An anonymous reader quotes Engadget: You think you're safe from malware since you never click suspicious-looking links, then somebody finds a way to infect your PC anyway. Security researchers have discovered that cybercriminals have recently started using a malware downloader that installs a banking Trojan to your computer even if you don't click anything. All it takes to trigger the download is to hover your mouse pointer over a hyperlink in a carrier PowerPoint file. According to researchers from Trend Micro and Dodge This Security the technique was used by a recent spam email campaign targeting companies and organizations in Europe, the Middle East and Africa. The emails' subjects were mostly finance-related, such as "Invoice" and "Order #," with an attached PowerPoint presentation. The PowerPoint file has a single hyperlink in the center that says "Loading... please wait" that has an embedded malicious PowerShell script. When you hover your mouse pointer over the link, it executes the script.
Trend Micro writes that "while the numbers aren't impressive, it can also be construed as a dry run for future campaigns, given the technique's seeming novelty," adding "It wouldn't be far-fetched for other malware like ransomware to follow suit."

An anonymous reader quotes a report from The Verge: Federal prosecutors have filed a hate crime charge against 51-year-old Kansas resident Adam Purinton, according to the Department of Justice. Purinton, who is accused of shooting three people in an Olathe bar, reportedly told a local Garmin engineer to "get out of my country" before opening fire. Purinton is currently being held on first-degree murder charges filed by local prosecutors. Today's indictment accuses Purinton of committing murder "because of Kuchibhotla's actual and perceived race, color, religion and national origin," with additional charges for the attempted murder of Madasani and violations of federal firearm statutes. The Justice Department declined to say whether it will pursue the death penalty, although it is authorized by the hate crime statute.

Appliance manufacturers and home builders are in Washington, D.C., today to celebrate a popular energy efficiency program, even as it's slated for elimination in President Trump's proposed budget. NPR adds: You probably know the program's little blue label with the star -- the Environmental Protection Agency says 90 percent of U.S. households do. [...] The 25-year-old Energy Star program appears to be targeted simply because it's run by the federal government. It's one of 50 EPA programs that would be axed under Trump's budget plan, which would shrink the agency's funding by more than 30 percent. Critics of Energy Star say the government should get involved in the marketplace only when absolutely necessary. But that argument doesn't hold sway for the program's legions of supporters, which span nonprofits, companies and trade groups.

The classic 90s-era videogames StarCraft and StarCraft: Brood War will be re-released this summer -- remastered in 4K Ultra High Definition. An anonymous reader quotes The Verge: It will also include a number of updates, such as remastered sound, new additional illustrations for the campaign missions, new matchmaking capabilities, the ability to connect to Blizzard App, the ability to save to the cloud, and more... Blizzard also announced that it was issuing a new update to StarCraft: Brood War this week, which will include some bug fixes and anti-cheat measures, but will also make StarCraft Anthology (which includes StarCraft and Brood War) available to download for free.
Kotaku reports that the news was announced at this weekend's I <3 StarCraft event in South Korea, "a mini-tournament between some of the game's best players being held to honor the game's legacy."

Tractor owners across the country are reportedly hacking their John Deere tractors using firmware that's cracked in Easter Europe and traded on invite-only, paid online forums. The reason is because John Deere and other manufacturers have "made it impossible to perform 'unauthorized' repair on farm equipment," which has obviously upset many farmers who see it "as an attack on their sovereignty and quite possibly an existential threat to their livelihood if their tractor breaks at an inopportune time," reports Jason Koebler via Motherboard. As is the case with most modern-day engineering vehicles, the mechanical problems experienced with the newer farming tractors are often remedied via software. From the report: The nightmare scenario, and a fear I heard expressed over and over again in talking with farmers, is that John Deere could remotely shut down a tractor and there wouldn't be anything a farmer could do about it. A license agreement John Deere required farmers to sign in October forbids nearly all repair and modification to farming equipment, and prevents farmers from suing for "crop loss, lost profits, loss of goodwill, loss of use of equipment [...] arising from the performance or non-performance of any aspect of the software." The agreement applies to anyone who turns the key or otherwise uses a John Deere tractor with embedded software. It means that only John Deere dealerships and "authorized" repair shops can work on newer tractors. "If a farmer bought the tractor, he should be able to do whatever he wants with it," Kevin Kenney, a farmer and right-to-repair advocate in Nebraska, told me. "You want to replace a transmission and you take it to an independent mechanic -- he can put in the new transmission but the tractor can't drive out of the shop. Deere charges $230, plus $130 an hour for a technician to drive out and plug a connector into their USB port to authorize the part." "What you've got is technicians running around here with cracked Ukrainian John Deere software that they bought off the black market," he added.

Google Maps has received a neat feature that will help users remember where they parked. "This appears as a new menu option when you tap the blue dot, and will place a 'P' icon on the map so you can find your way back to your spot," reports Ars Technica. From the report: Google had already introduced its own proactive parking saving feature via Google Now, but it had worked by tapping into your phone's sensors and making a determination that you had most likely parked at a given spot. Sometimes, you might see this information appear when it was unwarranted, however -- like if you got off a bus or exited a taxi, Google says. The new feature in Google Maps requires a manual entry, but this is actually a bit of an advantage over the guessing done by Google Now, because it allows you to input more information about your spot. Like Apple Maps, you can add notes about where you parked -- something that's helpful for jotting down cross streets or which floor of a garage you're on, for example. But Google Maps also supports adding multiple photos of your parking location -- a common way people often note the parking space number in the garage, and then, via a separate shot, the floor, row, aisle and/or color code for the garage level itself. In addition, Google's parking location saver will let you enter in how much time you have left at the spot. This is handy if you're in a temporary parking area (e.g. "two hour parking"), or at metered space. The time left is displayed on the map, and when it's due to expire, Google Maps will alert you via push notification.

An anonymous reader writes: "A new User Access Control (UAC) bypass technique relies on altering Windows registry app paths and using the Backup and Restore utility to load malicious code without any security warning," reports BleepingComputer. The technique works when an attacker launches the Backup and Restore utility, which loads its control panel settings page. Because the utility doesn't known where this settings page is located, it queries the Windows Registry. The problem is that low-privileged users can modify Windows Registry values and point to malware. Because the Backup and Restore utility is a trusted application, UAC prompts are suppressed. This technique only works in Windows 10 (not earlier OS versions) and was tested with Windows 10 build 15031. A proof-of-concept script is available on GitHub. The same researcher had previously found two other UAC bypass techniques, one that abuses the Windows Event Viewer, and one that relies on the Windows 10 Disk Cleanup utility

Bill Gates argued governments should tax companies that use replace humans with robots, which "provoked enough negative feedback to fry a motherboard," according to CBS News. Here's how they summarized some of the reactions:

• "Why pick on robots?" former Treasury Secretary Summers asked in a Washington Post opinion piece, which called Gates "profoundly misguided." The economist argued that progress, however messy and disruptive sometimes, ultimately benefits society overall.
• Mike Shedlock, a financial adviser with Sitka Pacific Capital Management in Edmonds, Washington, wrote on his blog that robot owners, who likely would pay the tax, would simply pass it along by jacking up prices.
• The European Union's parliament in February rejected a measure to impose a tax on robots, using much the same reasoning as Gates' critics.

But even while acknowledging that technology can complement humans rather than replacing them, a Bloomberg columnist argues that "Gates is right to say that we should start thinking ahead of time about how to use policy to mitigate the disruptions of automation." So if we're not going to tax robots, then how should society handle the next great wave of automated labor?

Slashdot reader Tekla Perry writes: IEEE USA says H-1B visas are a tool used to avoid paying U.S. wages. "For every visa used by Google to hire a talented non-American for $126,000, ten Americans are replaced by outsourcing companies paying their H-1B workers $65,000," says the current IEEE USA president, writing with the past president and president-elect. The outsourcing companies, Infosys, Cognizant, Wipro, and Tata Consultancy in 2014 "used 21,695 visas, or more than 25 percent of all private-sector H-1B visas used that year. Microsoft, Google, Facebook, and Uber, for comparison, used only 1,763 visas, or 2 percent," they say.
On Friday, IEEE-USA also issued a new criticism about the lack of progress in reforming the H-1B program, saying "At least 50,000 Americans will lose their jobs this year because the president has yet to fulfill the promise he made to millions who voted for him."

An anonymous reader quotes a report from Ars Technica: Speculation that Sprint will merge with T-Mobile USA or another competitor has ramped up since the inauguration of President Donald Trump. That continued Friday when a report from The New York Times suggested that Sprint could be combined with either T-Mobile or Comcast, the nation's largest cable company. Masayoshi Son, founder and CEO of Sprint owner SoftBank, "and his financial advisers are weighing several major possible deals for Sprint," the Times wrote. "Be it a tie-up with T-Mobile U.S., Sprint's closest competitor, or a more ambitious marriage with the cable colossus Comcast, a transaction would allow Mr. Son to fulfill a long-held ambition to invest aggressively in wireless networks in the United States and enable next-generation mobile technology." Titled "The World's Top Tech Investor Is Betting Big on Trump," the Times report says that "the Trump administration's push for lighter regulation and lower taxes has been a powerful lure for cash-rich investors the world over." SoftBank, which is based in Japan, had several of its executives "spen[d] a day in Washington talking to senior members of Mr. Trump's economic team" last month, according to bankers who were briefed on the meetings, the Times report said. U.S. regulators opposed wireless consolidation during the Obama administration, preventing potential mergers between AT&T and T-Mobile and later between Sprint and T-Mobile. With four major nationwide carriers, U.S. wireless competition recently led to an expansion of unlimited data plans.

Mozilla has a new logo. The company has ditched the world "ill" from the name with a colon and two slashes. From a report: Last year, Mozilla, the internet company best known for the Firefox browser, publicly started the rebranding process by opening the door to public feedback. With several options on display, Mozilla asked for comments and input from all who cared to share. As of today, the new logo is official and the simple change is meant as a reminder that Mozilla is more than just a browser.

The Department of Defense is looking at ways to clean up the hundreds of thousands of training rounds used by the U.S. army. It is putting out the call for the development of biodegradable ammunition loaded with seeds that sprout plans after being discharged. New Atlas reports: At military facilities across the U.S. and indeed around the world, a huge number of rounds are fired for training purposes, ranging from low-velocity 40 mm grenades, to mortars, to 155 mm artillery rounds. All of these feature components that can take hundreds of years to biodegrade, and falling onto the ground in such great numbers means that finding and cleaning them up is no small task. But left behind, they can corrode and pollute the soil and water supplies. So the Department of Defense has put out a call for proposals through the Small Business Innovation Research agency that solve the problem. The DoD describes the solution as a naturally occurring biodegradable material that can replace those used in current training rounds. It imagines that the biodegradable composites will be capable of holding bioengineered seeds inside (a technology it says has been demonstrated previously), that won't germinate until they have been in the ground for several months. Then plants will sprout from the discharged ammunition that actively remove soil contaminants and consume the other biodegradable components. Also imperative is that animals are able to safely consume the plants.

An anonymous reader writes: Google started the Android One program to get affordable smartphones into all corners of the globe. Those devices cost around $100, which is very good for an up-to-date device. However, Google CEO Sundar Pichai doesn't think $100 is good enough. Even $50 is too much. His goal is $30. "The right price point for smartphones in India is $30, and pursuing high-quality smartphones at the price point will unlock it even more." ndia currently has the largest base of Android users, and most of those users have phones that cost less than $150. Pichai went on to say that cheaper devices are only part of the solution. They also need services that can run reliably on "flaky" networks. He says Google is working on making more services adapt to slow internet.

An anonymous reader writes: According to CVE Details, a website that aggregates historical data on security bugs that have received a CVE identifier, during 2016, security researchers have discovered and reported 523 security bugs in Google's Android OS, winner by far of this "award." The rest of the top 10 is made up by Debian (319 bugs), Ubuntu (278 bugs), Adobe Flash Player (266 bugs), openSUSE Leap (259 bugs), openSUSE (228 bugs), Adobe Acrobat DC (227 bugs), Adobe Acrobat Reader DC (227 bugs), Adobe Acrobat (224 bugs), and the Linux Kernel (216 bugs).

When it comes to software vendors, the company for which the largest number of new CVE numbers have been assigned was Oracle, with a whopping 798 CVEs, who edged out Google (698 bugs), Adobe (548 bugs), Microsoft (492 bugs), Novell (394), IBM (382 bugs), Cisco (353 bugs), Apple (324 bugs), Debian Project (320 bugs), and Canonical (280 bugs).

Google is updating their "Popular Times" feature in Search and Maps with real-time data that will be able to tell you how busy a place is in real time. PC Magazine reports: "Just in time for the Black Friday swarms, we're adding a real-time look at how crowded a place is right now, to help you decide where and when to go," Google Product Manager Jamie Aspinall wrote in a blog post. "Whether you're rushing to pick up a last-minute gift or seeking a lively bar for some festive spirit, check Popular Times for a sneak preview of what to expect when you arrive." If you're one of those people who always needs a plan, you're going to love the next new feature. You can now see how long people typically stay at a given location, so you can "plan your itinerary to the minute." "After all, you want to be sure you leave enough time to enjoy a cup of hot chocolate at your local sweets shop before heading to your dinner reservations," Aspinall pointed out. In addition, Google will be able to deliver more accurate business hours for your favorite establishments. "You'll know what time to pop by the pharmacy..., when food delivery begins at a nearby restaurant..., and what the service hours are at the auto dealership," Aspinall wrote.