Security

Security Breaches Don't Affect Stock Price, Study Suggests (schneier.com) 5

Computer security professional Bruce Schneier highlights the key findings of a study that suggests security breaches don't affect stock price. The study has been published in the Journal of Information Privacy and Security. From the report: -While the difference in stock price between the sampled breached companies and their peers was negative (1.13%) in the first 3 days following announcement of a breach, by the 14th day the return difference had rebounded to + 0.05%, and on average remained positive through the period assessed.

-For the differences in the breached companies' betas and the beta of their peer sets, the differences in the means of 8 months pre-breach versus post-breach was not meaningful at 90, 180, and 360 day post-breach periods.

-For the differences in the breached companies' beta correlations against the peer indices pre- and post-breach, the difference in the means of the rolling 60 day correlation 8 months pre- breach versus post-breach was not meaningful at 90, 180, and 360 day post-breach periods.

-In regression analysis, use of the number of accessed records, date, data sensitivity, and malicious versus accidental leak as variables failed to yield an R2 greater than 16.15% for response variables of 3, 14, 60, and 90 day return differential, excess beta differential, and rolling beta correlation differential, indicating that the financial impact on breached companies was highly idiosyncratic.

-Based on returns, the most impacted industries at the 3 day post-breach date were U.S. Financial Services, Transportation, and Global Telecom. At the 90 day post-breach date, the three most impacted industries were U.S. Financial Services, U.S. Healthcare, and Global Telecom.

Privacy

Trump Signs Surveillance Extension Into Law (thehill.com) 36

President Trump took to Twitter this afternoon to announce that he has signed a six-year renewal of a powerful government surveillance tool. "Just signed 702 Bill to authorize foreign intelligence collection," Trump tweeted. "This is NOT the same FISA law that was so wrongly abused during the election. I will always do the right thing for our country and put the safety of the American people first!" The Hill reports: Section 702 of the Foreign Intelligence Surveillance Act (FISA), which the Senate voted to renew with a few small tweaks this week, allows the U.S. to spy on foreigners overseas. The intelligence community says the program is a critical tool in identifying and disrupting terror plots. But the broader surveillance law, which governs U.S. spying on foreigners, has become politically entangled with the controversy over the federal investigation into Trump's campaign and Russia. Some Republicans have claimed that the FBI inappropriately obtained a politically motivated FISA warrant to spy on Trump during the transition and on Friday, Capitol Hill was consumed with speculation about a four-page memo produced by House Intelligence Committee Republicans that some GOP lawmakers hinted contained evidence of such wrongdoing.
Facebook

Facebook Will Now Ask Users To Rank News Organizations They Trust (recode.net) 56

An anonymous reader quotes a report from Recode: Facebook is doing a very un-Facebooky thing: It's going to start declaring that some news sources you see in your Facebook feed are better than others, and act accordingly. But Facebook being Facebook, it's going about it in the most Facebooky way possible: It's going to rely on users -- not the super-smart people who work at Facebook -- to figure out which of those sources are better. Mark Zuckerberg says the move is part of an effort to prioritize "news that is trustworthy, informative, and local," within the network and suggests that there will be more announcements to come. The one he describes today will prioritize what kind of news sources pop up in your Facebook News Feed, and will reward ones that Facebook thinks are "broadly trusted," based on user polls, so it can "build a sense of common ground." Facebook is also using today's news to refine last week's roll-out: Zuckerberg says the previously announced changes will reduce the amount of news stories people see in their feed to 4 percent, down from 5 percent.
Businesses

Linking Is Not Copyright Infringement, Boing Boing and EFF Tell Court (torrentfreak.com) 53

An anonymous reader shares a report: The popular blog Boing Boing has asked a federal court in California to drop the copyright infringement lawsuit filed against it by Playboy. With help from the EFF, Boing Boing argues that its article linking to an archive of hundreds of centerfold playmates is clearly fair use. Or else it will be "the end of the web as we know it," the blog warns. Late last year Playboy sued the popular blog Boing Boing for publishing an article that linked to an archive of every playmate centerfold till then. "Kind of amazing to see how our standards of hotness, and the art of commercial erotic photography, have changed over time," Boing Boing's Xena Jardin commented. Playboy, instead, was amazed that infringing copies of their work were being shared in public. While Boing Boing didn't upload or store the images in question, the publisher took the case to court.
Security

Top Bug Hunters Make 2.7 Times More Money Than an Average Software Engineer (bleepingcomputer.com) 42

An anonymous reader shares a report: A survey of 1,700 bug bounty hunters registered on the HackerOne platform reveals that top white-hat hackers make on average 2.7 times more money than the average salary of a software engineer in the same country. The reported numbers are different for each country and may depend on a bug bunter's ability to find bugs, but the survey's results highlight the rising popularity of bug hunting as a sustainable profession, especially in less developed countries, where it can help talented programmers live a financially care-free life. According to HackerOne's report, it pays to be a vulnerability researcher in India, where top bug hunters can make 16 times more compared to the average salary of a software engineer. Other countries where bug hunting can assure someone a comfortable living are Argentina (x15.6), Egypt (x8.1), Hong Kong (x7.6), the Philippines (x5.4), and Latvia (x5.2).
Education

Tim Cook: 'I Don't Want My Nephew on a Social Network' (theguardian.com) 75

Tim Cook, speaking at Harlow college in Essex, shared his views on the limits on technology and social media he feels should be imposed on kids. He said: "I don't believe in overuse [of technology]. I'm not a person that says we've achieved success if you're using it all the time," he said. "I don't subscribe to that at all." Even in computer-aided courses, such as graphic design, technology should not dominate, he said. "There are are still concepts that you want to talk about and understand. In a course on literature, do I think you should use technology a lot? Probably not." The 57-year old chief executive, who took the reins at Apple after the death of Steve Jobs in 2011, said the company cared deeply about children outside the classroom. "I don't have a kid, but I have a nephew that I put some boundaries on. There are some things that I won't allow; I don't want them on a social network."
Businesses

Buying Headphones in 2018 is Going To Be a Fragmented Mess (theverge.com) 185

Vlad Savov, writing for The Verge: At CES this year, I saw the future of headphones, and it was messy. Where we once had the solid reliability of a 3.5mm analog connector working with any jack shaped to receive it, there's now a divergence of digital alternatives -- Lightning or USB-C, depending on your choice of jack-less phone -- and a bunch of wireless codecs and standards to keep track of. Oh, and Sony's working hard on promoting a new 4.4mm Pentaconn connector as the next wired standard for dedicated audio lovers. It's all with the intent of making things better, but before we get to the better place, we're going to spend an uncomfortable few months (or longer) in a fragmented market where you'll have to do diligent research to make sure your next pair of headphones works with all the devices you already own.
Medicine

A Cheap and Easy Blood Test Could Catch Cancer Early (technologyreview.com) 37

A simple-to-take test that tells if you have a tumor lurking, and even where it is in your body, is a lot closer to reality -- and may cost only $500. From a report: The new test, developed at Johns Hopkins University, looks for signs of eight common types of cancer. It requires only a blood sample and may prove inexpensive enough for doctors to give during a routine physical. "The idea is this test would make its way into the public and we could set up screening centers," says Nickolas Papadopoulos, one of the Johns Hopkins researchers behind the test. "That's why it has to be cheap and noninvasive." Although the test isn't commercially available yet, it will be used to screen 50,000 retirement-age women with no history of cancer as part of a $50 million, five-year study with the Geisinger Health System in Pennsylvania, a spokesperson with the insurer said. The test, detailed today in the journal Science, could be a major advance for "liquid biopsy" technology, which aims to detect cancer in the blood before a person feels sick or notices a lump. That's useful because early-stage cancer that hasn't spread can often be cured.
Transportation

Pedestrian Attacks Self-driving Car in the Mission (curbed.com) 186

An anonymous reader shares a report: Cruise AV, a self-driving car company owned by General Motors, reports that earlier this month an unidentified man in the Mission flung himself onto one of the company's autonomous vehicles while it was conducting a road test. According to a report filed with the California DMV (all companies testing self-driving cars on California public streets are required to make public reports any time an accident happens), the close encounter of the vehicular kind happened at 9:27 p.m. as the car was waiting to make a turn and "stopped at a green light in between crosswalks of Valencia Street and 16th Street, waiting for pedestrians to cross." The car's human driver says that a pedestrian then unexpectedly ran into the street against the traffic signal and "shouting....struck the left side of the Cruise AV's rear bumper and hatch with his entire body." The driver adds, "There were no injuries, but the Cruise AV sustained some damage to its rear light." No witnesses called the police.
Businesses

BMW's Apple CarPlay Annual Fee is Next-level Gouging (cnet.com) 188

BMW announced this week that the company plans to shift Apple CarPlay infotainment support from a one-time fee to a subscription service. Tim Stevens, writing about the implications of the move for CNET: While GM and other manufacturers happily include Apple's CarPlay service for free even on their most attainable models, BMW and plenty of others have levied upgrade fees to enable CarPlay, or bundled the service inside pricey packages of widgets you may or may not want. That, sadly, is par for this margin-rich golf course, but when we learned this week that BMW would change from a single, up-front fee to an annual fee, in my mind that changed everything. Instead of a one-time, $300 fee, starting on 2019 models BMW will charge $80 annually for the privilege of accessing Apple's otherwise totally free CarPlay service. You do get the first year free, much like your friendly neighborhood dealer of another sort, but after that it's pay up or have your Lightning cable metaphorically snipped.

On the surface this is pretty offensive, and it seemed like something must be driving this. The official word from BMW is that this is a change that will save many (perhaps most) BMW owners money. Indeed, the vehicle segments where BMW plays are notorious for short-term leases, and those owning the car for only a few years will save money over that one-time $300. But still, the notion of paying annually for something that's free rubbed me the wrong way. And, based on the feedback we saw from the article, it rubbed a lot of you the wrong way, too.

Businesses

China's Smartphone Maker OnePlus Says Up To 40,000 Customers Were Affected by Credit Card Security Breach (theverge.com) 8

sqorbit writes: OnePlus, a manufacturer of an inexpensive smartphone meant to compete with the iPhone, states that data from 40,000 customers credit card information was stolen while purchasing phones from its website. Even as the company has just confirmed the breach, it says the the script stealing information had been running since November. It is not clear whether this was a remote attack or the attack happened from within the company. Credit purchases on the OnePlus site have been suspended and will remain that way while an investigation takes place. [...] Earlier this week, OnePlus had temporarily shut down credit card payments on its website following reports that customers' payment details were stolen after they bought goods through its online store. The company says it's disabling credit card payments "as a precaution," but will still be accepting purchases through PayPal. The investigation began after a poll posted by users on OnePlus' forums found that many customers had experienced the same problem.
Businesses

Instant Messaging Company Snap Threatens Jail Time for Leakers (cheddar.com) 83

An anonymous reader shares a report: Snap has a simple message to its employees: leak information and you could be sued or even jailed. The chief lawyer and general counsel of Snapchat's parent company, Michael O'Sullivan, sent a threatening memo to all employees last week just before The Daily Beast published an explosive story with confidential user metrics about how certain Snapchat features are used. "We have a zero-tolerance policy for those who leak Snap Inc. confidential information," O'Sullivan said in the memo, a copy of which was obtained by Cheddar. "This applies to outright leaks and any informal 'off the record' conversations with reporters, as well as any confidential information you let slip to people who are not authorized to know that information."
Businesses

Amazon is Raising the Price of Prime Monthly Memberships by Nearly 20 Percent (recode.net) 145

Amazon is boosting the price of its monthly Prime membership fees for new and existing members by nearly 20%. The online retailer said Friday its annual membership fee of $99 will not change. From a report: The increase comes less than two years after Amazon first introduced the monthly payment option as a way to attract new Prime members who either couldn't afford the annual membership of $99, which is not increasing, or didn't want to commit to using the service continuously. Prime is the engine at the center of the Amazon commerce machine -- Prime members buy from Amazon more frequently than non-Prime members and also spend more, hence why Amazon introduced the monthly option to lure new members. So if the company is raising the fee, you can bet that it discovered the current $10.99 was just not sustainable.
Google

Google Moves To Debian For In-house Linux Desktop (zdnet.com) 124

Google has officially confirmed the company is shifting its in-house Linux desktop from the Ubuntu-based Goobuntu to a new Linux distro, the DebianTesting-based gLinux. From a report: Margarita Manterola, a Google Engineer, quietly announced Google would move from Ubuntu to Debian-testing for its desktop Linux at DebConf17 in a lightning talk. Manterola explained that Google was moving to gLinux, a rolling release based on Debian Testing. This move isn't as surprising as it first looks. Ubuntu is based on Debian. In addition, Google has long been a strong Debian supporter. In 2017, Debian credited Google for making [sic] "possible our annual conference, and directly supports the progress of Debian and Free Software." Debian Testing is the beta for the next stable version of Debian. With gLinux, that means it's based on the Debian 10 "Buster" test operating system. Google takes each Debian Testing package, rebuilds it, tests it, files and fixes bugs, and once those are resolved, integrates it into the gLinux release candidate. GLinux went into beta on Aug. 16, 2017.
Technology

Why Airports Rename Runways When the Magnetic Poles Move (wired.com) 158

An anonymous reader shares a report: For decades, pilots heading into or out of Wichita Eisenhower National Airport in southeast Kansas have had three runways to choose from: 1L/19R, 1R/19L, and 14/32. Now, at the orders of the FAA, the airport will spend hundreds of thousands of dollars to give itself a makeover. Workers will repaint those huge numbers at the ends of each runway and replace copious signage. Pilots and air traffic controllers will study new reference manuals and approach plates, all updated to reflect an airport whose three runways have been renamed. World, meet 2L/20R, 2R/20L, and 15/33 -- which happen to be the same runways that have been welcoming planes since 1954.

This is not a "What's in a name?" situation. The runways may be the same sweet-smelling stretches of tarmac they've always been, but the world around them has changed. Well, the magnetic fields around the world have changed. The planet's magnetic poles -- the points that compasses recognize as north and south -- are always wandering about. That's a problem, because most runways are named for their magnetic headings. Take Wichita's 14/32. First off, because planes can land or take off from either direction, you can think of it as two runways: 14 and 32. (Pro tip: Pilots say "one-four" and "three-two," not 14 and 32.) If you're looking at a compass, one end is about 140 degrees off of north, counting clockwise. For simplicity's sake, the headings are rounded to the nearest five, and dropped to two digits. So if you're looking down at Wichita Eisenhower, runway 14/32 is the one running from the northwest to the southeast.

Slashdot Top Deals