Oggi e' 09.12.2016
Sei qui: Home arrow Slashdot
Slashdot
Slashdot
News for nerds, stuff that matters

Slashdot
  • Zeus Variant 'Floki Bot' Targets PoS Data
    Trailrunner7 quotes a report from On the Wire: Malware gangs, like sad wedding bands bands, love to play the hits. And one of the hits they keep running back over and over is the Zeus banking Trojan, which has been in use for many years in a number of different forms. Researchers have unearthed a new piece of malware called Floki Bot that is based on the venerable Zeus source code and is being used to infect point-of-sale systems, among other targets. Flashpoint conducted the analysis of Floki Bot with Cisco's Talos research team, and the two organizations said that the author behind the bot maintains a presence on a number of different underground forums, some of which are in Russian or other non-native languages for him. Kremez said that attackers sometimes will participate in foreign language forums as a way to expand their knowledge. Along with its PoS infection capability, Floki Bot also has a feature that allows it to use the Tor network to communicate. "During our analysis of Floki Bot, Talos identified modifications that had been made to the dropper mechanism present in the leaked Zeus source code in an attempt to make Floki Bot more difficult to detect. Talos also observed the introduction of new code that allows Floki Bot to make use of the Tor network. However, this functionality does not appear to be active for the time being," Cisco's Talos team said in its analysis.

    Read more of this story at Slashdot.



  • Google Now Lets Developers Write Apps For the Assistant On Google Home
    Google today announced it will open up Home to third-party developers, allowing all developers to start bringing their applications and services to the Google Assistant. Developers can start building "conversation actions" for the Google Assistant, which "allows developers to create back-and-forth conversations with users through the Assistant," writes Frederic Lardinois via TechCrunch. "Users can simply start these conversations by using a phrase like 'OK Google, talk to Eliza.'" TechCrunch reports: While the Assistant also runs on the Pixel phones and inside the Allo chat app, Google says it plans to bring actions to these other "Assistant surfaces" in the future, but it's unclear when exactly this will happen. To help developers who want to build these new Conversation Actions get started, Google has teamed up with a number of partners, including API.AI, GupShup, DashBot and VoiceLabs, Assist, Notify.IO, Witlingo and Spoken Layer. Google has also allowed a small number of partners to enable their apps on Google Home already. These integrations will roll out as early as next week. Given that users will be able to invoke these new actions with a simple command (and without having to first enable a skill, like on Alexa), Google's platform looks to be a rather accessible and low-friction way for developers to get their voice-enabled services to users. Google will have the final say over which actions will be enabled on Google Home.

    Read more of this story at Slashdot.



  • US Life Expectancy Declines For the First Time Since 1993
    An anonymous reader quotes a report from Washington Post: For the first time in more than two decades, life expectancy for Americans declined last year (Warning: may be paywalled; alternate source) -- a troubling development linked to a panoply of worsening health problems in the United States. Rising fatalities from heart disease and stroke, diabetes, drug overdoses, accidents and other conditions caused the lower life expectancy revealed in a report released Thursday by the National Center for Health Statistics. In all, death rates rose for eight of the top 10 leading causes of death. The new report raises the possibility that major illnesses may be eroding prospects for an even wider group of Americans. Its findings show increases in "virtually every cause of death. It's all ages," said David Weir, director of the health and retirement study at the Institute for Social Research at the University of Michigan. Over the past five years, he noted, improvements in death rates were among the smallest of the past four decades. "There's this just across-the-board [phenomenon] of not doing very well in the United States." Overall, life expectancy fell by one-tenth of a year, from 78.9 in 2014 to 78.8 in 2015, according to the latest data. The last time U.S. life expectancy at birth declined was in 1993, when it dropped from 75.6 to 75.4, according to World Bank data. The overall death rate rose 1.2 percent in 2015, its first uptick since 1999. More than 2.7 million people died, about 45 percent of them from heart disease or cancer.

    Read more of this story at Slashdot.



  • US Presidential Election Was Most 'Talked About' Topic In 2016, Says Facebook
    What may come as no surprise to Facebook users, the social media company announced in a blog post that the U.S. presidential election was the most "talked about" topic on Facebook in 2016. Phys.Org highlights the other most-discussed topics in its report: The bitterly contested election in which Donald Trump defeated Hillary Clinton was ranked as the leading issue, followed by Brazil's political developments which included the impeachment of president Dilma Rousseff, Facebook said in a blog post. On the lighter side at number three was the runaway success of Pokemon Go, the location-based augmented reality game for smartphone users. Other subject matters shared among Facebook's 1.79 billion users were more sober, with the fourth leading topic the "Black Lives Matter" movement, followed by the election in the Philippines of Rodrigo Duterte. Number six on the list was the Olympic games, followed by Brexit, the Super Bowl and the deaths of rock star David Bowie and boxing icon Muhammad Ali. Facebook said it measured leading topics by how frequently an issue was mentioned in posts made between January 1 and November 27.

    Read more of this story at Slashdot.



  • Transportation Department Proposes Allowing In-Flight Phone Calls
    Yesterday, France's Le Monde newspaper issued a report, citing documents from NSA whistleblower Edward Snowden, that says American and British spies have since 2005 been working on intercepting phone calls and data transfers made from aircraft. Assuming the report is accurate, national security agencies may soon have their hands full if a new proposal by the Department of Transportation becomes official, which would allow each airline to decide whether its passengers will be permitted to make in-flight phone calls using the aircraft's onboard Wi-Fi system. ABC News reports: The Department of Transportation's proposal leaves it up to airlines whether to allow the calls. But carriers would be required to inform passengers at the time they purchase a ticket if the calls are allowed. That would give passengers the opportunity to make other travel arrangements if they don't want to risk the possibility of sitting near passengers making phone calls. The Federal Communications Commission prohibits using mobile phones to make calls during flights, but not Wi-Fi calls. There is a minimum 60-day comment period and the proposal leaves the door open to an outright ban. The Wall Street Journal first reported on the proposal.

    Read more of this story at Slashdot.



  • Yik Yak Lays Off 60 Percent of Employees As Growth Collapses
    An anonymous reader quotes a report from The Verge: Yik Yak has laid off 60 percent of employees amid a downturn in the app's growth prospects, The Verge has learned. The three-year-old anonymous social network has raised $73.5 million from top-tier investors on the promise that its young, college-age network of users could one day build a company to rival Facebook. But the challenge of growing its community while moving gradually away from anonymity has so far proven to be more than the company could muster. Employees who were affected were informed of the layoffs Thursday morning, sources told The Verge. Yik Yak employed about 50 people, and now only about 20 remain, the company said. The community, marketing, design, and product teams were all deeply affected, one source said. Atlanta-based Yik Yak was founded in 2014 by Furman University students Tyler Droll and Brooks Buffington. The app updated the concept of dorm newsletters for the mobile era, letting anyone post comments about school, their campus, or life in general. The fact that comments were anonymous initially helped the app grow, as it encouraged more candid forms of sharing than students might otherwise post on Facebook or Instagram.

    Read more of this story at Slashdot.



  • Watchdog Group Claims Smart Toys Are Spying On Kids
    The Center for Digital Democracy has filed a complaint with the Federal Trade Commission warning of security and privacy holes associated with a pair of smart toys designed for children. Mashable reports: "This complaint concerns toys that spy," reads the complaint, which claims the Genesis Toys' My Friend Cayla and i-QUE Intelligent Robot can record and collect private conversations and offer no limitations on the collection and use of personal information. Both toys use voice recognition, internet connectivity and Bluetooth to engage with children in conversational manner and answer questions. The CDD claims they do all of this in wildly insecure and invasive ways. Both My Friend Cayla and i-QUE use Nuance Communications' voice-recognition platform to listen and respond to queries. On the Genesis Toy site, the manufacturer notes that while "most of Cayla's conversational features can be accessed offline," searching for information may require an internet connection. The promotional video for Cayla encourages children to "ask Cayla almost anything." The dolls work in concert with mobile apps. Some questions can be asked directly, but the toys maintain a constant Bluetooth connection to the dolls so they can also react to actions in the app and even appear to identify objects the child taps on on screen. While some of the questions children ask the dolls are apparently recorded and sent to Nuance's servers for parsing, it's unclear how much of the information is personal in nature. The Genesis Privacy Policy promises to anonymize information. The CDD also claims, however, that My Friend Cayla and i-Que employ Bluetooth in the least secure way possible. Instead of requiring a PIN code to complete pairing between the toy and a smartphone or iPad, "Cayla and i-Que do not employ... authentication mechanisms to establish a Bluetooth connection between the doll and a smartphone or tablet. The dolls do not implement any other security measure to prevent unauthorized Bluetooth pairing." Without a pairing notification on the toy or any authentication strategy, anyone with a Bluetooth device could connect to the toys' open Bluetooth networks, according to the complaint.

    Read more of this story at Slashdot.