Comment Does this mean that Siri will have real value? (Score 1) 18
So the likes of ChatGPT is what was required to update Siri to be capable of doing things other than setting reminders, alarms, and timers?
Comment Re: Plover (Score 1) 19
Spoiler alert: use your towel to block the drain.
Comment Checking the boxes to make the sale (Score 2) 137
Often when I hear that there is a job shortage for a particular field, I interpret that statement to mean there’s a shortage of people that want to work that job for the salary being offered. After spending 5 years in cybersecurity, I became somewhat disillusioned by the accounting and sales nature of job. Understandably, customers want to see basic certifications like SOC 2 Type 2 and ISO 27001. The challenge is that obtaining these certs is somewhat trivial, subject to carefully worded responses to auditors, and surgically scoping the audit to include/exclude the product in question. Larger companies are aware of these shortcomings and consider these certs ‘table stakes’. But the vendor response tactic is the same, tell the truth while omitting any shortcomings and highlighting where you are meeting the control. So a large portion of cybersecurity is checking the boxes and supporting the sales team. This is not to say that the basics of certs like SOC 2 and ISO 27001 aren’t a step in the right direction, simply that they’re woefully inadequate in both the depth of controls and thoroughness of the audit.
The real security is beyond the superficial world of customer questionnaires and security certifications/attestations. The people who are making critical security decisions are your developers implementing software libraries or your DevSecOps personnel architecting the CI/CD platform. Finding engineers who have security backgrounds is where things get expensive, and perhaps where any job shortages lie. As others have pointed out, there is a cottage industry around getting people certified quickly. Having a cert from CompTIA, ISACA, or ISC^2 can be a good start, but you’ll still need security minded engineers to round out your security posture.
The real security is beyond the superficial world of customer questionnaires and security certifications/attestations. The people who are making critical security decisions are your developers implementing software libraries or your DevSecOps personnel architecting the CI/CD platform. Finding engineers who have security backgrounds is where things get expensive, and perhaps where any job shortages lie. As others have pointed out, there is a cottage industry around getting people certified quickly. Having a cert from CompTIA, ISACA, or ISC^2 can be a good start, but you’ll still need security minded engineers to round out your security posture.
Submission + - Chinese Behemoth Pinduoduo To Take On Amazon In US (theguardian.com)
An anonymous reader writes: Americans addicted to Amazon could soon be wooed by a Chinese tech giant most of them have never heard of. Pinduoduo is planning to expand its reach to the US next month, according to reports in Bloomberg and Reuters. The company is known for delivering goods at rock-bottom prices – while putting its employees through conditions that a prominent labor activist says should horrify Americans. Described by its founder, the former Google employee Colin Huang, as a cross between “Costco and Disneyland," Pinduoduo has ridden a wave of meteoric Chinese tech growth to become one of the largest e-commerce companies in the world since its founding in 2015.
Pinduoduo targeted China’s smaller cities and more rural areas, where consumers tend to be less wealthy and more cost-conscious, says JS Tan, an MIT graduate student who researches the Chinese tech industry. Its signature feature is “group buying," which allows users to organize people to make mass purchases directly from manufacturers at a steep discount. Because Pinduoduo is heavily integrated with WeChat, China’s top social media platform, it’s a snap for users to gather up friends, family and internet strangers to order big batches of everything from electronics to baby formula to groceries – something that became a lifeline during China’s strict Covid lockdowns.
“Pinduoduo is known for its extreme overtime,” said Li Qiang, a veteran labor activist and founder of the non-profit China Labor Watch. “The competition is extremely intense, and the conditions are much crueler than in America.” Two Pinduoduo employees died within a two-week period from December 2020 to January 2021, igniting a national scandal. The first worker, 22-year-old Zhang Fei, died on 29 December, when she was heading home around 1.30am after a series of extremely long shifts. The second worker, an engineer in his 20s, jumped to his death on 9 January after abruptly asking for leave from the company and traveling home the same day. The controversy grew when days later, a Pinduoduo employee who called himself Wang Taixu said he had been fired by the company after posting a photo of a colleague being taken into an ambulance after collapsing. Wang subsequently published a lengthy video on the video-sharing site Bilibili detailing labor abuses he had witnessed at the company; he alleged that some workers were made to work as many as 380 hours a month, which the company denied.
Pinduoduo targeted China’s smaller cities and more rural areas, where consumers tend to be less wealthy and more cost-conscious, says JS Tan, an MIT graduate student who researches the Chinese tech industry. Its signature feature is “group buying," which allows users to organize people to make mass purchases directly from manufacturers at a steep discount. Because Pinduoduo is heavily integrated with WeChat, China’s top social media platform, it’s a snap for users to gather up friends, family and internet strangers to order big batches of everything from electronics to baby formula to groceries – something that became a lifeline during China’s strict Covid lockdowns.
“Pinduoduo is known for its extreme overtime,” said Li Qiang, a veteran labor activist and founder of the non-profit China Labor Watch. “The competition is extremely intense, and the conditions are much crueler than in America.” Two Pinduoduo employees died within a two-week period from December 2020 to January 2021, igniting a national scandal. The first worker, 22-year-old Zhang Fei, died on 29 December, when she was heading home around 1.30am after a series of extremely long shifts. The second worker, an engineer in his 20s, jumped to his death on 9 January after abruptly asking for leave from the company and traveling home the same day. The controversy grew when days later, a Pinduoduo employee who called himself Wang Taixu said he had been fired by the company after posting a photo of a colleague being taken into an ambulance after collapsing. Wang subsequently published a lengthy video on the video-sharing site Bilibili detailing labor abuses he had witnessed at the company; he alleged that some workers were made to work as many as 380 hours a month, which the company denied.
Submission + - Roboticists Discover Alternative Physics (phys.org)
An anonymous reader writes: Energy, mass, velocity. These three variables make up Einstein's iconic equation E=MC2. But how did Einstein know about these concepts in the first place? A precursor step to understanding physics is identifying relevant variables. Without the concept of energy, mass, and velocity, not even Einstein could discover relativity. But can such variables be discovered automatically? Doing so could greatly accelerate scientific discovery. This is the question that researchers at Columbia Engineering posed to a new AI program. The program was designed to observe physical phenomena through a video camera, then try to search for the minimal set of fundamental variables that fully describe the observed dynamics. The study was published on July 25 in Nature Computational Science.
The researchers began by feeding the system raw video footage of phenomena for which they already knew the answer. For example, they fed a video of a swinging double pendulum known to have exactly four "state variables"—the angle and angular velocity of each of the two arms. After a few hours of analysis, the AI produced the answer: 4.7. The researchers then proceeded to visualize the actual variables that the program identified. Extracting the variables themselves was not easy, since the program cannot describe them in any intuitive way that would be understandable to humans. After some probing, it appeared that two of the variables the program chose loosely corresponded to the angles of the arms, but the other two remain a mystery. "We tried correlating the other variables with anything and everything we could think of: angular and linear velocities, kinetic and potential energy, and various combinations of known quantities," explained Boyuan Chen Ph.D., now an assistant professor at Duke University, who led the work. "But nothing seemed to match perfectly." The team was confident that the AI had found a valid set of four variables, since it was making good predictions, "but we don't yet understand the mathematical language it is speaking," he explained.
After validating a number of other physical systems with known solutions, the researchers fed videos of systems for which they did not know the explicit answer. The first videos featured an "air dancer" undulating in front of a local used car lot. After a few hours of analysis, the program returned eight variables. A video of a lava lamp also produced eight variables. They then fed a video clip of flames from a holiday fireplace loop, and the program returned 24 variables. A particularly interesting question was whether the set of variable was unique for every system, or whether a different set was produced each time the program was restarted.
The researchers began by feeding the system raw video footage of phenomena for which they already knew the answer. For example, they fed a video of a swinging double pendulum known to have exactly four "state variables"—the angle and angular velocity of each of the two arms. After a few hours of analysis, the AI produced the answer: 4.7. The researchers then proceeded to visualize the actual variables that the program identified. Extracting the variables themselves was not easy, since the program cannot describe them in any intuitive way that would be understandable to humans. After some probing, it appeared that two of the variables the program chose loosely corresponded to the angles of the arms, but the other two remain a mystery. "We tried correlating the other variables with anything and everything we could think of: angular and linear velocities, kinetic and potential energy, and various combinations of known quantities," explained Boyuan Chen Ph.D., now an assistant professor at Duke University, who led the work. "But nothing seemed to match perfectly." The team was confident that the AI had found a valid set of four variables, since it was making good predictions, "but we don't yet understand the mathematical language it is speaking," he explained.
After validating a number of other physical systems with known solutions, the researchers fed videos of systems for which they did not know the explicit answer. The first videos featured an "air dancer" undulating in front of a local used car lot. After a few hours of analysis, the program returned eight variables. A video of a lava lamp also produced eight variables. They then fed a video clip of flames from a holiday fireplace loop, and the program returned 24 variables. A particularly interesting question was whether the set of variable was unique for every system, or whether a different set was produced each time the program was restarted.
Submission + - SPAM: US Issues Warning After Microsoft Says China Hacked Its Mail Server Program
An anonymous reader writes: The U.S. has issued an emergency warning after Microsoft said it caught China hacking into its mail and calendar server program, called Exchange. The perpetrator, Microsoft said in a blog post, is a hacker group that the company has “high confidence” is working for the Chinese government and primarily spies on American targets. The latest software update for Exchange blocks the hackers, prompting the U.S. Cybersecurity and Infrastructure Security Agency to issue a rare emergency directive that requires all government networks do so.
CISA, the U.S.’s primary defensive cybersecurity agency, rarely exercises its authority to demand the entire U.S. government take protective steps to protect its cybersecurity. The move was necessary, the agency announced, because the Exchange hackers are able “to gain persistent system access.” All government agencies have until noon Friday to download the latest software update. In a separate blog post, Microsoft Vice President Tom Burt wrote that the hackers have recently spied on a wide range of American targets, including disease researchers, law firms and defense contractors. There was no immediate indication that the hack led to significant exploitation of U.S. government computer networks. But the announcement marks the second instance in recent months that the U.S. scrambled to address a widespread hacking campaign believed be the work of foreign government spies.
Link to Original Source
CISA, the U.S.’s primary defensive cybersecurity agency, rarely exercises its authority to demand the entire U.S. government take protective steps to protect its cybersecurity. The move was necessary, the agency announced, because the Exchange hackers are able “to gain persistent system access.” All government agencies have until noon Friday to download the latest software update. In a separate blog post, Microsoft Vice President Tom Burt wrote that the hackers have recently spied on a wide range of American targets, including disease researchers, law firms and defense contractors. There was no immediate indication that the hack led to significant exploitation of U.S. government computer networks. But the announcement marks the second instance in recent months that the U.S. scrambled to address a widespread hacking campaign believed be the work of foreign government spies.
Link to Original Source
Submission + - SPAM: Biden Pushes EV Chargers As Six Utilities Plan a Unified Network
An anonymous reader writes: US President Joe Biden has made the shift to electric vehicles an early focus of his administration. Days after his inauguration, he vowed to replace hundreds of thousands of federal civilian vehicles with electric versions. On Tuesday, Biden held a virtual meeting with CEOs from companies building charging infrastructure. The administration has set a goal to build more than 500,000 new electric vehicle charging stations by 2030.
Also on Tuesday, a coalition of six electric utilities announced a new initiative that will help Biden achieve his goal. The companies are planning to build a "seamless network of charging stations" in and around the American South. The group plans to build chargers near major highways in every southern state, stretching as far west as Texas and as far north as Indiana, Ohio, and Virginia. This is not a joint venture. Each utility will build and run its own charging stations. But the goal is to make them appear to the customer as a unified network.
Link to Original Source
Also on Tuesday, a coalition of six electric utilities announced a new initiative that will help Biden achieve his goal. The companies are planning to build a "seamless network of charging stations" in and around the American South. The group plans to build chargers near major highways in every southern state, stretching as far west as Texas and as far north as Indiana, Ohio, and Virginia. This is not a joint venture. Each utility will build and run its own charging stations. But the goal is to make them appear to the customer as a unified network.
Link to Original Source
Comment Re:And Nothing Of Value as Lost. (Score 2) 115
The timing is enjoyable. I stopped listening to Pandora this past week. I don't mind the ads, but when you play the same effing ad over and over I had no choice but to go to Spotify. Spotify, although not as good at "stations" IMHO, has far out innovated Pandora's one trick pony.
Pandora if you care, it's the Innovations for Poverty action advertisement that would advertise every 5-10 minutes. Second only to KARS4KIDS. I hope you too have that effing song in you head. You have immense troves of data, try getting a data analyst worth their salt to make your platform better.
Comment Re:Don't freak out. (Score 0) 846
Try ordering a barrel or bolt without a FFL (Federal Firearms License). You won't get very far. Now if you have your own CNC shop AND a 3-D plastic printer, well then you're on your way...
ATMs That Dispense Gold Bars Coming To America 482
tetrahedrassface writes "As the US economic woes continue unabated, a German company is bringing gold-bearing ATMs to Mainstreet America. The machines accept credit cards, and will dispense 1 gram, 5 gram, 10 gram and 1 ounce units, as well as various gold coins. The company hopes to install 35 bullion machines in the United States this year, and will hopefully have several hundred up and running by next year. The machines will be decorated like giant gold ingots and be over two meters tall. Physical gold has both pros and cons, but from a safety standpoint would it be fine to have a couple of ounces in your pocket while walking around the mall? The giant, gold-dispensing ATMs will monitor the market conditions for gold every 10 minutes in order to reflect spot price changes as they occur." We already covered similar machines installed in travel hubs across Germany.
Building a 10 TB Array For Around $1,000 227
As storage hardware costs continue to plummet, the folks over at Tom's Hardware have decided to throw together their version of the "Über RAID Array." While the array still doesn't stack up against SSDs for access time, a large array is capable of higher throughput via striping. Unfortunately, the amount of work required to assemble a setup like this seems to make it too much trouble for anything but a fun experiment. "Most people probably don't want to install more than a few hard drives into their PC, as it requires a massive case with sufficient ventilation as well as a solid power supply. We don't consider this project to be something enthusiasts should necessarily reproduce. Instead, we set out to analyze what level of storage performance you'd get if you were to spend the same money as on an enthusiast processor, such as a $1,000 Core i7-975 Extreme. For the same cost, you could assemble 12 1 TB Samsung Spinpoint F1 hard drives. Of course, you still need a suitable multi-port controller, which is why we selected Areca's ARC-1680iX-20."
Slashdot Top Deals
In Nature there are neither rewards nor punishments, there are consequences. -- R.G. Ingersoll
