and apps on Azure “in minutes,” the company said today. From a report: Think of Windows Virtual Desktop as a tool for deploying and scaling Windows desktops and apps on Azure with built-in security and compliance. The Azure-based service provides a virtualized multi-session Windows 10 experience and Office 365 ProPlus virtual desktop on any device. The Windows Virtual Desktop client is available on Windows, Mac, Android, iOS, and HTML 5. Windows Virtual Desktop also supports Windows Server Remote Desktop Services (RDS) desktops and apps in a shared public cloud. Microsoft announced Windows Virtual Desktop in September 2018, but only in private preview.

Read more of this story at Slashdot.

full article

Sep 30

“In April 2013, I received via U.S. mail more than a gram of pure heroin as part of a scheme to get me arrested for drug possession,” writes security reserch Brian Krebs. “But the plan failed and the Ukrainian mastermind behind it soon after was imprisoned for unrelated cybercrime offenses.

“That individual recently gave his first interview since finishing his jail time here in the states, and he’s shared some select (if often abrasive and coarse) details on how he got into cybercrime and why…
Vovnenko claims he never sent anything and that it was all done by members of his forum… “They sent all sorts of crazy shit. Forty or so guys would send. When I was already doing time, one of the dudes sent it….” In an interview published on the Russian-language security blog Krober.biz, Vovnenko said he began stealing early in life, and by 13 was already getting picked up for petty robberies and thefts… “After watching movies and reading books about hackers, I really wanted to become a sort of virtual bandit who robs banks without leaving home,” Vovnenko recalled…

Around the same time Fly was taking bitcoin donations for a fund to purchase heroin on my behalf, he was also engaged to be married to a nice young woman. But Fly apparently did not fully trust his bride-to-be, so he had malware installed on her system that forwarded him copies of all email that she sent and received. But Fly would make at least two big operational security mistakes in this spying effort: First, he had his fiancée’s messages forwarded to an email account he’d used for plenty of cybercriminal stuff related to his various “Fly” identities. Mistake number two was the password for his email account was the same as one of his cybercrime forum admin accounts. And unbeknownst to him at the time, that forum was hacked, with all email addresses and hashed passwords exposed.

Soon enough, investigators were reading Fly’s email, including the messages forwarded from his wife’s account that had details about their upcoming nuptials, such as shipping addresses for their wedding-related items and the full name of Fly’s fiancée. It didn’t take long to zero in on Fly’s location in Naples. While it may sound unlikely that a guy so immeshed in the cybercrime space could make such rookie security mistakes, I have found that a great many cybercriminals actually have worse operational security than the average Internet user. I suspect this may be because the nature of their activities requires them to create vast numbers of single- or brief-use accounts, and in general they tend to re-use credentials across multiple sites, or else pick very poor passwords — even for critical resources…

Towards the end, Fly says he’s considering going back to school, and that he may even take up information security as a study. I wish him luck in that whatever that endeavor is as long as he can also avoid stealing from people.

Read more of this story at Slashdot.

full article

Sep 28

dryriver shares a report from the BBC: Facebook is creating an immersive environment called Horizon to tempt people into spending more time in virtual reality. The VR app will be a mix of social places where users can mingle and chat, and other areas where they can play games against each other. People will inhabit and explore the virtual spaces via a cartoon avatar. The app will be made available and tested in early 2020, by a small group of Facebook users. Details about Horizon and early footage of the virtual space were shown off at Facebook’s Oculus Connect 6 developer conference this week. Facebook said anyone using Horizon would be able to call on human “guides” to help them navigate and become more familiar with the virtual environment. The guides will not be “moderators” who will police behavior, said Facebook. It added that it would include tools that let people manage how they interact with other users. It will also have options that let people shape and build their own part of the environment. They will also be able to design their own avatars. The entire space has been given a cartoon-like feel as it is intended to be used on Facebook’s Oculus Quest headset, which does not have the high resolution graphics of PC-linked headsets. Sam Machkovech, a reporter for Ars Technica, who has tried Horizon, said Facebook had put “a ton of work” into the version he saw, to make it as welcoming as possible. But he noted that Horizon was “yet another” combination of apps, chat and avatars which Facebook had produced in just a few years. He suggested that it was still searching for a good combination that proved properly tempting to users. “We’re still waiting for Facebook to inspire confidence that it will launch a social-VR app and stick with it for more than two years,” he wrote. Anyone interested in joining Horizon can sign up to be an early tester. You can watch the strange YouTube pre-rendered CGI ad for Facebook Horizon here.

Read more of this story at Slashdot.

full article

Sep 25

At its annual hardware event on Wednesday, Amazon revealed a slew of updates to its virtual assistant, including the ability to add the voice of Samuel L. Jackson. Mashable reports: Amazon is using neural text-to-speech technology to replicate the iconic actor’s voice, instead of having him record canned lines to repeat ad nauseam. The Samuel L. Jackson Alexa personality is launching later this year. Anyone who buys it in 2019 will get it for just $0.99. Humorously, there will be explicit and non-explicit versions of his voice available for use.

Read more of this story at Slashdot.

full article

Sep 25

tearmeapart writes (edited to add more details): Cloudflare is opening up its security and speed-focused mobile VPN service called WARP and WARP Plus to the general public. WARP is a mobile app for Android and Apple to establish a VPN to CloudFlare’s huge global network. Cloudflare is promising:1. No user-identifiable log data to disk;2. No selling browsing data;3. No need to provide any personal information4. Regularly get audited. This is the second time Cloudflare is launching Warp. The VPN builds on Cloudflare’s existing mobile app 1.1.1.1, which encrypts domain name system connections. But Warp goes beyond this protection to encrypt the whole journey from your device to a web server and back — even if the website itself still isn’t offering HTTPS web encryption. And all of this happens quickly, without draining your battery, and without complicated setup. In an interview with Wired, Cloudflare CEO Matthew Prince said: Yeah, what we thought was going to be easy back in April turned out to be a lot harder than we expected. We had been testing this primarily in San Francisco and Austin and London, which is where the teams that were working on this are based. But as soon as users started to get anywhere that didn’t have a fairly reliable internet connection, just all hell broke loose. The report adds: In describing the hurdles Cloudflare faced getting Warp off the ground, John Graham-Cumming, the company’s chief technology officer, and Dane Knecht, its head of product strategy, note that many of the challenges came from dealing with interoperability issues between mobile device models, operating system versions, and different mobile network and Wi-Fi configurations around the world. For example, Warp is built on a newer secure communication protocol for VPNs known as WireGuard, which isn’t ubiquitous yet and therefore isn’t always natively supported by devices. The team also faced challenges dealing with web protocols and standards that are implemented inconsistently across different wireless carriers and internet service providers around the world. Cloudflare’s 1.1.1.1 focuses on encrypting DNS connections specifically, but Warp aims to encompass everything in one protected tunnel. Keeping everything together as data traverses the labyrinth of servers that make up the internet, including Cloudflare’s own massive network, was tough. Warp is free to use without any bandwidth caps or limitations. But Warp Plus, which is being offered through a monthly subscription fee, offers a “faster version of Warp that you can optionally pay for. The fee for Warp Plus varies by region and is designed to approximate what a McDonald’s Big Mac would cost in the region. On iOS, the Warp Plus pricing as of the publication of this post is still being adjusted on a regional basis, but that should settle out in the next couple days. Warp Plus uses Cloudflare’s virtual private backbone, known as Argo, to achieve higher speeds and ensure your connection is encrypted across the long haul of the Internet. We charge for it because it costs us more to provide,” the company said in the blog post.

Read more of this story at Slashdot.

full article

Sep 24

Microsoft is staffing up a new ‘Data Dignity’ team in the Office of the Chief Technology Officer. The team is researching ways to give users more control of their personal data, possibly even one day enabling them to buy and sell it to third-party entities. From a report: Microsoft has run afoul of privacy mavens, especially as a result of its collection of data in the name of telemetry with Windows 10, and more recently, for using human contractors to transcribe Skype conversations. An initiative like Data Dignity could further the company’s quest to make itself look like a champion of users’ privacy (at least in theory). I knew Microsoft had been investigating ways to give users more control of their own data after I unearthed some information about the company’s “Project Bali” earlier this year.

Bali, a Microsoft Research incubation project that seemingly was in private testing as of January, is a “new personal data bank which puts users in control of all data collected about them.” The idea is to give usrs a way to store, visualize, manage, control, share and monetize the data, according to the “About” page for the project, which Microsoft has since hidden. This week, The New York Times ran an interactive feature about Jaron Lanier that is focused on data privacy. Lanier is a virtual-reality pioneer and a chief scientist at Microsoft.

Read more of this story at Slashdot.

full article

Sep 19

An anonymous reader shares a report: Google Assistant, the digital assistant from the global search giant, is available to users through their smartphones, laptops, and smart speakers. Earlier this year, the company partnered with KaiOS to bring Assistant to some feature phones with internet access. Now Google is going a step further: Bringing its virtual assistant to people who have the most basic cellphone with no internet access. It’s starting this program in India. At an event in New Delhi on Thursday, the company announced a 24×7 telephone line that anyone in India on Vodafone and Idea telecom networks (or Vodafone-Idea telecom network; as Vodafone owns Idea) could dial to have their questions answered.

The company said it tested the phone line service with thousands of users across Lucknow and Kanpur before making it generally available. Users will be able to dial 000-800-9191-000 and they won’t be charged for the call or the service. Manuel Bronstein, a VP at Google, said through this program the company is hoping to reach hundreds of millions of users in India who currently don’t have access to smartphones or internet.

Read more of this story at Slashdot.

full article

Sep 18

In the early days of life on Earth, biological organisms were exceedingly simple. They were microscopic unicellular creatures with little to no ability to coordinate. Yet billions of years of evolution through competition and natural selection led to the complex life forms we have today — as well as complex human intelligence. Researchers at OpenAI, the San-Francisco-based for-profit AI research lab, are now testing a hypothesis: if you could mimic that kind of competition in a virtual world, would it also give rise to much more sophisticated artificial intelligence? From a report: The experiment builds on two existing ideas in the field: multi-agent learning, the idea of placing multiple algorithms in competition or coordination to provoke emergent behaviors, and reinforcement learning, the specific machine-learning technique that learns to achieve a goal through trial and error. In a new paper released today, OpenAI has now revealed its initial results. Through playing a simple game of hide and seek hundreds of millions of times, two opposing teams of AI agents developed complex hiding and seeking strategies that involved tool use and collaboration. The research also offers insight into OpenAI’s dominant research strategy: to dramatically scale existing AI techniques to see what properties emerge.

Read more of this story at Slashdot.

full article

Sep 14

80 minutes from now, an asteroid will pass so close to earth that home astronomers will be able to see it, writes Salon. Slashdot reader PolygamousRanchKid shares their report:

Experts say the asteroid, known as Asteroid 2000 QW7, will miss our planet by about 3 million miles — around 14 times the distance between the Earth and the moon. And while that distance is astonishingly close on an astronomical scale, it does not suggest that the asteroid is going to hit Earth — although it has a small chance to strike our planet in the future. The closeness of its pass on Saturday will allow astronomers to hone their measurements of its trajectory, allowing for more accurate calculations of its strike probability in the future.

Gianluca Masi, Scientific Director at The Virtual Telescope, told Salon in a statement that amateur astronomers can view its fly-by, which is at 7:54 pm on the East Coast, but will have to have a telescope with a diameter of at least 250 millimeters. [Heres’ the telescope-positioning coordinates.] Masi said a smaller telescope might work if combined with a sensitive imaging device that can also record its apparent motion across the stars…

NASA released a statement this week to the public to emphasize it is not a threat, noting that it is actually one of two asteroids to pass Earth this weekend. The second asteroid, asteroid 2010 C01, is estimated to be 120 to 260 meters in size (400 to 850 feet).
The first asteroid’s diamter is between 300 and 600 meters — so up to 1968 feet, or a little more than one-third of a mile.

Read more of this story at Slashdot.

full article

Sep 14

DevNull127 shares some of the key findings from The New Stack’s second annual “Open Source Programs in the Enterprise” survey, co-sponsored by VMware and in partnership with The Linux Foundation’s TODO Group: Companies with initiatives to promote open source overwhelmingly say these efforts are improving their companies’ software practices. The results [of the survey] show that proponents of free and open-source software (FOSS) have moved to the next phases of open source adoption, widening its usage within the enterprise while keeping alive the spirit and ethos of non-commercial software communities.

69% are at least sometimes using open-source code in commercial products, with that figure jumping to 83% among technology companies — within three percentage points of the same survey’s results last year. And most (79%) Internet-scale technology companies with more than 10,000 employees already have an open-source management program, which is a slight increase compared to last year. That stability shows that the next big changes in enterprise open source will instead involve its scope and how much enterprises emphasize giving back to the community.

Increased innovation rose to become the most cited benefit of open-source programs. Participants said development speed, technology flexibility, and total cost of ownership are the top three. Lower support costs were also seen as a likely benefit. But open-source programs are also improving how software development is handled. In response to one of our new questions, 81% of respondents say their program has had a positive impact on their company’s software practices. In an open-ended follow-up question, code reviews and license-compliance processes were repeatedly cited as specific practices that were improved as a direct result of the program. Furthermore, code quality and reduced costs were often cited as specific benefits coming from improved software practices. While “quality” is often hard to define, many respondents say newly-instituted code reviews have been a specific positive impact on their company’s software practices. The full dataset can be found here.

Read more of this story at Slashdot.

full article

«     |     ?     |     »