Artem S. Tashkinov writes: 253 emails have been leaked from private (high-level) mailing lists of Debian, in which its representatives vocally complain about the talk Linus Torvalds gave at the most recent DebConf conference. Some people insist that he should be permanently banned from future conferences because the language he uses is inappropriate and infringes on the project's Code of Conduct. This could set a very bad precedent for the open source community, which has recently seen an influx of various CoC policies applied to a number of high-profile projects mostly after very vocal concerns from the people who barely participate in the open source community. Some observers believe that it's a plot by Microsoft to destroy the open source movement from the inside.

Read more of this story at Slashdot.

schwit1 shares a report from NASASpaceFlight: China launched a new experimental reusable space vehicle on Thursday from the Jiuquan Satellite Launch Center using a Long March-2F/T -- Chang Zheng-2F/T -- launch vehicle. Launch from the LC43/91 launch complex, under a veil of secrecy with no official launch photos or even a launch time disclosed. Chinese media emitted a laconic report referring, that "the test spacecraft will be in orbit for a period of time before returning to the domestic scheduled landing site. During this period, it will carry out reusable technology verification as planned to provide technical support for the peaceful use of space."

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Verge: Today, the Trump administration released its fifth Space Policy Directive, this one designed to come up with a list of best practices for the space industry on how to protect their spacecraft from cyber threats. The goal is to encourage the government and space industry to create their space vehicles with cybersecurity plans in place, incorporating tools like encryption software and other protections when designing, building, and operating their vehicles. [...] To combat these threats, Space Policy Directive 5 lays out guidelines that companies should try to adhere to as they launch satellites and other vehicles to space. The administration is recommending operators use various types of software to ensure that the data they receive from their spacecraft is encrypted. The directive also encourages companies to use trusted supply chains and oversee the safety of their ground systems -- the facilities they use to send signals and retrieve data from their spacecraft. The report also recommends protecting against jamming and spoofing of satellites. "Sometimes the jamming can be fairly crude; other cases, some of the spoofing can be fairly sophisticated if somebody's trying to get on board," one official said. "So there's a whole range of things that you need to look at kind of end-to-end." Ultimately, the directive says that government agencies should work with commercial companies to further refine what these best cybersecurity practices should be, especially since many in the space industry already implement these strategies when building and launching vehicles. [...] SPD-5 is the latest policy directive from the Trump administration designed to shape the U.S. space agenda. Trump's first directive instructed NASA to send humans back to the Moon, while other directives have focused on coming up with a way to oversee space traffic and streamlining regulations for space licenses.

Read more of this story at Slashdot.

Russia's "Sputnik-V" COVID-19 vaccine produced an antibody response in all participants in early-stage trials, according to results published on Friday by The Lancet medical journal that were hailed by Moscow as an answer to its critics. Reuters reports: The results of the two trials, conducted in June-July this year and involving 76 participants, showed 100% of participants developing antibodies to the new coronavirus and no serious side effects, The Lancet said. Russia licensed the two-shot jab for domestic use in August, the first country to do so and before any data had been published or a large-scale trial begun. "The two 42-day trials -- including 38 healthy adults each -- did not find any serious adverse effects among participants, and confirmed that the vaccine candidates elicit an antibody response," The Lancet said. "Large, long-term trials including a placebo comparison, and further monitoring are needed to establish the long-term safety and effectiveness of the vaccine for preventing COVID-19 infection," it said. The vaccine is named Sputnik-V in homage to the world's first satellite, launched by the Soviet Union. Some Western experts have warned against its use until all internationally approved testing and regulatory steps have been taken. But with the results now published for the first time in an international peer-reviewed journal, and with a 40,000-strong later-stage trial launched last week, a senior Russian official said Moscow had faced down its critics abroad. "With this (publication) we answer all of the questions of the West that were diligently asked over the past three weeks, frankly with the clear goal of tarnishing the Russian vaccine," said Kirill Dmitriev, the head of the Russian Direct Investment Fund (RDIF), Russia's sovereign wealth fund, which has backed the vaccine. "All of the boxes are checked," he told Reuters. "Now... we will start asking questions of some of the Western vaccines."

Read more of this story at Slashdot.

The French government unveiled a massive $120 billion stimulus package earlier this week to recover from the economic downturn -- it represents 4% of the country's GDP. As part of this support plan, the government plans to spend a significant chunk of money on all things digital -- startup investment, infrastructure investment and digital transformation. From a report: I interviewed France's digital minister Cedric O earlier today to get some details on how it's going to work. Overall, France will spend $8.4 billion on digital investments. This is a new investment plan for the next two years. It's different from the economic rescue plan that was rolled out earlier this year. That one was designed as a stopgap for the early days of the economic crisis. "With 7 billion euro, I think the digital sector is the sector that is receiving the biggest investment overall compared to all other sectors except the environmental sector," Cedric O said. Ten years ago, the French government launched an investment program dedicated to innovation, from scientific research to R&D spendings. The government is launching the fourth iteration of this program (Programme d'investissements d'avenir). It's a $13 billion investment plan (11 billion euro) and it covers a ton of stuff. But nearly $1 billion (800 million euro) will be dedicated to state aid for French startups over the next couple of years.

Read more of this story at Slashdot.

Until Wednesday, a single text message sent through Cisco's Jabber collaboration application was all it took to touch off a self-replicating attack that would spread malware from one Windows user to another, researchers who developed the exploit said. Ars Technica reports: The wormable attack was the result of several flaws, which Cisco patched on Wednesday, in the Chromium Embedded Framework that forms the foundation of the Jabber client. A filter that's designed to block potentially malicious content in incoming messages failed to scrutinize code that invoked a programming interface known as "onanimationstart." But even then, the filter still blocked content that contained , an HTML tag that had to be included in a malicious payload. To bypass that protection, the researchers used code that was tailored to a built-in animation component called spinner-grow. With that, the researchers were able to achieve a cross-site scripting exploit that injected a malicious payload directly into the internals of the browser built into Jabber. A security sandbox built into the Chromium Embedded Framework, or CEF, would normally store the payload in a container that's isolated from sensitive parts of the app. To work around this constraint, the researchers abused the window.CallCppFunction, which is designed to open files sent by other Cisco Jabber users. By manipulating a function parameter that accepts files, the researchers were able to break out of the sandbox. "Since Cisco Jabber supports file transfers, an attacker can initiate a file transfer containing a malicious .exe file and force the victim to accept it using an XSS attack," researchers from security firm Watchcom Security wrote in a post. "The attacker can then trigger a call to window.CallCppFunction, causing the malicious file to be executed on the victim's machine." Accordingly, CVE-2020-3495, the designation assigned to the Cisco Jabber vulnerability, has a severity rating of 9.9 out of a maximum 10 based on the Common Vulnerability Scoring System. Cisco's advisory has more details here.

Read more of this story at Slashdot.

Since Huawei's latest smartphones have no access to Google's Play Store, many crucial apps aren't available. David Phelan from Forbes reports that TomTom Go Navigation has launched on Huawei's own "AppGallery" app store, filling the void of navigation apps and making AppGallery a potent alternative to Google's Play Store. Phelan writes: TomTom [...] is an unquestionable big beast in the world of mapping with huge name recognition. It also has an offline setting, something that's strikingly important for navigation apps, since you may well be using it abroad where roaming costs can be high. With TomTom Go Navigation, detailed 3D maps are stored on the phone. TomTom specialities include moving lane guidance which helps drivers navigate intersections by indicating which lane is best. You can also customize maps by adding or deleting regions as needed. The only downside is that TomTom Go Navigation, unlike Here WeGo and indeed Google Maps, is not free. There's a 30-day free trial, after which it costs $12.99 per year, $8.99 for six months or $1.99 per month. This is not TomTom's first collaboration with Huawei. The company uses TomTom's mapping solution in its Huawei Mobile Services kits, which developers can use â" ride-share apps need mapping kits, for example. Those are not accessible to consumers, of course, but this app, based on the same mapping, is. Oh, and that's not the end of the story. Huawei's own Maps app is coming and is being developed in conjunction with TomTom. It Huawei gets it right, it could diminish the loyalty to Google Maps decisively.

Read more of this story at Slashdot.

An anonymous reader quotes a report from CNBC: The Pentagon said Friday it will stick with Microsoft for a major cloud contract that has been disputed in court for months. The JEDI, or Joint Enterprise Defense Infrastructure, deal has become one of the most hotly contested contracts for the Department of Defense. The contract is intended to modernize the Pentagon's colossal IT infrastructure and could be valued up to $10 billion for services rendered over as many as 10 years. "The Department has completed its comprehensive re-evaluation of the JEDI Cloud proposals and determined that Microsoft's proposal continues to represent the best value to the Government," the Pentagon said in a statement. "The JEDI Cloud contract is a firm-fixed-price, indefinite-delivery/indefinite-quantity contract that will make a full range of cloud computing services available to the DoD. While contract performance will not begin immediately due to the Preliminary Injunction Order issued by the Court of Federal Claims on February 13, 2020, DoD is eager to begin delivering this capability to our men and women in uniform." The outcome represents a loss for Amazon, which challenge the award of the contract after the Pentagon gave it to Microsoft in October. An Amazon representative did not immediately respond to request for comment. "We appreciate that after careful review, the DoD confirmed that we offered the right technology and the best value. We're ready to get to work and make sure that those who serve our country have access to this much needed technology," a Microsoft spokesperson told CNBC in an email.

Read more of this story at Slashdot.

Amazon.com contract drivers have noticed a sudden change this week in how the company assigns delivery routes, a sign that it has found a way to prevent rogue operators from gaming the system to snatch orders first. From a report: Bloomberg on Tuesday revealed that drivers were putting smartphones in trees outside Whole Foods and Amazon delivery stations in the Chicago area to get a jump on rivals. Drivers in Las Vegas and the Washington, D.C., area also reported spotting mysterious phones outside Whole Foods locations. Several drivers in cities around the U.S. said they're now getting more routes even when they're several miles from Whole Foods locations, an abrupt change from the past several weeks when they said such work was scarce. One driver said the phones once placed in trees near a Chicago-area Whole Foods have disappeared, along with the people who lurked nearby. A driver in Tennessee who lives next to a Whole Foods and received offers every morning said he's no longer getting them.

Read more of this story at Slashdot.

Dev & Gear created a long list of YouTube channels that offer technical videos to help you learn web development from scratch or just improve your skills. Some of the channels listed include: LearnCode.academy, Dev Ed, Traversy Media, Codecourse, and Wes Bos. Is your favorite YouTube channel for web development and programming included on the list? If not, let us know what it is in a comment.

Read more of this story at Slashdot.

schwit1 shares a report from VentureBeat: As physical retail struggles amid the global pandemic, storeowners are rapidly trying to adapt to new realities that also include growing competition from Amazon. But a French startup called Storelift believes it can create a new convenience store concept that leans on many of the same AI and computer vision tools used in Amazon Go stores to reinvent the shopping and checkout experience. This week, Storelift announced that it has launched its first two stores under the name "Boxy." The Boxy stores are repurposed shipping containers that can be plopped down in various urban neighborhoods that lack good shopping options. The founders believe their approach demonstrates how businesses can exploit new shopping niches with the help of sensors, data, and AI that allows them to optimize their inventory and reduce costs. To shop at Boxy, a customer downloads the Boxy app on their smartphone and then scans the QR code to enter the store. When customers take a product, it is identified through the computer vision algorithms and the weight sensors on the shelves. When the customer leaves, they scan their QR code again and checkout happens automatically. The key to improving efficiency is the data the company is collecting as people shop. The shelves that detect weight, along with computer vision cameras, know when a product is picked up, looked at, and then either put in the basket or back on the shelf. In some cases, because the company knows a customer is possibly interested in a product, they can offer a discount on the spot to nudge them along. Internally, the company's machine learning system is analyzing gestures and decisions made by the customer to suggest improvements in product selection, pricing, and placement.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TorrentFreak: Every day, millions of people download or stream pirated content including movies, TV-shows, games, MP3s, and books. Many of these files originate from a small and tightly organized 'community' commonly known as The Scene, which is made up of dozens of smaller 'release groups.' These groups tend to operate in the shadows with little or no public profile. At least, that's what the unwritten rules dictate. That's for good reason as the people involved risk high prison sentences when caught. It's very rare for Scene group members to get busted but last week the US Government claimed a major victory. With help from international law enforcement partners, several raids and arrests were carried out, with the SPARKS group at the center of it all. As soon as the first rumors about the raids started spreading on Tuesday, the number of Scene releases started to drop. A day later, when confirmation came in, it became even quieter. With data provided by Predb.org we take a closer look at these dropoffs, showing that some categories are affected more than others. Before delving into detailed groups, it's worth pointing out the overall impact, which can be summarized in two numbers. On Wednesday, August 19, there were 1944 new releases. A week later, a day after the first raids, this number was down to 168 releases. The drop in new releases happened across all categories.

Read more of this story at Slashdot.

Amazon has deleted approximately 20,000 product reviews, written by seven of its top 10 UK reviewers, following a Financial Times investigation (Editor's note: the link may be paywalled; alternative source) into suspicious activity. From a report: The FT found evidence the users were profiting from posting thousands of five-star ratings. Those who had their reviews deleted included Justin Fryer, the number one-ranked reviewer on Amazon.co.uk, who in August alone reviewed $19,000 worth of products, from smartphones to electric scooters to gym equipment, giving his five-star approval on average once every four hours. Overwhelmingly, those products were from little-known Chinese brands, who often offer to send reviewers products for free in return for positive posts. Mr Fryer then appears to have sold many of the goods on eBay, making nearly $26,500 since June. When contacted by the FT, Mr Fryer denied posting paid-for reviews -- before deleting his review history from his Amazon profile page. Mr Fryer said the eBay listings, which described products as "unused" and "unopened", were for duplicates. At least two other top 10-ranked Amazon UK reviewers removed their history after Mr Fryer. Another prominent reviewer, outside the top 10, removed his name and reviews, and changed his profile picture to display the words "please go away". The FT's analysis suggested that nine of Amazon's current UK top 10 providers of ratings were engaged in suspicious behaviour, with huge numbers of five-star reviews of exclusively Chinese products from unknown brands and manufacturers. Many of the same items were seen by the FT in groups and forums offering free products or money in exchange for reviews.

Read more of this story at Slashdot.

As schools start around the US, many face a problem with getting all their students connected for virtual classes. To help with that crisis, T-Mobile has launched its grant program that aims to eliminate the so-called homework gap. From a report: Unveiled a year ago, Project 10Million will provide hotspots and free connectivity for millions of students around the country. Now that T-Mobile and Sprint have merged, the combined company has hammered out the project's specifics and is opening it up to schools on Thursday. It has allocated $10.7 billion over the life of the 10-year program, up from the initial $10 billion pledge in late 2019. "Our mission is to not stop until we've provided the connectivity and devices for students to be connected who can't afford to be connected, so that they can do their homework," T-Mobile Chief Marketing Officer Matt Staneff said in an interview ahead of the news. "We believe we can make a difference, and we're taking this on at scale." Students who are part of the national free- and reduced-price lunch program for low-income families will qualify for Project 10Million. A school district applies for the grant and is able to specify the needs of its students. It doesn't share personal, identifying data with T-Mobile, aside from a ZIP code at times to be sure students have steady T-Mobile service where they live. The schools handle the distribution of the hotspots and can tap into dedicated T-Mobile support for setting up the device or other troubleshooting.

Read more of this story at Slashdot.

The Federal Communications Commission on Friday said it could cost an estimated $1.8 billion to remove and replace Huawei and ZTE equipment that's in US telecommunications networks receiving federal funds. From a report: In June, the FCC officially classified Huawei and ZTE as national security threats, though since 2019, the agency has barred carriers from using its $8.3 billion a year Universal Service Fund to purchase equipment from the two Chinese tech giants. US President Donald Trump also signed legislation in March that stops carriers from using government funds to buy network equipment from Huawei and ZTE. "By identifying the presence of insecure equipment and services in our networks, we can now work to ensure that these networks -- especially those of small and rural carriers -- rely on infrastructure from trusted vendors," said FCC Chairman Ajit Pa in a release, adding that he would "once again strongly urge" Congress to appropriate funding to reimburse carriers.

Read more of this story at Slashdot.

Mark Zuckerberg tells "Axios on HBO" that Facebook is imposing new election rules to deter use of the platform to spread of misinformation and even violence, and to help voters see the results as "legitimate and fair." From a report: The new measures, announced Thursday, include throwing a flag on posts by candidates who claim premature victory, and forbidding new ads within a week of Election Day. "There is, unfortunately, I think, a heightened risk of civil unrest in the period between voting and a result being called," Zuckerberg told Axios' Mike Allen. "I think we need to be doing everything that we can to reduce the chances of violence or civil unrest in the wake of this election."

Read more of this story at Slashdot.

The terrorist group is defeated and routed. But its backup plan survives. From a report: It all began on October 27, 2019. Rumour was, Abu Bakr al Baghdadi, the leader of Isis, was dead. Nothing was confirmed, but already the jihadist world online was thrumming with excitement and trepidation. "I was walking through an airport," Moustafa Ayad tells me. "Jet-lagged out of my mind." A deputy director of the counter-extremism think tank Institute of Strategic Dialogue (ISD), Ayad tries to stay on top of the constant struggles and skirmishes, retreats and resurgences between Isis and their many enemies online. That day, as he scrolled through his phone, a blitz of Isis propaganda stared back at him. The digital Jihad was raising a dirge to Baghdadi on Twitter. Flitting from account to pro-Isis account, Ayad noticed something strange. Some accounts carried short, discreet links, not within their tweets, but nestled in their biographies. He clicked. The link, he realised, was not quite like any other he'd ever followed before. On his phone, Ayad saw folder after folder of meticulously catalogued terrorist content. "I thought it was a joke," Ayad says. "Some kind of scam." In the echoing marbled expanse of Dubai International Airport, on public Wi-Fi, in a Starbucks queue, he had stumbled upon a gigantic, sprawling cache of Isis material. He clicked on a PowerPoint presentation, one of countless now in front of him. "Al Qaeda Airlines", it said: a case study of the mechanics of hijacking planes, making your own chloroform, and the cell structure needed to organise a coordinated terrorist attack. Just then, a dim tannoy announced his flight. Over the weeks that followed, Ayad and his colleagues at the ISD began their journey through the cache. At first glance, the cache looks like a bunch of files on DropBox -- its colour palette an on-brand Isis black-and-white, with a roster of ordinary folders. But the first thing you notice is the size. Its 4,000 folders hold over a terabyte and a half of multimedia multilingual content, spanning Arabic, English, German, French, Spanish, Russian, Bangla, Turkish, and Pashto. "It's a blueprint for terrorism, complete with footnotes" Ayad tells me. "It's everything anyone with an inclination for violence would need to carry out an attack." The cache's content is a blend of the official products of Isis itself with those of often more obscure precursors, such as the Tawhid wal-Jihad Group, who fought coalition forces in Iraq, and the umbrella organisation of other insurgent groups, Majlis Shura al-Mujahidin. A small amount of it -- just a few per cent by size -- captures in screeds and sermons the ideas of key ideologues of Isis itself. The key personality in the "Fatwas over the Airwaves" folder, for instance, is Turki al Banali, a Bahraini cleric-turned-recruiter who in each episode desperately gives the core concepts of Salafi Jihadism an Isis-friendly spin. Much of the stash, however, simply portrays daily life within Isis, back when the terrorist group still controlled a chunk of territory sitting astride Syria and Iraq. There are school curricula covering the six core subjects that, some estimates believe, were once taught to 130,000 children: English, PE, Arabic, Koranic Studies, Geography & History and a subject called "'ideology", a course of indoctrination in Isis's party lines expounding on the death and destruction awaiting all those who strayed outside of them. It is a mix of the banal and the horrifying -- conjugating verbs and killing the infidels, where early readers learn that "S is for sniper" and "G is for grenade".

Read more of this story at Slashdot.

Antibodies that people make to fight the new coronavirus last for at least four months after diagnosis and do not fade quickly as some earlier reports suggested, scientists have found. From a report: Tuesday's report, from tests on more than 30,000 people in Iceland, is the most extensive work yet on the immune system's response to the virus over time, and is good news for efforts to develop vaccines. If a vaccine can spur production of long-lasting antibodies as natural infection seems to do, it gives hope that "immunity to this unpredictable and highly contagious virus may not be fleeting," scientists from Harvard University and the U.S. National Institutes of Health wrote in a commentary published with the study in the New England Journal of Medicine. One of the big mysteries of the pandemic is whether having had the coronavirus helps protect against future infection, and for how long. Some smaller studies previously suggested that antibodies may disappear quickly and that some people with few or no symptoms may not make many at all. The new study was done by Reykjavik-based deCODE Genetics, a subsidiary of the U.S. biotech company Amgen, with several hospitals, universities and health officials in Iceland. The country tested 15% of its population since late February, when its first COVID-19 cases were detected, giving a solid base for comparisons.

Read more of this story at Slashdot.

An anonymous reader shares a report: "Mulan" producer Jason Reed was in Mexico City last March promoting his soon-to-be-released film when he got the call that Walt Disney was postponing its debut due to the coronavirus. What followed was a summer of discussions between Disney, Reed and director Niki Caro as the company wrestled with when and how to release the $200 million live-action remake of its 1998 animated hit. This weekend they'll all get to see if they made the right call. Disney is making "Mulan" available on its Disney+ streaming service for an extra $30 starting Friday. The film now joins others, including Universal's "Trolls World Tour" and Warner Bros.' "Scoob!," in bypassing theaters and going directly to consumers. It's a trend that has many in Hollywood concerned about the future of films in theaters. They might be worrying too much. Without theaters, Disney and other studios would struggle to replace the revenue they have historically gotten from releasing big-budget films first in cinemas, then home video and later TV. "They understand how important the theater is as a channel for distribution," said Steve Nason, research director at the consulting firm Parks Associates. "They just couldn't wait any longer." Prior to the pandemic, "Mulan" had been scheduled to hit theaters March 27. The company had already held the red-carpet premiere and spent heavily on advertising. But the film was postponed three times before its Disney+ debut was set. Reviews so far are fairly strong. "Disney's spectacular do-over deserves the biggest screen possible," read the headline in Variety. Rotten Tomatoes gives the movie a 79% fresh rating, showing most critics agree. Disney is trying a hybrid approach. It's releasing the film in theaters in Asia, where cinemas have been back open longer and the Asian cast and story are likely to have strong appeal. In the U.S. and Europe, "Mulan" will be online, where Disney+ has already built a sizable subscriber base.

Read more of this story at Slashdot.