An anonymous reader quotes a report from Motherboard: Grayshift, a company that offers to unlock modern iPhones for as little as $50 each, has caused a buzz across law enforcement agencies, with local police already putting down cash for the much sought-after tech. Now, it appears a section of the U.S. State Department has also purchased the iPhone cracking tool, judging by procurement records reviewed by Motherboard. Grayshift's iPhone product, dubbed GrayKey, can unlock devices running versions of Apple's latest mobile operating system iOS 11, according to marketing material obtained by Forbes. An online version of GrayKey which allows 300 unlocks costs $15,000 (which boils down to $50 per device), and an offline capability with unlimited uses is $30,000. According to a recent post from cybersecurity firm Malwarebytes, which obtained leaked details on GrayKey, the product itself is a small, four inch by four inch box, and two iPhones can be connected at once via lightning cables. Malwarebytes adds that the time it takes to unlock a device varies depending on the strength of the user's passcode: it may be hours or days. Notably, Grayshift includes an ex-Apple engineer on its staff, Forbes reported.

On March 6, the State Department ordered an item from Grayshift for just over $15,000, according to a purchase order listing available on the U.S. government's public federal procurement data system. The listing is sparse on details, putting the order under the generic label of "computer and computer peripheral equipment." But Motherboard confirmed that the Grayshift in the State Department listing is the same as the one selling iPhone cracking tech: the phone number of the vendor in both the purchase order and documents Motherboard previously obtained detailing a GrayKey purchase by Indiana State Police is the same. The "funding office" for the Grayshift purchase was the Bureau of Diplomatic Security, according to the procurement records. The Bureau acts as the law enforcement and security arm of the State Department, bearing "the core responsibility for providing a safe environment for the conduct of U.S. foreign policy," the State Department website reads.

fstack writes: Pi Day was marked this year by the launch of the Raspberry Pi 3 Model B+ as the next evolution to this $35 ARM single-board computer. Phoronix has now put out Raspberry Pi 3 B+ benchmarks showing that the Ethernet performance is indeed much faster now but still doesn't stack up to other high performance boards, the SoC temperature is noticeably lower than the very warm Raspberry Pi 3, and the overall performance is a nice upgrade while retaining the same price point as its predecessors. Follow up tests looking at the Wi-Fi performance also show the new 802.11ac dual-band wireless to be much faster as well.

An anonymous reader quotes a report from Motherboard: Porn performer Avey Moon was trying to send the lucky winner of her Chaturbate contest his prize -- one of her videos, titled "POV Blowjob" -- through her Google Drive account. But it wouldn't send, and Google wasn't telling her why. "I thought there was something wrong with my file and I got rather worried," Moon told me in a Twitter message. "I had promised this guy his content and he was so good to me. I was panicked because I thought if I couldn't give him his prize, he would feel like he got ripped off and never come back again or worse, he could actually file a complaint with Chaturbate about me and they can take money from me." She's not alone. Six porn performers I talked to and more on social media said that they suddenly can't download adult content they keep on Google Drive. They also said they can't a share that content with other accounts or send to clients. In some cases, the adult content is disappearing from Drive without warning or explanation. The porn performers I talked to started sounding the alarm on Twitter last week. They said that Google Drive no longer seemed sex-trade friendly, detailing error messages and sharing cloud storage alternatives with each other.

When I asked about sexual content being blocked on Drive, a spokesperson for Google directed me to the Drive policy page -- specifically the section on sexually explicit material, which says, "Do not publish sexually explicit or pornographic images or videos.... Additionally, we do not allow content that drives traffic to commercial pornography." Writing about porn and sex is permitted, the policy states, as long as it's not accompanied by sexually explicit images or videos. According to Google, Drive uses a combination of automated systems and manual review to decide what's in violation. One worker said they've been using Google Drive for most of the last five and a half years but just recently received an error message when sending a video, saying that the item may violate Google's Terms of Service, with a link to request a review. In this case, the video title was explicit, but other adult performers report similar messages when sending content with non-explicit titles. "Some sex workers are wondering if this has something to do with the impending vote on the SESTA-FOSTA bill," reports Motherboard. We now have learned that the Senate has passed the bill.

"FBI and Justice Department officials have been quietly meeting with security researchers who have been working on approaches to provide such 'extraordinary access' to encrypted devices," reports The New York Times (alternative source), citing people familiar with the matter. Justice Department officials believe that these "mechanisms allowing access to the data" exist without weakening the devices' security against hacking. Slashdot reader schwit1 shares the report: Against that backdrop, law enforcement officials have revived talks inside the executive branch over whether to ask Congress to enact legislation mandating the access mechanisms. The Trump White House circulated a memo last month among security and economic agencies outlining ways to think about solving the problem, officials said. The FBI has been agitating for versions of such a mandate since 2010, complaining that the spreading use of encryption is eroding investigators' ability to carry out wiretap orders and search warrants -- a problem it calls "going dark." The issue repeatedly flared without resolution under the Obama administration, peaking in 2016, when the government tried to force Apple to help it break into the iPhone of one of the attackers in the terrorist assault in San Bernardino, Calif. The debate receded when the Trump administration took office, but in recent months top officials like Rod J. Rosenstein, the deputy attorney general, and Christopher A. Wray, the FBI director, have begun talking publicly about the "going dark" problem. The National Security Council and the Justice Department declined to comment about the internal deliberations. The people familiar with the talks spoke on the condition of anonymity, cautioning that they were at a preliminary stage and that no request for legislation was imminent. But the renewed push is certain to be met with resistance.

theodp writes: Nearly a week after an autonomous Uber SUV claimed the first life in testing of self-driving vehicles, The Washington Post reports that Waymo CEO John Krafcik says he is confident its cars would have performed differently under the circumstances (Warning: source may be paywalled; alternative source), since they are intensively programmed to avoid such calamities. "I can say with some confidence that in situations like that one with pedestrians -- in this case a pedestrian with a bicycle -- we have a lot of confidence that our technology would be robust and would be able to handle situations like that," Krafcik said Saturday when asked if a Waymo car would have reacted differently than the self-driving Uber.

In explaining its since-settled lawsuit against Uber last year, Google charged that Uber was "using key parts of Waymo's self-driving technology," and added it was "seeking an injunction to stop the misappropriation of our designs." In announcing the settlement of the lawsuit last month, Uber CEO Dara Khosrowshahi noted, "we are taking steps with Waymo to ensure our LIDAR and software represents just our good work." A Google spokesperson added, "We have reached an agreement with Uber that we believe will protect Waymo's intellectual property now and into the future. We are committed to working with Uber to make sure that each company develops its own technology. This includes an agreement to ensure that any Waymo confidential information is not being incorporated in Uber Advanced Technologies Group hardware and software." All of which might prompt some to ask: was Elaine Herzberg collateral damage in Google and Uber's IP war? "I want to be really respectful of Elaine [Herzberg], the woman who lost her life and her family," Krafcik continued. "I also want to recognize the fact that there are many different investigations going on now regarding what happened in Tempe on Sunday." His assessment, he said, was "based on our knowledge of what we've seen so far with the accident and our own knowledge of the robustness that we've designed into our systems."

An anonymous reader quotes the AFP: Earth Hour, which started in Australia in 2007, is being observed by millions of supporters in 187 countries, who are turning off their lights at 8.30pm local time in what organisers describe as the world's "largest grassroots movement for climate change"... In Paris, the Eiffel Tower plunged into darkness as President Emmanuel Macron urged people to join in and "show you are willing to join the fight for nature". "The time for denial is long past. We are losing not only our battle against climate change, but also our battle against the collapse of biodiversity," he said on Twitter. Moscow's Red Square also fell dark and the Russian section of the International Space Station dipped its lights, the Ria Novisti news agency said... UN Secretary-General Antonio Guterres said the event "comes at a time of huge pressure on people and planet alike. Resources and ecosystems across the world are under assault. Earth hour is an opportunity to show our resolve to change."
Other landmarks "going dark" include the Empire State Building in New York and the Sydney Opera House, as well as the harbour skylines of Hong Kong and Singapore.

Yesterday Dropbox finally launched its stock on NASDAQ. Reuters reports: Dropbox Inc's shares closed at $28.42, up more than 35 percent in their first day of trading on Friday, as investors rushed to buy into the biggest technology initial public offering in more than a year even as the wider sector languished... At the stock's opening price, Dropbox had a market valuation of $12.67 billion, well above the $10 billion valuation it had in its last private funding round... It has yet to turn a profit, which is common for startups that invest heavily in growth. As a public company Dropbox will be under pressure to quickly trim its losses. The 11-year old company reported revenue of $1.11 billion in 2017, up from $844.8 million a year earlier. Its net loss nearly halved from $210.2 million in 2016.
CNBC reports that Y Combinator almost passed on a chance to invest in Dropbox -- which became its first IPO ever -- "because it had misgivings about bringing on a solo entrepreneur." After Drew Houston, the creator of Dropbox, scrambled to find a co-founder in time for his in-person interview, the company was admitted into YC in 2007. Four years later, venture capitalists poured money into Dropbox at a $4 billion valuation. YC has since become a power player in Silicon Valley, helping spawn numerous companies valued at over $1 billion today including Stripe, Airbnb, Instacart and Coinbase. It also backed Twitch, which Amazon acquired in 2014 for about $970 million, and the self-driving tech start-up Cruise, which GM bought in 2016 for over $1 billion. But in its 13-year history, YC had yet to see any of its companies go public until Dropbox's stock market debut on Friday...

Houston is now worth over $3 billion and co-founder Arash Ferdowsi owns shares valued at more than $1 billion.
Dropbox's Twitter feed posted a video from their NASDAQ debut, adding "We're so thankful for the 500 million registered users who helped us get here."

Apple is holding an education-focused event on Tuesday where it's expected to launch a "low-cost iPad" alongside new education software. The goal is to win back students and teachers who have adopted similar products/services from rivals Google and Microsoft. Bloomberg reports: In its first major product event of the year, Apple will return to its roots in the education market. The event on Tuesday at Lane Technical College Prep High School in Chicago will mark the first time Apple has held a product launch geared toward education since 2012 when it unveiled a tool for designing e-books for the iPad. It's also a rare occasion for an Apple confab outside its home state of California. In Chicago, the world's most-valuable technology company plans to show off a new version of its cheapest iPad that should appeal to the education market, said people familiar with the matter. The company will also showcase new software for the classroom, said the people, who asked not to be identified discussing private plans. Apple declined to comment.

hyperclocker shares a report from Android Police: The touchscreen on your phone is the primary way you interact with it, so it absolutely needs to work. That makes problems like so-called "dead zones" or ignored/unregistered inputs among the most annoying out there. Based on reports, many are running into those types of touchscreen input problems with Samsung's Galaxy S9+. It's tough to tell precisely how common the problem might be. Few users are as apt to report issues as Pixel-purchasers, so we can't quite compare things against our coverage for Google's hardware. But from what we have seen in places like Reddit, it's reasonably widespread. The problem manifests as you'd expect: a chunk of the touchscreen's digitizer just doesn't seem to work. Interestingly, not all users are reporting issues with the same physical areas of the display. For some, it's the top of the screen that isn't accepting input -- resulting in an inability to pull down the notification tray -- but for others, it's the bottom of the screen that's wonking out in the traditional keyboard input area. A few people have been able to diminish the effect by cranking up the touchscreen sensitivity, and there's at least one report of a factory reset fixing things. But for many, the problem persists between wipes. Worse, some people with the problem have experienced further issues seeking help via Samsung's support process if a trade-in was involved. Samsung has released a statement concerning these reports: "At Samsung, customer satisfaction is core to our business and we aim to deliver the best possible experience. We are looking into a limited number of reports of Galaxy S9/S9+ touchscreen responsiveness issues. We are working with affected customers and investigating. We encourage any customer with questions to contact us directly at 1-800-SAMSUNG."

An anonymous reader writes: Makers of Mint Box, a diminutive desktop which runs Linux Mint -- an Ubuntu-based OS, on Friday announced the Mintbox Mini 2. While the new model has several new aspects, the most significant is that the Linux Mint Team has switched from AMD to Intel (the original Mini used an A4-Micro 6400T). For $299, the Mintbox Mini 2 comes with a quad-core Intel Celeron J3455 processor, 4GB of RAM, and a 60GB SSD. For $50 more you can opt for the "Pro" model which doubles the RAM to 8GB and increases the SSD capacity to 120GB. Graphics are fairly anemic, as it uses integrated Intel HD 500, but come on -- you shouldn't expect to game with this thing. For video connectivity, you get both HDMI and Mini DisplayPort. Both can push 4K, and while the mini DP port can do 60Hz, the HDMI is limited to 30.

capedgirardeau shares a report from Digital Journal: Researchers with the renowned Ramazzini Institute (RI) in Italy announce that a large-scale, lifetime study (PDF) of lab animals exposed to environmental levels of cell tower radiation developed cancer. The RI study also found increases in malignant brain (glial) tumors in female rats and precancerous conditions including Schwann cells hyperplasia in both male and female rats. A study of much higher levels of cell phone radiofrequency (RF) radiation, from the U.S. National Toxicology Program (NTP), has also reported finding the same unusual cancer called Schwannoma of the heart in male rats treated at the highest dose.

The Ramazzini study exposed 2448 Sprague-Dawley rats from prenatal life until their natural death to "environmental" cell tower radiation for 19 hours per day (1.8 GHz GSM radiofrequency radiation (RFR) of 5, 25 and 50 V/m). RI exposures mimicked base station emissions like those from cell tower antennas, and exposure levels were far less than those used in the NTP studies of cell phone radiation. "All of the exposures used in the Ramazzini study were below the U.S. FCC limits. These are permissible exposures according the FCC. In other words, a person can legally be exposed to this level of radiation. Yet cancers occurred in these animals at these legally permitted levels. The Ramazzini findings are consistent with the NTP study demonstrating these effects are a reproducible finding," explained Ronald Melnick PhD, formerly the Senior NIH toxicologist who led the design of the NTP study on cell phone radiation now a Senior Science Advisor to Environmental Health Trust (EHT). "Governments need to strengthen regulations to protect the public from these harmful non-thermal exposures."

dryriver shares a report from the BBC: The government in South Korea's capital is introducing a new initiative to force its employees to leave work on time -- by powering down all their computers at 20:00 on Fridays. It says it is trying to stop a "culture of working overtime." South Korea has some of the longest working hours in the world. Government employees there work an average of 2,739 hours a year -- about 1,000 hours more than workers in other developed countries. The shutdown initiative in the Seoul Metropolitan Government is set to roll out across three phases over the next three months. The program will begin on March 30, with all computers switched off by 20:00. The second phase starts in April, with employees having their computers turned off by 19:30 on the second and fourth Friday that month. From May on, the program will be in full-swing, with computers shut off by 19:00 every Friday. According to a SMG statement, all employees will be subjected to the shutdown, though exemptions may be provided in special circumstances. However, not every government worker seems to be on-board -- according to the SMG, 67.1% of government workers have asked to be exempt from the forced lights-out. Earlier this month, South Korea's national assembly passed a law to cut down the maximum weekly working hours to 52, down from 68.'

Ever since the Tempe police released a video of Uber's self-driving car hitting and killing a pedestrian, experts have been racing to analyze the footage and determine what exactly went wrong. (If you haven't watched the video, you can do so here. Warning: it's disturbing, though the actual impact is removed.) In a blog post, software architect and entrepreneur Brad Templeton highlights some of the big issues with the video:
1. On this empty road, the LIDAR is very capable of detecting her. If it was operating, there is no way that it did not detect her 3 to 4 seconds before the impact, if not earlier. She would have come into range just over 5 seconds before impact.
2.On the dash-cam style video, we only see her 1.5 seconds before impact. However, the human eye and quality cameras have a much better dynamic range than this video, and should have also been able to see her even before 5 seconds. From just the dash-cam video, no human could brake in time with just 1.5 seconds warning. The best humans react in just under a second, many take 1.5 to 2.5 seconds.
3. The human safety driver did not see her because she was not looking at the road. She seems to spend most of the time before the accident looking down to her right, in a style that suggests looking at a phone.
4.While a basic radar which filters out objects which are not moving towards the car would not necessarily see her, a more advanced radar also should have detected her and her bicycle (though triggered no braking) as soon as she entered the lane to the left, probably 4 seconds before impact at least. Braking could trigger 2 seconds before, in theory enough time.)

To be clear, while the car had the right-of-way and the victim was clearly unwise to cross there, especially without checking regularly in the direction of traffic, this is a situation where any properly operating robocar following "good practices," let alone "best practices," should have avoided the accident regardless of pedestrian error. That would not be true if the pedestrian were crossing the other way, moving immediately into the right lane from the right sidewalk. In that case no technique could have avoided the event. The overall consensus among experts is that one or several pieces of the driverless system may have failed, from the LIDAR system to the logic system that's supposed to identify road objects, to the communications channels that are supposed to apply the brakes, or the car's automatic braking system itself. According to Los Angeles Times, "Driverless car experts from law and academia called on Uber to release technical details of the accident so objective researchers can help figure out what went wrong and relay their findings to other driverless system makers and to the public."

An anonymous reader quotes a report from TechCrunch: A 15-year-old programmer named Saleem Rashid discovered a flaw in the popular Ledger hardware wallet that allowed hackers to grab secret PINs before or after the device was shipped. The holes, which Rashid described on his blog, allowed for both a "supply chain attack" -- meaning a hack that could compromise the device before it was shipped to the customer -- and another attack that could allow a hacker to steal private keys after the device was initialized. The Ledger team described the vulnerabilities dangerous but avoidable. For the "supply chain attack," they wrote: "by having physical access to the device before generation of the seed, an attacker could fool the device by injecting his seed instead of generating a new one. The most likely scenario would be a scam operation from a shady reseller." "If you bought your device from a different channel, if this is a second hand device, or if you are unsure, then you could be victim of an elaborate scam. However, as no demonstration of the attack in the real has been shown, it is very unlikely. In both cases, a successful firmware update is the proof that your device has never been compromised," wrote the team.

Further, the post-purchase hack "can be achieved only by having physical access to the device, knowing your PIN code and installing a rogue unsigned application. This rogue app could break isolation between apps and access sensitive data managed by specific apps such as GPG, U2F or Neo." Ledger CEO Eric Larcheveque claimed that there were no reports of the vulnerability effecting any active devices. "No one was compromised that we know of," he said. "We have no knowledge that any device was affected." Rashid, for his part, was disappointed with the speed Ledger responded to his claims.

According to TechCrunch, Google is acquiring Lytro, the imaging startup that began as a ground-breaking camera company for consumers before pivoting to use its depth-data, light-field technology in VR. From the report: One source described the deal as an "asset sale" with Lytro going for no more than $40 million. Another source said the price was even lower: $25 million and that it was shopped around -- to Facebook, according to one source; and possibly to Apple, according to another. A separate person told us that not all employees are coming over with the company's technology: some have already received severance and parted ways with the company, and others have simply left. Assets would presumably also include Lytro's 59 patents related to light-field and other digital imaging technology. The sale would be far from a big win for Lytro and its backers. The startup has raised just over $200 million in funding and was valued at around $360 million after its last round in 2017, according to data from PitchBook. Its long list of investors include Andreessen Horowitz, Foxconn, GSV, Greylock, NEA, Qualcomm Ventures and many more. Rick Osterloh, SVP of hardware at Google, sits on Lytro's board. A pricetag of $40 million is not quite the exit that was envisioned for the company when it first launched its camera concept, and in the words of investor Ben Horowitz, "blew my brains to bits."

dryriver writes: We live in a time where mainstream media, websites, blogs, social media accounts, your barely computer literate next door neighbor and so forth frequently rave about the "innovation" that is happening everywhere. But as someone who experienced developments in technology back in the 1980s and 1990s, in computing in particular, I cannot shake the feeling that, somehow, the "deep nerds" who were innovating back then did it better and with more heartfelt passion than I can feel today. Of course, tech from 30 years ago seems a bit primitive compared to today -- computer gear is faster and sleeker nowadays. But it seems that the core techniques and core concepts used in much of what is called "innovation" today were invented for the first time one-after-the-other back then, and going back as far as the 1950s maybe. I get the impression that much of what makes billions in profits today and wows everyone is mere improvements on what was actually invented and trail blazed for the first time, 2, 3, 4, 5 or more decades ago. Is there much genuine "inventing" and "innovating" going on today, or are tech companies essentially repackaging the R&D and knowhow that was brought into the world decades ago by long-forgotten deep nerds into sleeker, sexier 21st century tech gadgets? Is Alexa, Siri, the Xbox, Oculus Rift or iPhone truly what could be considered "amazing technology," or should we have bigger and badder tech and innovation in the year 2018?

Robots have taken over many of America's factories. They can explore the depths of the ocean, and other planets. They can play ping-pong. But can they pick a strawberry? From a report: "You kind of learn, when you get into this -- it's really hard to match what humans can do," says Bob Pitzer, an expert on robots and co-founder of a company called Harvest CROO Robotics. (CROO is an acronym. It stands for Computerized Robotic Optimized Obtainer.) Any 4-year old can pick a strawberry, but machines, for all their artificial intelligence, can't seem to figure it out. Pitzer says the hardest thing for them is just finding the fruit. The berries hide behind leaves in unpredictable places. "You know, I used to work in the semiconductor industry. I was a development engineer for Intel, and it was a lot easier to make semiconductor chips," he says with a laugh.

Within less than two decades it will be cheaper to operate robots in US factories than hire workers in Africa, a new report warns. From the report: Falling automation costs are predicted to cause job losses as manufacturers return to richer economies. Some analysts say poorer countries could be less impacted by this trend, however the Overseas Development Institute (ODI) suggests otherwise. But its report adds African nations have time to prepare for the change. "African countries must not shy away from manufacturing, but instead prepare by increasing access to internet, investing in technical skills and promoting technological innovation," said Karishma Banga a senior research officer at ODI. "If done well, automation can present important opportunities for African countries by improving labour productivity in manufacturing," she said. It has been suggested that poorer countries will not as be affected by automation because they have less money to invest in it.

Last Wednesday, the New York State Public Service Commission (PSC) ruled that municipal power companies could charge higher electricity rates to cryptocurrency miners who try to benefit from the state's abundance of cheap hydroelectric power. Ars Technica reports: Over the years, Bitcoin's soaring price has drawn entrepreneurs to mining. Bitcoin mining enterprises have become massive endeavors, consuming megawatts of power on some grids. To minimize the cost of that considerable power draw, mining companies have tried to site their operations in towns with cheap electricity, both in the U.S. and around the world. In the U.S., regions with the cheapest energy tend to be small towns with hydroelectric power. But mining booms in small U.S. towns are not always met with approval. A group of 36 municipal power authorities in northern and western New York petitioned the PSC for permission to raise electricity rates for cryptocurrency miners because their excessive power use has been taxing very small local grids and causing rates to rise for other customers. The PSC responded on Wednesday that it would allow those local power companies to raise rates for cryptocurrency miners. The response noted that New York's local power companies, which are customer-owned and range in size from 1.5 MW to 122 MW, "acquire low-cost power, typically hydro, and distribute the power to customers at no profit." If a community consumes more than what has been acquired, cost increases are passed on to all customers. "In Plattsburgh, for example, monthly bills for average residential customers increased nearly $10 in January because of the two cryptocurrency companies operating there," the PSC document says. The city of Plattsburgh, New York has since imposed an 18-month moratorium on commercial cryptocurrency mining to "protect and enhance the city's natural, historic, cultural and electrical resources."

Magic Leap just announced a preview of its software development kit and "creator portal," which will offer resources for people who want to build for its yet-unreleased Magic Leap One headset. You can now download a preview build of the Unreal or Unity engines, designed for what Magic Leap dubs "spatial computing." This is one of Magic Leap's juiciest announcements, marking one of the secretive company's first steps toward establishing itself as an open platform. It also may be a sign that the company is finally close to releasing hardware. The Verge reports: The creator portal touts a set of tutorials, a community for technical support, and a "Magic Leap Simulator" that will presumably help people preview apps before they get a headset. The Magic Leap One was announced late last year, and it's supposed to be released this year, but we still don't know details about the exact date or pricing. The portal says that a marketplace called "Magic Leap World" will launch soon.