Ghostcat Bug Impacts All Apache Tomcat Versions Released in the Last 13 Years

Apache Tomcat servers released in the last 13 years are vulnerable to a bug named Ghostcat that can allow hackers to take over unpatched systems. From a report: Discovered by Chinese cybersecurity firm Chaitin Tech, Ghostcat is a flaw in the Tomcat AJP protocol. AJP stands for Apache JServ Protocol and is a performance-optimized version of the HTTP protocol in binary format. Tomcat uses AJP to exchange data with nearby Apache HTTPD web servers or other Tomcat instances. Tomcat’s AJP connector is enabled by default on all Tomcat servers and listens on the server’s port 8009. Chaitin researchers say they discovered a bug in AJP that can be exploited to either read or write files to a Tomcat server.

Read more of this story at Slashdot.

Source: Slashdot

FCC Proposes Hefty Fines To Carriers for Not Protecting Consumer Location Data

The Federal Communications Commission announced Friday that it has proposed fining the nation’s four largest wireless carriers $200 million for selling access to their customers’ location information without taking reasonable measures to protect customers’ real-time location information. From a report: The agency is proposing T-Mobile face a fine of more than $91 million. AT&T will be fined more than $57 million. It’s fining Verizon more than $48 million. And Sprint’s fine will be more than $12 million. FCC Chairman Ajit Pai said the proposed fines have put wireless carriers on notice that they need to do a better job protecting consumers’ privacy. “This FCC will not tolerate phone companies putting Americans’ privacy at risk,” he said in a statement. Still, the amount of the fines is a drop in the bucket for the nation’s carriers. For instance, Verizon reported fourth quarter revenue of $34.78 billion; AT&T reported revenue of $46.82 billion; and T-Mobile reported revenue of $11.88 billion.

Read more of this story at Slashdot.

Source: Slashdot

Microsoft’s Cortana Drops Consumer Skills as it Refocuses on Business Users

With the next version of Windows 10, coming this spring, Microsoft’s Cortana digital assistant will lose a number of consumer skills around music and connected homes, as well as some third-party skills. From a report: That’s very much in line with Microsoft’s new focus for Cortana, but it may still come as a surprise to the dozens of loyal Cortana fans. Microsoft is also turning off Cortana support in its Microsoft Launcher on Android by the end of April and on older versions of Windows that have reached their end-of-service date, which usually comes about 36 months after the original release. As the company explained last year, it now mostly thinks of Cortana as a service for business users. The new Cortana is all about productivity, with deep integrations into Microsoft’s suite of Office tools, for example. In this context, consumer services are only a distraction, and Microsoft is leaving that market to the likes of Amazon and Google .

Read more of this story at Slashdot.

Source: Slashdot

When AI Can’t Replace a Worker, It Watches Them Instead

Whether software that digitizes manual labor makes workers frowny or smiley will come down to how employers choose to use it. From a report: When Tony Huffman stepped away from the production line at the Denso auto part factory in Battle Creek, Michigan, to talk with WIRED earlier this month, the workers he supervised were still being watched — but not by a human. A camera over each station captured workers’ movements as they assembled parts for auto heat-management systems. The video was piped into machine-learning software made by a startup called Drishti, which watched workers’ movements and calculated how long each person took to complete their work. […] Denso’s use of Drishti shows how some jobs will be transformed by artificial intelligence even when they’re unlikely to be eliminated by AI anytime soon. Many jobs in manufacturing require dexterity and resourcefulness, for example, in ways that robots and software still can’t match. But advances in AI and sensors are providing new ways to digitize manual labor. That gives managers new insights — and potentially leverage — on workers.

Some workers say the results are unpleasant. Last year, Amazon warehouse employees in Minnesota staged a walkout to protest how the company uses inventory and worker-tracking technology. They allege that Amazon uses it to enforce a punishing working pace that causes injuries. The company has disputed those claims, saying it coaches employees on how to safely meet quotas. Workers at Denso were initially wary of the prospect of being video-recorded all day to feed machine-learning algorithms, but Huffman says they have since come to appreciate Drishti’s technology. After something goes wrong, workers can now look at the data and video with their managers, instead of having to hope bosses take their account of what happened seriously. Huffman says having a constant readout on productivity also helps managers be more responsive to nascent problems. “If somebody’s struggling, not every associate is going to call for help,” he says. “If we see their cycle time is jumping through the roof, we can go over and say ‘Are you having any issues?'”

Read more of this story at Slashdot.

Source: Slashdot

Telescopes Detect ‘Biggest Explosion Since Big Bang’

Scientists have detected evidence of a colossal explosion in space — five times bigger than anything observed before. Iwastheone shares a report: The huge release of energy is thought to have emanated from a supermassive black hole some 390 million light years from Earth. The eruption is said to have left a giant dent in the Ophiuchus galaxy cluster. Researchers reported their findings [PDF] in The Astrophysical Journal. “I’ve tried to put this explosion into human terms and it’s really, really difficult,” co-author Melanie Johnston-Hollitt told BBC News. “The best I can do is tell you that if this explosion continued to occur over the 240 million years of the outburst — which it probably didn’t, but anyway — it’d be like setting off 20 billion, billion megaton TNT explosions every thousandth of a second for the entire 240 million years. So that’s incomprehensibly big. Huge.”

Read more of this story at Slashdot.

Source: Slashdot

FCC Approves Plan To Pay Satellite Companies To Give Up Airwaves

U.S. regulators approved a plan to pay Intelsat SA and other satellite providers to give up airwaves so they can be redeployed for the fast 5G mobile networks being rolled out. From a report: The Federal Communications Commission on a 3-2 vote Friday approved Chairman Ajit Pai’s plan for as much as $9.7 billion to clear the frequencies, with the money coming from bidders expected to include large telephone companies such as Verizon Communications Inc. The action “will help deliver 5G services to consumers across our country and promote our global leadership,” said Pai. The satellite companies use the spectrum to beam TV and radio programs to stations, but say they can give up part of it while still serving customers on frequencies they retain, in part because they would use new satellites to carry data. The FCC will sell the airwaves at a public auction. Pai earlier proposed that Intelsat get as much as $4.85 billion for clearing airwaves quickly. The FCC in its vote didn’t say if that figure had changed.

Read more of this story at Slashdot.

Source: Slashdot

Google’s Black Box Algorithm Controls Which Political Emails Land in Your Main Inbox

Adrianne Jeffries, Leon Yin, and Surya Mattu, reporting for The Markup: Pete Buttigieg is leading at 63 percent. Andrew Yang came in second at 46 percent. And Elizabeth Warren looks like she’s in trouble with 0 percent. These aren’t poll numbers for the U.S. 2020 Democratic presidential contest. Instead, they reflect which candidates were able to consistently land in Gmail’s primary inbox in a simple test. The Markup set up a new Gmail account to find out how the company filters political email from candidates, think tanks, advocacy groups, and nonprofits. We found that few of the emails we’d signed up to receive — 11 percent — made it to the primary inbox, the first one a user sees when opening Gmail and the one the company says is “for the mail you really, really want.”

Half of all emails landed in a tab called “promotions,” which Gmail says is for “deals, offers, and other marketing emails.” Gmail sent another 40 percent to spam. For political causes and candidates, who get a significant amount of their donations through email, having their messages diverted into less-visible tabs or spam can have profound effects. “The fact that Gmail has so much control over our democracy and what happens and who raises money is frightening,” said Kenneth Pennington, a consultant who worked on Beto O’Rourke’s digital campaign. “It’s scary that if Gmail changes their algorithms,” he added, “they’d have the power to impact our election.”

Read more of this story at Slashdot.

Source: Slashdot

IBM and Microsoft Sign Vatican Pledge For Ethical AI

IBM and Microsoft have signed an “ethical resolution” with the Vatican to develop AI in a way that will protect the planet and the rights of all people [Editor’s note: the link may be paywalled; alternative source]. From a report: The pledge, called the “Rome Call for AI Ethics,” will be presented on Friday morning to Pope Francis by Brad Smith, the president of Microsoft, and John Kelly, IBM’s executive vice-president, as well as Vatican officials and Qu Dongyu, the Chinese director-general of the UN Food and Agriculture Organization. The two US tech companies lead the world in AI development, measured by the number of patents they have amassed. The document calls for AI to safeguard the rights of all humankind, particularly the weak and underprivileged, and for new regulations in fields such as facial recognition. It said that there must be a “duty of explanation” that would show not only how AI algorithms come to their decisions but also what their purpose and objectives are.

Read more of this story at Slashdot.

Source: Slashdot

Cortana pivots away from home automation to focus on productivity

Pictured: a full set of Office 365 icons on the taskbar. Not pictured, for good reason: "Cortana, play Old Town Road."

Enlarge / Pictured: a full set of Office 365 icons on the taskbar. Not pictured, for good reason: “Cortana, play Old Town Road.” (credit: Microsoft)

Today, Microsoft announced a major shift in focus for its personal assistant, Cortana: she’s getting out of the consumer gadget business and focusing on productivity. The new version of Cortana will debut with the next major update to Windows 10, expected to roll out in April.

Microsoft is tightening access to Cortana considerably. First and foremost, no more Cortana use for anyone only using local accounts. Cortana access will only be available to those logged in with school work domain accounts or Microsoft online accounts—Windows 10 users sticking to local accounts only will also be out of luck.

The new Cortana’s focus will be on a productivity-focused chat UI. Users will be able to review or set calendar items and tasks in natural English as well as query or create emails, set alarms and timers, open apps, and find people or files. She’ll also search the Internet for you—using Bing, of course—or offer jokes.

Read 6 remaining paragraphs | Comments

Source: Tech – Ars Technica

Apple Has Blocked Clearview AI’s iPhone App for Violating Its Rules

An iPhone app built by controversial facial recognition startup Clearview AI has been blocked by Apple, effectively banning the app from use. From a report: Apple confirmed to TechCrunch that the startup “violated” the terms of its enterprise program. The app allows its users — which the company claims it serves only law enforcement officers — to use their phone camera or upload a photo to search its database of three billion photos. But BuzzFeed News revealed that the company — which claims to only cater to law enforcement users — also includes many private sector users, including Macy’s, Walmart, and Wells Fargo. Clearview AI has been at the middle of a media — and legal — storm since its public debut in The New York Times last month. The company scrapes public photos from social media sites, drawing ire from the big tech giants which claim Clearview AI misused their services. But it’s also gained attention from hackers. On Wednesday, Clearview AI confirmed a data breach, in which its client list was stolen.

Read more of this story at Slashdot.

Source: Slashdot