Feed aggregator

No One Knows How Long the US Coastline Is

Slashdot -

How long is the U.S. coastline? It's a straightforward question, and one that's important for scientists and government agencies alike. From a report: The U.S. Geological Survey could give you an answer, too, but I'm going to tell you right now that it's wrong. In fact, no one could give you the right answer, and if you look around, you'll find a number of estimations that differ by seemingly improbable amounts. One government report lists the number as 12,383 miles. The same report admits that a different government agency says the figure is actually 88,612 miles. That's an almost eight-fold disparity for a fact that seems simple to obtain. We all know how to use a ruler, right? Well, we all know how to measure a straight line, but what about a curve? And what if that curve has curves? The crux of the problem comes down to geometry, and the fundamentally uneven nature of coastlines. Though the border between land and sea may look fairly straight when seen from far away, they're anything but. Coastlines jut and dip, curve and cut, and each deviation from a straight line adds distance. Some of these features are massive, like bays, while others are miniscule.

Read more of this story at Slashdot.

[$] Finding Spectre vulnerabilities with smatch

LWN Headlines -

The furor over the Meltdown and Spectre vulnerabilities has calmed a bit — for now, at least — but that does not mean that developers have stopped worrying about them. Spectre variant 1 (the bounds-check bypass vulnerability) has been of particular concern because, while the kernel is thought to contain numerous vulnerable spots, nobody really knows how to find them all. As a result, the defenses that have been developed for variant 1 have only been deployed in a few places. Recently, though, Dan Carpenter has enhanced the smatch tool to enable it to find possibly vulnerable code in the kernel.

Users Don't Want iOS To Merge With MacOS, Apple Chief Tim Cook Says

Slashdot -

Rebutting a widespread speculation, Apple chief executive Tim Cook said the company is not working toward building an operating system that both Macs and iPhones could share. From his interview on Sydney Morning Herald: Later, when I ask about the divide between the Mac and iOS, which seems almost conservative when compared to Microsoft's convertible Windows 10 strategy, Cook gives an interesting response. "We don't believe in sort of watering down one for the other. Both [The Mac and iPad] are incredible. One of the reasons that both of them are incredible is because we pushed them to do what they do well. And if you begin to merge the two ... you begin to make trade offs and compromises. "So maybe the company would be more efficient at the end of the day. But that's not what it's about. You know it's about giving people things that they can then use to help them change the world or express their passion or express their creativity. So this merger thing that some folks are fixated on, I don't think that's what users want." A surprising comment, considering rumours from well-connected reporter Mark Gurman of Bloomberg, who wrote the company is working on a project called "Marzipan", which involves merging the codebase of macOS and iOS apps.

Read more of this story at Slashdot.

The 'Terms and Conditions' Reckoning Is Coming

Slashdot -

Everyone from Uber to PayPal is facing a backlash against their impenetrable legalese. From a report: Personal finance forums online are brimming with complaints from hundreds of PayPal customers who say they've been suspended because they signed up before age 18. PayPal declined to comment on any specific cases, but says it's appropriate to close accounts created by underage people "to ensure our customers have full legal capacity to accept our user agreement." While that may seem "heavy-handed," says Sarah Kenshall, a technology attorney with law firm Burges Salmon, the company is within its rights because the users clicked to agree to the rules -- however difficult the language might be to understand. Websites have long required users to plow through pages of dense legalese to use their services, knowing that few ever give the documents more than a cursory glance. In 2005 security-software provider PC Pitstop LLC promised a $1,000 prize to the first user to spot the offer deep in its terms and conditions; it took four months before the reward was claimed. The incomprehensibility of user agreements is poised to change as tech giants such as Uber Technologies and Facebook confront pushback for mishandling user information, and the European Union prepares to implement new privacy rules called the General Data Protection Regulation, or GDPR. The measure underscores "the requirement for clear and plain language when explaining consent," British Information Commissioner Elizabeth Denham wrote on her blog last year.

Read more of this story at Slashdot.

Kaspersky Lab Banned From Advertising on Twitter Because of Its Alleged Ties With Russian Intelligence Agencies

Slashdot -

An anonymous reader shares a report: Russian cybersecurity company Kaspersky Lab has been banned from advertising on Twitter due to its allegedly close and active ties between the company and Russian intelligence agencies, according to the social network. The ban is the latest blow in an ongoing saga for Kaspersky, which includes two ongoing legal battles with the U.S. government. Eugene Kaspersky, CEO of Kaspersky Lab, took to Twitter on Friday to condemn the ban. A Twitter spokesperson reiterated that the "decision is based on our determination that Kaspersky Lab operates using a business model that inherently conflicts with acceptable Twitter Ads business practices."

Read more of this story at Slashdot.

Democratic Party Files Suit Alleging Russia, the Trump Campaign, and WikiLeaks Conspired To Disrupt the 2016 Election

Slashdot -

The Democratic Party is suing Russia, the Trump campaign and the whistle-blowing website Wikileaks for conspiring to disrupt the 2016 presidential election. From a report: The multi-million-dollar lawsuit filed in Manhattan federal court says that "In the Trump campaign, Russia found a willing and active partner in this effort" to mount "a brazen attack on American Democracy," which included Russian infiltration of the Democratic Party computer network. The Trump campaign, according to the lawsuit, "gleefully welcomed Russia's help." The suit says that "preexisting relationships with Russia and Russian oligarchs" with Trump and Trump associates "provided fertile ground for [the] Russia-Trump conspiracy." The common purpose of the scheme, according to the Democratic National Committee, was to "bolster Trump and denigrate the Democratic Party nominee," Hillary Clinton, while boosting the candidacy of Trump, "whose policies would benefit the Kremlin." Tom Perez, chairman of the Democratic National Committee, said the party's suit "is not partisan, it's patriotic."

Read more of this story at Slashdot.

End of the Landline: BT Aims To Move All UK Customers To VoIP by 2025

Slashdot -

BT aims to move its UK customers to IP telephony by 2025. From a report: BT is shutting its traditional telephone network in the UK, according to an email seen by The Register. The public switched telephone network (PSTN) closure is part of the company's plans to move in a fibre network direction in terms of its infrastructure. All phonecalls will eventually be made over broadband using VoIP systems, which means the company's existing wholesale line rental products, which are reliant on the PSTN, will need to be removed. BT Openreach runs the network used by all but one of the telecoms providers in the UK.

Read more of this story at Slashdot.

AI Can Scour Code To Find Accidentally Public Passwords

Slashdot -

An anonymous reader shares a report: Researchers at software infrastructure firm Pivotal have taught AI to locate this accidentally public sensitive information in a surprising way: By looking at the code as if it were a picture. Since modern artificial intelligence is arguably better than humans at identifying minute differences in images, telling the difference between a password and normal code for a computer is just like recognizing a dog from a cat. The best way to check whether private passwords or sensitive information has been left public today is to use hand-coded rules called "regular expressions." These rules tell a computer to find any string of characters that meets specific criteria, like length and included characters.

Read more of this story at Slashdot.

AI Helps Grow 6 Billion Roaches at China's Largest Breeding Site

Slashdot -

With the help of AI, folks at a Chinese pharmaceutical company are breeding cockroaches by the billions every year, South China Morning Post reports. From a report: Their purpose: To make a "healing potion" that can cure respiratory, gastric and other diseases. The "potion," consumed by over 40 million people in China, is made by crushing the cockroaches once they reach a desired weight and size, according to the publication. There is a "slightly fishy smell" to the potion, which tastes "slightly sweet" and looks like tea, it added. Some insects are known to have potential health benefits. Besides China's cockroach potion, scientists are also exploring how milk-like protein crystals in roaches could be an excellent source of calories and nutrition. Chewing down on bugs like crickets and mealworms can also give us more protein, according to studies.

Read more of this story at Slashdot.

Security updates for Friday

LWN Headlines -

Security updates have been issued by Debian (libreoffice and mysql-5.5), Fedora (corosync), Oracle (java-1.8.0-openjdk), Red Hat (java-1.8.0-openjdk), Scientific Linux (java-1.8.0-openjdk), and Ubuntu (openssl).

CiviCRM Blog: Building the Roparun Team Portal Part 1: Syncing civicrm participants to drupal user records

Drupal Planet -

This is a first blog post about how we build the team portal for Roparun.

But first what is Roparun? The Roparun is a relay race of over 500 kilometres from Paris and Hamburg to Rotterdam, where people in teams, take part in an athletic event to raise money for people with cancer. It’s also called an adventure for life. This is also clear from the motto, which for years has been: ‘Adding life to days, when days often can’t be added to life’.

So each year Roparun organizes this race and around 400 teams participate in the event. The first part of the project was to setup donation functionality and that is working right now.

The next part of the project is to create a new portal for team captains where they can manage their team data, (e.g. name of the team, start location and the individual team members). We have chosen to have this in a separate Drupal website.

In CiviCRM each team captain is registered as a participant to the Roparun event with the role team captain. The team captain can login into the portal as soon as he has been registered as a team captain and till the event is over.

The first part of this project is that we wanted the team captains being able to login and we have created a module called CiviMRF User Sync. This module build on top of the CiviMRF framework.

This user sync module uses the CiviCRM api to create drupal user accounts. See screenshot below for the configuration.

What you can see is that we use a custom api to retrieve the team captains. This custom api returns the email, contact id and the team id of the team captain. We store the e-mail address as the username and at the email field at the user level.

As soon as a new team captain is registered a new user record is created and the team captain receives an e-mail with a link to create a password.

As soon as an existing team captain is removed from CiviCRM the user account is cancelled and the team captain receives an email indicating that his account is disabled.

We have also created a drupal module to store the team id at the drupal user record and use this team id in the view (see https://github.com/CiviCooP/roparun_team_portal)

So the first bit is done, meaning a team captains can log in. The next bit is to build the portal with Drupal Views and Webforms. The building blocks we are going to use for that is CiviMRF Webform, CiviMRF Views and at the CiviCRM site the form-processor. I will keep you posted on the developments of the next steps.

APIArchitectureCase studies and user storiesDrupalExtensionsInterface and designTips

Loud Sound From Fire Alarm System Shuts Down Nasdaq's Scandinavian Data Center

Slashdot -

Catalin Cimpanu, writing for BleepingComputer: A loud sound emitted by a fire alarm system has destroyed the hard drives of a Swedish data center, downing Nasdaq operations across Northern Europe. The incident took place in the early hours of Wednesday, April 19, and was caused by a gas-based fire alarm system that are typically deployed in data centers because of their ability to put out fires without destroying non-burnt equipment. These systems work by releasing inert gas at high speeds, a mechanism usually accompanied by a loud whistle-like sound. With non-calibrated systems, this sound can get very loud, a big no-no in data centers, where loud sounds are known to affect performance, shut down, or even destroy hard drives.

Read more of this story at Slashdot.

AI Researchers Are Making More Than $1 Million, Even at a Nonprofit

Slashdot -

One of the poorest-kept secrets in Silicon Valley has been the huge salaries and bonuses that experts in artificial intelligence can command. Now, a little-noticed tax filing by a research lab called OpenAI has made some of those eye-popping figures public [Editor's note: the link may be paywalled]. From a report: OpenAI paid its top researcher, Ilya Sutskever, more than $1.9 million in 2016. It paid another leading researcher, Ian Goodfellow, more than $800,000 -- even though he was not hired until March of that year. Both were recruited from Google. A third big name in the field, the roboticist Pieter Abbeel, made $425,000, though he did not join until June 2016, after taking a leave from his job as a professor at the University of California, Berkeley. Those figures all include signing bonuses. [...] Salaries for top A.I. researchers have skyrocketed because there are not many people who understand the technology and thousands of companies want to work with it. Element AI, an independent lab in Canada, estimates that 22,000 people worldwide have the skills needed to do serious A.I. research -- about double from a year ago.

Read more of this story at Slashdot.

Sooper Drupal Themes: Drupal 8 Adding Content And Content Types | 8 Days To Drupal 8 | Day 5

Drupal Planet -

We're counting down the days to the official SooperThemes Drupal 8 Release! Count with us as we will be writing a Drupal 8 related blog post every day for the next 8 days.

Drupal 8 content and content types video tutorial

view on sooperthemes.com if you can't see the video

This tutorial is for people who are new to Drupal 8. We'll be showing how to add content to Drupal 8 and how to change or add new content types. Content types are very flexible in Drupal 8 and that's what makes Drupal more powerful than WordPress and other systems for many use cases. 

Drupal 8's Content Overview Page

Just like all Drupal's previous versions this administration page is the central hub where all your content appears in one place. You get there by clicking the Content link in the toolbar. This takes you to an overview of all the pages in your Drupal website. From here you can edit and delete pages using the action links to the far right side of the table. Additionally you can operate on multiple pages at a time using the controls below the Action label.

The content administration page is not just for pages, using the primary tabs you can navigate to administration pages for files and comments. This can be extended by additional moduels that provide custom content entitities using Drupal 8's Entity API. For example on sooperthemes.com we also manage domain licenses and digital downloads on separate tabs, because these are custom entity types.

Adding Content In Drupal 8

Once you're at the content administration page it's easy to see how to add content. You start by clicking the blue button that reads "+ Add content". You'll now see a listing of content types that are available at your Drupal installation and you have to tell Drupal which type of content you would like to create. After choosing a content type you'll be taken to the content form where you get to fill in all the form fields that make up your content type. You'll learn more about these fields in the next section where we discuss adding fields to content types and adding new content types.

Drupal 8 Contact Management Administration Page

Adding Content Types In Drupal 8

The ability to create new content types and choose from a large selection of different field types is what makes Drupal the system of choice for many organisations that manage a lot of content. Companies of all sizes including Tesla, Disney, United Nations, and Qualcomm use Drupal because it's the best solution for managing a large amount of content on the internet.

To manage content types in Drupal 8 click Structure in the toolbar and then click Content Types.  Now you're looking at a listing of content types installed on your website. If you just installed a new Drupal 8 website with the default profile you will see the Article and Basic Page items.  If you installed one of our theme demo profiles or the free Glazed CMS installation profile you'll have a bunch more options. Check out our YouTube video above for a quick tour. 

Once you're at content types overview click the "+Add content type" button to create a new page type. The minimum you can do here is give your content type a name, for example "Special Page, or Forum Topic". There's a number of other options for your consideration when creating a content type:

Option What it's for Description Administrative help text for content type Preview before submitting You can require or offer a preview of the content before submission Explanation or submission guidelines Additional help text for content editors Publishing options 

You can choose whether this content should immediately be published upon saving. More importantly you should also check the "Create new revision" checkbox to ensure that you can compare and revert to older version of the content in case something goes wrong when editing the content. 

The other 2 options "Sticky at top of lists" and "Promoted to the front page" are legacy options that reference different ways in which your content can be prioritized in content listings (called views in Drupal).

Display settings Choose whether to display the author and post date on this content type, which really only makes sense for blog posts or other social content. This should be disabled for most use cases.  Menu settings Selecting menus here enabled content editor to add the content items to menus on your website.

Creating A Jobs Content Type

Let's create an example content type for the new Careers section of our website. We'll need to post job vacancies, so let's call our new content type Jobs. To create a new content type go to Structure > Content Types and click the "+ Add content type".

Here we fill in the name of our content type and disable the options for author information and menu structure. After all we don't want all our job postings to clutter our menu system, you would use the views module to create an overview of available jobs.

Next click the "Save and manage fields" button. Now we're in the content type configuration page and this is where we add the fields that we need on our job vacancies. To see exactly how this works check out the video above!

Building A Content Type For Job Vacancies

Adding Visual Drag And Drop To Your Content Type

Finally we'll show you how to get even more control over the design of your content with Glazed Builder our visual drag and drop builder for Drupal 8 and 7. You can use Glazed Builder on any long-text field in Drupal on any type of entity. To enable Glazed Builder on your content type go to Structure > Content Type > Your Content Type > Manage Display. Here you can select one or more of your text fields (For example the body field) and switch the Format option from Default to Glazed Builder. Take a peak at the end of our youtube video to see the end result!

Google Is 'Pausing' Work On Allo In Favor 'Chat,' An RCS-Based Messaging Standard

Slashdot -

An anonymous reader shares an exclusive report from The Verge about Google's next big fix for Android's messaging mess: Instead of bringing a better app to the table, it's trying to change the rules of the texting game, on a global scale. Google has been quietly corralling every major cellphone carrier on the planet into adopting technology to replace SMS. It's going to be called "Chat," and it's based on a standard called the "Universal Profile for Rich Communication Services." SMS is the default that everybody has to fall back to, and so Google's goal is to make that default texting experience on an Android phone as good as other modern messaging apps. As part of that effort, Google says it's "pausing" work on its most recent entry into the messaging space, Allo. It's the sort of "pause" that involves transferring almost the entire team off the project and putting all its resources into another app, Android Messages. Google won't build the iMessage clone that Android fans have clamored for, but it seems to have cajoled the carriers into doing it for them. In order to have some kind of victory in messaging, Google first had to admit defeat. Some of the new features associated with Chat include read receipts, typing indicators, full-resolution images and video, and group texts. It's important to keep in mind that it's a carrier-based service, not a Google service. It won't be end-to-end encrypted, and it will follow the same legal intercept standards. The new Chat services will be switched on in the near future, but ultimately carriers will dictate exactly when Chat will go live. Also, you may be persuaded to upgrade your data plan since Chat messages will be sent with your data plan instead of your SMS plan.

Read more of this story at Slashdot.

Error'd: Placeholders-a-Plenty

The Daily WTF -

"On my admittedly old and cheap phone, Google Maps seems to have confused the definition of the word 'trip'," writes Ivan.

 

"When you're Gas Networks Ireland, and don't have anything nice to say, I guess you just say lorem ipsum," wrote Gabe.

 

Daniel D. writes, "Google may not know how I got 100 GB, but they seem pretty sure that it's expiring soon."

 

Peter S. wrote, "F1 finally did it. The quantum driver Lastname is driving a Ferrari and chasing him- or herself in Red Bull."

 

Hrish B. writes, "I hope my last name is not an example as well."

 

Peter S. wrote, "Not sure what IEEE wants me to vote for. But I would vote for hiring better coders."

 

"Well, at least they got my name right, half of the time," Peter S. writes.

 

[Advertisement] Forget logs. Next time you're struggling to replicate error, crash and performance issues in your apps - Think Raygun! Installs in minutes. Learn more.

ZTE Exports Ban May Mean No Google Apps, a Death Sentence For Its Smartphones

Slashdot -

New submitter krazy1 shares a report from Ars Technica: The U.S. government is going after another Chinese Android device maker. After shutting down Huawei's carrier deals and retail partners, the government is now pursuing ZTE. The U.S. Department of Commerce has banned U.S. companies from selling parts and software to ZTE for seven years. ZTE was caught violating U.S. sanctions by illegally shipping telecommunications equipment to Iran and North Korea. The company then made things worse by "making false statements and obstructing justice, including through preventing disclosure to and affirmatively misleading the U.S. Government," according to the Department of Commerce. The latest news from Reuters raises even bigger issues for ZTE, though. A source told Reuters that "The Commerce Department decision means ZTE Corp may not be able to use Google's Android operating system in its mobile devices." Android is free and open source and will probably remain free for ZTE to use without Google's involvement. Reuters' source is probably referring to the Google apps, which aren't sold to device makers but are carefully licensed to them in exchange for other concessions. The Google apps package includes popular services like Gmail and Google Maps, and it also unlocks the Play Store, Google Play Services, and the entire Android app ecosystem. For a market-viable Android device, the Play Store is pretty much mandatory in every country other than China. So while ZTE could conceivably source hardware components from non-U.S. sources, being locked out of the Play Store would devastate ZTE's smartphones worldwide.

Read more of this story at Slashdot.

Audit Approved of Facebook Policies, Even After Cambridge Analytica Leak

Slashdot -

Nicholas Confessore reports via The New York Times: An auditing firm responsible for monitoring Facebook for federal regulators told them last year that the company had sufficient privacy protections in place, even after the social media giant lost control of a huge trove of user data that was improperly obtained by the political consulting firm Cambridge Analytica. The assertion, by PwC, came in a report submitted to the Federal Trade Commission in early 2017. The report, a redacted copy of which is available on the commission's website, is one of several periodic reviews of Facebook's compliance with a 2011 federal consent decree, which required Facebook to take wide-ranging steps to prevent the abuse of users' information and to inform them how it was being shared with other companies. The accounting firm, formerly known as PricewaterhouseCoopers, effectively gave Facebook a clean bill of health. "Facebook's privacy controls were operating with sufficient effectiveness to provide reasonable assurance to protect the privacy" of users, said the assessment, which stretched from February 2015 to February 2017. But during that period, Facebook was aware that a researcher based in Britain, Aleksandr Kogan, had provided Cambridge Analytica with private Facebook data from millions of users.

Read more of this story at Slashdot.

Pages

Subscribe to Heydon Consulting aggregator