Feed aggregator

Acquia Lightning Blog: Experimental module warnings and Lightning

Drupal Planet -

Experimental module warnings and Lightning Adam Balsam Sat, 05/20/2017 - 20:28

Lightning has used the Layout Plugin module since before our first beta release. Starting in Drupal 8.3.0, the functionality provided by the Layout Plugin module was largely duplicated in Layout Discovery and released as part of the Core Experimental group. Lightning migrated to Layout Discovery in 2.1.1.

The Lightning team feels like it's a win anytime we can migrate from contrib to core. But another advantage of this is that since Layout Discovery is in Core, security issues can be filed against it in the Core security issue queue which is monitored by the Security Team. Layout Plugin, being alpha, didn't have a security issue queue.

Technically, Layout Discovery is an Experimental core module though. And the new Status Report page warns users if any Experimental modules are enabled. As a result users of Lightning are presented with this unhelpful message when they visit /admin/reports/status:

 

The problem is, this message isn't actionable. Lightning made the decision to enable it. The only way to disable it would be to completely opt out of all of Lightning's Layout functionality.

To be clear, the Lightning team feels that the Layout Discovery module is certainly stable enough to run predictably and reliably on production websites. This warning from core is supposed to indicate that the underlying API might change or that it might ultimately be removed from the core package. Under either of those circumstances, Lightning would provide a migration script or otherwise support users.

We feel that warning a user after they (or their site builder) has made the decision to use an experimental module is in-actionable nagging. We support warning site builders when installing an experimental module, but not constantly reminding them of that decision.

Starting in 2.1.4, Lightning will include a core patch that removes the warnings for experimental modules on the status page. The patch does not affect the existing warning that is shown during installation of experimental modules.

There are two other "nagging" warnings that Lightning will remove in 2.1.4. Specifically, it will stop warning the user if:

Related, there is also a larger discussion around what the requirements should be for reporting on the status page. Discuss!

Summary of new patches related to reporting that will be included in 2.1.4:
  • Remove scary 'experimental module' messages from appearing everywhere on the site (#2880374)
  • Config sync should not throw a warning when not being writable (#2880445)
  • Disable warning about update notifications (#2869592)

New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two

Slashdot -

An anonymous reader writes: Researchers have detected a new worm that is spreading via SMB, but unlike the worm component of the WannaCry ransomware, this one is using seven NSA tools instead of two. Named EternalRocks, the worm seems to be in a phase where it is infecting victims and building its botnet, but not delivering any malware payload. EternalRocks is far more complex than WannaCry's SMB worm. For starters, it uses a delayed installation process that waits 24 hours before completing the install, as a way to evade sandbox environments. Further, the worm also uses the exact same filenames as WannaCry in an attempt to fool researchers of its true origin, a reason why the worm has evaded researchers almost all week, despite the attention WannaCry payloads have received. Last but not least, the worm does not have a killswitch domain, which means the worm can't be stopped unless its author desires so. Because of the way it was designed, it is trivial for the worm's owner to deliver any type of malware to any of the infected computers. Unfortunately, because of the way he used the DOUBLEPULSAR implant, one of the seven NSA hacking tools, other attackers can hijack its botnet and deliver their own malware as well. IOCs are available in a GitHub repo. Ars Technica quotes security researchers who say "there are at least three different groups that have been leveraging the NSA exploit to infect enterprise networks since late April... These attacks demonstrate that many endpoints may still be compromised despite having installed the latest security patch."

Read more of this story at Slashdot.

EU Passes 'Content Portability' Rules Banning Geofencing

Slashdot -

Long-time Slashdot reader AmiMoJo writes: The European Parliament has passed draft rules mandating 'content portability', i.e. the ability to take your purchased content and services across borders within the EU. Freedom of movement rules, which allow EU citizens to live and work anywhere in the EU, require that the individual is able to take their life with them -- family, property, and services. Under the new rules, someone who pays for Netflix or BBC iPlayer and then moves to another EU country will retain access to those services and the same content they had previously. Separately, rules to prevent geofencing of content within the EU entirely are also moving forward.

Read more of this story at Slashdot.

Groups War Over Resources For DDoS Attacks

Slashdot -

An anonymous reader quotes CSO: As more groups get into the denial-of-service attack business they're starting to get in each other's way, according to a report released Thursday... There are only so many devices around that have the kind of vulnerabilities that make them potential targets for a botnet. That translates into a smaller average attack size, said Martin McKeay, senior security advocate at Cambridge, Mass.-based Akamai Technologies Inc. There are only so many devices around that have the kind of vulnerabilities that make them potential targets for a botnet. "And other people can come in and take over the device, and take those resources to feed their own botnet," he said. "I'm seeing that over and over." The article reports a median size for DDoS attacks of 4 gigabits per second at the start of 2015 -- which droped in the first quarter of 2017 down to 500 megabits per second.

Read more of this story at Slashdot.

Stealing Windows Credentials Using Google Chrome

Slashdot -

Orome1 writes: A default setting in Google Chrome, which allows it to download files that it deems safe without prompting the user for a download location, can be exploited by attackers to mount a Windows credential theft attack using specially-crafted SCF shortcut files, DefenseCode researchers have found. What's more, for the attack to work, the victim does not even have to run the automatically downloaded file. Simply opening the download directory in Windows File Explorer will trigger the code icon file location inserted in the file to run, and it will send the victim's username, domain and NTLMv2 password hash to a remote SMB server operated by the attackers.

Read more of this story at Slashdot.

Is Russia Conducting A Social Media War On America?

Slashdot -

An anonymous reader writes: Time magazine ran a cover story about "a dangerous new route for antidemocratic forces" -- social media. "Using these technologies, it is possible to undermine democratic government, and it's becoming easier every day," says Rand Waltzman of the Rand Corp., who ran a major Pentagon research program to understand the propaganda threats posed by social media technology." The article cites current and former FBI and CIA officials who now believe Russia's phishing emails against politicians were "just the most visible battle in an ongoing information war against global democracy." They cite, for example, a March report by U.S. counterintelligence which found "Russians had sent expertly tailored messages carrying malware to more than 10,000 Twitter users in the Defense Department." Each message contained links tailored to the interests of the recipient, but "When clicked, the links took users to a Russian-controlled server that downloaded a program allowing Moscow's hackers to take control of the victim's phone or computer -- and Twitter account... "In 2016, Russia had used thousands of covert human agents and robot computer programs to spread disinformation referencing the stolen campaign emails of Hillary Clinton, amplifying their effect. Now counterintelligence officials wondered: What chaos could Moscow unleash with thousands of Twitter handles that spoke in real time with the authority of the armed forces of the United States?" The article also notes how algorithms now can identify hot-button issues and people susceptible to suggestion, so "Propagandists can then manually craft messages to influence them, deploying covert provocateurs, either humans or automated computer programs known as bots, in hopes of altering their behavior. That is what Moscow is doing, more than a dozen senior intelligence officials and others investigating Russia's influence operations tell Time." The article describes a Russian soldier in the Ukraine pretending to be a 42-year-old American housewife. Meanwhile, this week Time's cover shows America's White House halfway-covered with Kremlin-esque spires -- drawing a complaint from the humorists at Mad magazine, who say Time copied the cover of Mad's December issue.

Read more of this story at Slashdot.

Aftermath From The Net Neutrality Vote: A Mass Movement To Protect The Open Internet?

Slashdot -

After Thursday's net neutrality vote, two security guards pinned a reporter against a wall until FCC Commissioner Michael O'Rielly had left the room, the Los Angeles Times reports. The Writers Guild of America calls the FCC's 2-to-1 vote to initiate a repeal of net neutrality rules a "war on the open internet," according to The Guardian. But the newspaper now predicts that online activists will continue their massive campaign "as the month's long process of reviewing the rules begins." The Hill points out that Mozilla is already hiring a high-profile tech lobbyist to press for both cybersecurity and an open internet, and in a blog post earlier this week the Mozilla Foundation's executive director sees a larger movement emerging from the engagement of millions of internet users. Today's support for net neutrality isn't the start of the Internet health movement. People have been standing up for an open web since its inception -- by advocating for browser choice, for open source practices, for mass surveillance reform. But net neutrality is an opportunity to propel this movement into the mainstream... If we make Internet health a mainstream issue, we can cement the web as a public resource. If we don't, mass surveillance, exclusion and insecurity can creep into every aspect of society. Hospitals held hostage by rogue hackers can become the status quo. Meanwhile, The Guardian reports that it's not till the end of the FCC's review process that "a final FCC vote will decide the future of internet regulation," adding that however they vote, "court challenges are inevitable."

Read more of this story at Slashdot.

New Evidence of a Decline In Electricity Use By U.S. Households

Slashdot -

There's some surprising news from the Energy Institute at the University of California's business school. America's households are using less electricity than they did five years ago. So what is different? Energy-efficient lighting. Over 450 million LEDs have been installed to date in the United States, up from less than half a million in 2009, and nearly 70% of Americans have purchased at least one LED bulb. Compact fluorescent lightbulbs (CFLs) are even more common, with 70%+ of households owning some CFLs. All told, energy-efficient lighting now accounts for 80% of all U.S. lighting sales. It is no surprise that LEDs have become so popular. LED prices have fallen 94% since 2008, and a 60-watt equivalent LED lightbulb can now be purchased for about $2. LEDs use 85% less electricity than incandescent bulbs, are much more durable, and work in a wide-range of indoor and outdoor settings. "I would add LED TVs replacing LCD, Plasma and CRTs," writes Slashdot reader schwit1.

Read more of this story at Slashdot.

Delta Airlines Tests Facial Recognition To Speed Up Baggage Check-In

Slashdot -

Would you let Delta airlines scan your face if it meant you could skip the line to check-in your baggage? An anonymous reader quotes CNN: Delta is testing a face-scanning kiosk for baggage check... It uses facial recognition technology to match your identity to your passport photo. You tag your own bags, pay the fee and drop your luggage on a conveyor belt... Delta will test four of the machines at Minneapolis-St. Paul International Airport this summer. The airline spent $600,000 on the four kiosks. A senior staff attorney at the EFF warns this could be a slippery slope -- at what point this morphs into airline surveillance? But a Delta spokerspeson insists the images won't be stored, that they're complying with privacy laws, and that the kiosks could double the number of passengers whisking through their check-in procedures.

Read more of this story at Slashdot.

New OS/2 Warp Operating System 'ArcaOS' 5.0 Released

Slashdot -

The long-awaited modern OS/2 distribution from Arca Noae was released Monday. martiniturbide writes: ArcaOS 5.0 is an OEM distribution of IBM's discontinued OS/2 Warp operating system. ArcaOS offers a new set of drivers for ACPI, network, USB, video and mouse to run OS/2 in newer hardware. It also includes a new OS installer and open source software like Samba, Libc libraries, SDL, Qt, Firefox and OpenOffice... It's available in two editions, Personal ($129 with an introductory price of $99 for the first 90 days [and six months of support and maintenance updates]) and Commercial ($239 with one year of support and maintenance). The OS/2 community has been called upon to report supported hardware, open source any OS/2 software, make public as much OS/2 documentation as possible and post the important platform links. OS2World insists that open source has helped OS/2 in the past years and it is time to look under the hood to try to clone internal components like Control Program, Presentation Manager, SOM and Workplace Shell. By Tuesday Arca Noae was reporting "excessive traffic on the server which is impacting our ordering and delivery process," though the actual downloads of the OS were unaffected, the server load issues were soon mitigated, and they thanked OS/2 enthusiasts for a "truly overwhelming response."

Read more of this story at Slashdot.

[$] Revisiting "too small to fail"

LWN Headlines -

Back in 2014, the revelation that the kernel's memory-management subsystem would not allow relatively small allocation requests to fail created a bit of a stir. The discussion has settled down since then, but the "too small to fail" rule still clearly creates a certain amount of confusion in the kernel community, as is evidenced by a recent discussion inspired by the 4.12 merge window. It would appear that the rule remains in effect, but developers are asked to act as if it did not.

Arctic Stronghold of World's Seeds Flooded After Permafrost Melts

Slashdot -

An anonymous reader quotes a report from The Guardian: It was designed as an impregnable deep-freeze to protect the world's most precious seeds from any global disaster and ensure humanity's food supply forever. But the Global Seed Vault, buried in a mountain deep inside the Arctic circle, has been breached after global warming produced extraordinary temperatures over the winter, sending meltwater gushing into the entrance tunnel. The vault is on the Norwegian island of Spitsbergen and contains almost a million packets of seeds, each a variety of an important food crop. When it was opened in 2008, the deep permafrost through which the vault was sunk was expected to provide "failsafe" protection against "the challenge of natural or man-made disasters". But soaring temperatures in the Arctic at the end of the world's hottest ever recorded year led to melting and heavy rain, when light snow should have been falling. "It was not in our plans to think that the permafrost would not be there and that it would experience extreme weather like that," said Hege Njaa Aschim, from the Norwegian government, which owns the vault. "A lot of water went into the start of the tunnel and then it froze to ice, so it was like a glacier when you went in," she told the Guardian. Fortunately, the meltwater did not reach the vault itself, the ice has been hacked out, and the precious seeds remain safe for now at the required storage temperature of -18C. But the breach has questioned the ability of the vault to survive as a lifeline for humanity if catastrophe strikes.

Read more of this story at Slashdot.

Drupal Association blog: Insight into Drupal Association Financials

Drupal Planet -

To give more insight into Drupal Association financials, we are launching a blog series. This is the first one in the series and it is for all of you who love knowing the inner workings. It provides an overview of:

  • Our forecasting process
  • How financial statements are approved
  • The auditing process
  • How we report financials to the U.S. government via 990s

There’s a lot to share in this blog post and we appreciate you taking the time to read it.

Replacing Annual Budgets With Rolling Forecasts

Prior to 2016, the Drupal Association produced an annual budget, which is a common practice for non-profits. However, two years ago, we found that the Drupal market was changing quickly and that impacted our projected revenue. Plus, we needed faster and more timely performance analysis of pilot programs so we could adjust projections and evaluate program success throughout the year. In short, we needed to be more agile with our financial planning, so we moved to a rolling forecast model, using conservative amounts.

Using a rolling forecast means we don’t have a set annual budget. Instead, we project revenue and expense two years out into a forecast. Then, we update the forecast several times a year as we learn more. The first forecast of the year is similar to a budget. We study variance against this version throughout the year. As we conduct the additional forecasts during the year, we replace forecasts of completed months with actual expenses and income (“actuals”) and revise forecasts for the remaining months. This allows us to see much more clearly if we are on or off target and to adjust projections as conditions that could impact our financial year change and evolve. For example, if we learn that the community wants us to change a drupal.org ad placement that could impact revenue, we will downgrade the revenue forecast appropriately for this product.

In 2017, we there will be three forecasts:

  • December 2016:  The initial forecast was created. This serves as our benchmark for the year and we run variances against it.
  • May 2017: We updated the forecast after DrupalCon Baltimore since this event has the biggest impact on both our expenses and revenue for the year.
  • October 2017: We will reforecast again after DrupalCon Vienna. This is our final update before the end of the year and will be the benchmark forecast for 2018.

Creating and approving the forecasts is a multi-party process.

  1. Staff create the initial forecast much like you would a budget. They are responsible for their income and expense budget line items and insert them into the forecasting worksheet. They use historical financials, vendor contracts and quotes, and more to project the amount for each line item and document all of their assumptions. Each budget line manager reviews those projections and assumptions with me. I provide guidance and challenge assumptions and sign off on the inputs

  2. Our virtual CFO firm, Summit CPA, analyzes the data and provides financial insight including: Income Statement, Balance Sheet, Cash Flow, and Margin Analysis. Through these reports, we can see how we are positioned to perform against our financial KPIs. This insight allows us to make changes or strengthen our focus on certain areas to ensure we are moving towards those KPIs - which I will talk about in another blog post. Once these reports are generated, the Drupal Association board finance committee receives them along with the forecasting assumptions. During a committee meeting, the committee is briefed by Summit and myself. They ask questions to make sure various items are considered in the forecast and they provide advice for me to consider as we work to improve our financial health.  

  3. Once the committee reviews the forecast and assumptions, then, the full board reviews it in an Executive Session. The board asks questions and provides advice as well. This review process happens with all three forecasts for the year.

Approving Financial Reports

As we move through the year, our Operations Manager and CFO team work together to close the books each month. This ensures our monthly actuals are correct. Then, our CFO team creates a monthly financial report that includes our financial statements (Income Statement and Balance Sheet) for the finance committee to review and approve. Each month the finance committee meets virtually and the entire team reviews the most recently prepared report. After asking questions and providing advice, the committee approves the report.

The full board receives copies of the financial reports quarterly and is asked to review and approve the statements for the preceding three months. Board members can ask questions, provide advice, and approve the statements in Executive Session or in the public board meeting. After approval, I write a blog post so the community can access and review the financial statements. You can see an example of the Q3 2016 financial statement blog here. The board just approved the Q4 2016 financials and I will do a blog post shortly to share the financial statements.

Financial Audits

Every two or three years the Association contracts to have the financial practices and transactions audited.  For the years that we do not conduct a full audit, we will contract for a “financial review” by our CPA firm (which is separate from our CFO firm) to ensure our financial policies and transactions are in good order.

An audit is an objective examination and evaluation of the financial statements of an organization to make sure that the records are a fair and accurate representation of the transactions they claim to represent. It can be done internally by employees of the organization, or externally by an outside firm.  Because we want accountability, we contracted with an external CPA firm, McDonald Jacobs, to handle the audit.

The Drupal Association conducts audits for several reasons:

  1. to demonstrate our commitment to financial transparency.

  2. to assure our community that we follow appropriate procedures to ensure that the community funds are being handled with care.  

  3. to give our board of directors outside assurance that the financial statements are free of material misstatements.

What do the auditors look at?  For 2016, our auditors will generally focus on three points:

  • Proper recording of income and expense: Auditors will ensure that our financial statements are an accurate representation of the business we have conducted. Did we record transactions on the right date, to the right account, and the right class? In other words, if we said that 2016 revenue was a certain amount, is that really true?

  • Financial controls: Preventing fraud is an important part of the audit. It is important to put the kinds of controls in place that can prevent common types of fraud, such as forged checks and payroll changes. Auditors look to see that there are two sets of eyes on every transaction, and that documentation is provided to verify expenses and check requests.

  • Policies and procedures: There are laws and regulations that require we have certain policies in place at our organization. Our auditors will look at our current policies to ensure they were in place and, in some cases, had been reviewed by the board and staff.

The primary goal of the audit is for the auditor to express an opinion on two aspects of the financial statements of the Association: the financial statements are fairly presented, and they are in accordance with generally accepted accounting principles (GAAP). Generally accepted accounting principles are the accepted body of accounting rules and policies established by the accounting profession. The purpose of these rules is to promote consistency and fairness in financial reporting throughout the business community. These principles provide comparability of financial information.

Once our audit for 2016 is complete and approved by the board (expected in early summer), we can move to have the 990 prepared.  We look to have this item completed by September 2016.

Tax Filing: The Form 990

As a U.S.-based 501c3 exempt organization, and to maintain this tax-exempt status, the U.S. Internal Revenue Service (IRS) requires us to file a 990 each year. Additionally, this form is also filed with state tax departments as well. The 990 is meant for the IRS and state regulators to ensure that non-profits continue to serve their stated charitable activities. The 990 can be helpful when you are reviewing our programs and finances, but know that it’s only a “snapshot” of our year.  

You can find our past 990s here.

Here are some general points, when reviewing our 990.

FORM 990, PART I—REVENUES, EXPENSES, AND CHANGES IN NET ASSETS OR FUND BALANCES

Lines 8-12 indicates our yearly revenue revenue. Not only how much total revenue (line 12), but also where we have earned our income, broken out into four groups. Line 12 is the most important: total income for the year.

Lines 13-18 shows expenses for the year, and where we focused.

Cash Reserves are noted on lines 20-22 on page 1.

The 990 has a comparison of the net assets from last year (or the beginning of the year) and the end of the current year, as well as illustrates the total assets and liabilities of the Association.

FORM 990, PART II—STATEMENT OF FUNCTIONAL EXPENSES

Part II shows our expenditures by category and major function (program services, management and general, and fundraising).

FORM 990, PART III—STATEMENT OF PROGRAM SERVICE ACCOMPLISHMENTS

In Part III, we describe the activities performed in the previous year that adhere to our 501c3 designation.  You can see here that Drupal.org, DrupalCon and our Fiscal Sponsorship programs are noted.

FORM 990, PART IV—BALANCE SHEETS

Part IV details our assets and liabilities. Assets are our resources that we have at our disposal to execute on our mission.  Liabilities are the outstanding claims against those assets.

FORM 990, PART V—LIST OF OFFICERS, DIRECTORS, TRUSTEES AND KEY EMPLOYEES

Part V lists our board and staff who are responsible in whole or in part for the operations of an organization. These entries do include titles and compensation of key employees.

FORM 990, PART VI—OTHER INFORMATION

This section contains a number of questions regarding our operations over the year. Any “yes” answers require explanation on the following page.

Schedule A, Part II—Compensation of the Five Highest Paid Independent Contractors for Professional Services

We list any of our contractors, if we have paid them more than $50,000, on this schedule.

Once our 990 is complete and filed we are required to post the return publicly, which we do here on our website.  We expect to have the 2016 990 return completed, filed and posted by September 2017.

Phew. I know that was long. Thank you for taking the time to read all of the steps we take to ensure financial health and accuracy. We are thankful for the great team work that goes into this process. Most of all we are thankful for our funders who provide the financial fuel for us to do our mission work.

Stay tuned for our next blog in this series: Update on Q4 2016 financial (to follow up on our Q3 2016 financial update)

Chemists May Be Zeroing In On Chemical Reactions That Sparked the First Life

Slashdot -

sciencehabit quotes a report from Scientific Magazine: DNA is better known, but many researchers today believe that life on Earth got started with its cousin RNA, since that nucleic acid can act as both a repository of genetic information and a catalyst to speed up biochemical reactions. But those favoring this "RNA world" hypothesis have struggled for decades to explain how the molecule's four building blocks could have arisen from the simpler compounds present during our planet's early days. Now chemists have identified simple reactions that, using the raw materials on early Earth, can synthesize close cousins of all four building blocks. The resemblance isn't perfect, but it suggests scientists may be closing in on a plausible scenario for how life on Earth began. The study has been published in the journal Nature.

Read more of this story at Slashdot.

Scientists Claim 'Cold Spot' In Space Could Offer Evidence of a Parallel Universe

Slashdot -

New submitter LCooke writes: A international research team led by the University of Durham thinks a mysterious cold spot in the universe could offer evidence of a parallel universe. The cold spot could have resulted after our universe collided with another. Physicist Tom Shanks said, [...] "the cold spot might be taken as the first evidence for the multiverse -- and billions of other universes may exist like our own." From the report via Inhabitat: "NASA first discovered the baffling cold spot in 2004. The cold spot is 1.8 billion light years across and, as you may have guessed, colder than what surrounds it in the universe. Scientists thought perhaps it was colder because it had 10,000 less galaxies than other regions of similar size. They even thought perhaps the cold spot was just a trick of the light. But now an international team of researchers think perhaps the cold spot could actually offer evidence for the concept of a multiverse. The Guardian explains an infinite number of universes make up a multiverse; each having its own reality different from ours. These scientists say they've ruled out the last-ditch optical illusion idea. Instead, they think our universe may have collided with another in what News.com.au described as something like a car crash; the impact could have pushed energy away from an area of space to result in the cold spot." The study has been published in the journal Monthly Notices of the Royal Astronomical Society.

Read more of this story at Slashdot.

Robots Could Wipe Out Another 6 Million Retail Jobs

Slashdot -

According to a new study this week from financial services firm Cornerstone Capital Group, between 6 million and 7.5 million retail jobs are at risk of being replaced over the course of the next 10 years by some form of automation. "That represents at least 38% of the current retail work force, which consists of 16 million workers," reports CNN. "Retail could actually lose a greater proportion of jobs to automation than manufacturing has, according to the study." From the report: That doesn't mean that robots will be roving the aisles of your local department store chatting with customers. Instead, expect to see more automated checkout lines instead of cashiers. This shift alone will likely eliminate millions of jobs. "Cashiers are considered one of the most easily automatable jobs in the economy," said the report. And these job losses will hit women particularly hard, since about 73% of cashiers are women. There will also be fewer sales jobs, as more and more consumers use in-store smartphones and touchscreen computers to find what they need, said John Wilson, head of research at Cornerstone. There will still be some sales people on the floor, but just not as many of them. Rising wages are also helping to drive automation, as state and city governments hike their minimum wages. Additionally, several major retailers including Walmart, the nation's largest employer, have increased wages in order to find and retain the workers they need. The increased competition from e-commerce is also a factor, since it requires retailers to be as efficient as possible in order to compete.

Read more of this story at Slashdot.

Uber Starts Charging What It Thinks You're Willing To Pay

Slashdot -

An anonymous reader quotes a report from Motherboard: Uber drivers have been complaining that the gap between the fare a rider pays and what the driver receives is getting wider. After months of unsatisfying answers, Uber is providing an explanation: It's charging some passengers more because it needs the extra cash. The company detailed for the first time in an interview with Bloomberg a new pricing system that's been in testing for months in certain cities. On Friday, Uber acknowledged to drivers the discrepancy between their compensation and what riders pay. The new fare system is called "route-based pricing," and it charges customers based on what it predicts they're willing to pay. It's a break from the past, when Uber calculated fares using a combination of mileage, time and multipliers based on geographic demand. Daniel Graf, Uber's head of product, said the company applies machine-learning techniques to estimate how much groups of customers are willing to shell out for a ride. Uber calculates riders' propensity for paying a higher price for a particular route at a certain time of day. For instance, someone traveling from a wealthy neighborhood to another tony spot might be asked to pay more than another person heading to a poorer part of town, even if demand, traffic and distance are the same.

Read more of this story at Slashdot.

UK Conservatives Pledge To Create Government-Controlled Internet

Slashdot -

Martin S. writes: Theresa May, the leader of the UK Conservative Party has pledged to create new internet that would be controlled and regulated by government on re-election. An early lead in the polls appears to be slipping but not slowly enough to change the result. Social Media has rapidly become an intense political battlefield. Known as #Mayhem in some circles, but seemingly able to command significant support from new and old media. Also, applying new social media analytics. According to the manifesto, the plans will allow Britain to become "the global leader in the regulation of the use of personal data and the internet." It states, "Some people say that it is not for government to regulate when it comes to technology and the internet... We disagree."

Read more of this story at Slashdot.

BlackBerry Working With Automakers On Antivirus Tool For Your Car

Slashdot -

An anonymous reader quotes a report from Reuters: BlackBerry is working with at least two automakers to develop a security service that would remotely scan vehicles for computer viruses and tell drivers to pull over if they were in critical danger, according to a financial analyst. The service, which would also be able to install security patches to an idle car, is being tested by luxury automakers Aston Martin and Range Rover. The service could be launched as early as next year, generating about $10 a month per vehicle for BlackBerry, according to Papageorgiou, who has followed BlackBerry for more than 15 years. Vehicles increasingly rely on dozens of computers that connect to each other as well as the internet, mobile networks and Bluetooth communications systems that make them vulnerable to remote hacks.

Read more of this story at Slashdot.

Pages

Subscribe to Heydon Consulting aggregator