Uber wants UK gov intervention over TfL’s ’5-minute wait’ rule

Uber has indicated that it would seek an intervention from the UK government if Transport for London was to force the controversial taxi/app company to introduce a “five minute wait” rule.

The proposals for a forced delay time were suggested in September, as part of plans that would amount to a clampdown by the regional transport body on the way Uber operates in the capital.

“Frankly we were puzzled by some of the aims of the TfL transport review, such as the five minute rule,” Uber’s UK head of policy Andrew Byrne told MPs today.

“It’s about protecting interests of London taxi drivers,” he told the Business Innovation and Skills Select Committee. “The public safety [issues] of a five-minute wait time would be negative,” he said.

Asked if Uber would want the national government to intervene if such a proposal were made, Byrne replied he would.

He also claimed the move, to wait and confirm a passenger’s booking, would cost drivers £19m per year in wasted bookings, essentially “money being taken out of drivers’ pockets”.

Byrne said Uber was looking to the government to concentrate on the outcomes via regulation, such as quality and safety standards to protect the general public, rather than regulate “how” its business model works.

Last month, the High Court ruled that Uber’s minicab-hailing app was indeed lawful, following a request for clarity by TfL.

There are currently 20,000 Uber drivers in London, with the company taking a 20 per cent cut from drivers (and a 25 per cent cut from new drivers). Uber itself directly employs 125 people.

Byrne said the “big picture ambition” of Uber was to end car ownership in London, whereby people either took taxis or rented vehicles through services such as Zipcar.

However, Richard Massett, chairman of the Licensed Taxi Drivers Association, said the biggest impact Uber was having is traffic congestion. He said in 2013 there were 50,000 private hire vehicles on the road, with that number now reaching 91,000.

“Uber floods the market and undercuts prices, and that is not a high tech solution,” he said. ®

Data Loss Prevention Data Theft Prevention

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2015/11/24/uber_tfl_waiting/

Posted in Linux News | Tagged | Leave a comment

Video malvertising campaign lasted 12 hours? Try two months

A malvertising campaign exploiting online videos to fling poison at netizens actually lasted for two months rather than the 12 hours previously reported, according to new research which suggested the previously unfavoured medium may be ripe for exploitation.

Contrary to The Media Trust‘s report that a video malvertising campaign hit “some of the largest, most heavily trafficked sites for more than 12 hours”, an investigation by malvertising monitors ClarityAd discovered it had actually been ongoing for two months.

Two security experts who have analysed the vector extensively stated that the duration of the mischief suggested the industry needed to put much more effort into dealing with the new threat of video advertising malware.

ClarityAd’s CTO and co-founder, Jerome Dang, as well as Malwarebytes’ senior security researcher, Jérôme Segura, stated that “the main bad actor” in the two-month campaign was the domain BrtMedia.net, in their in-depth analysis of the miscreant’s methods.

To date malvertising has mostly targeted “display” advertisements, whether they be based on patch-addicted Flash or images with some nasties embedded.

The use of video advertisements has been a less exploited medium due to the relative security of the video advertising XML compared to the horror of Javascript, and the much higher cost of running a video campaign.

That there is, as ad firms claim, so little unsold advertising inventory in the video advertising world additionally means that the sales environment is handled far more manually. This is in stark contrast to the ecology of display advertisements, where the business need to monetise has weakened the controls which may be expected to prevent less-committed malicious actors from succeeding.

However video’s XML – VAST (Video Ad Serving Template) proved insufficient for advertisers, who demanded an extension to execute code in advertisements. That led to VPAID (Video Player Ad-Serving Interface Definition), a specification released by the Interactive Advertising Bureau. It was this which made video malvertising campaigns feasible.

Route of all evil

Businesses’ vulnerability to protecting their revenue seemingly demands the frequent obfuscation of VPAID Flash files, “maybe in the hope of protecting some trade secret”, suggested the researchers. In doing so they “completely ruined the security model originally thought out with VAST.”

Subsequently, the advertising ecology from Real Time Bidding (RTB) which has allowed a torrent of poison in display ads, was exported to the video advertising market.

Programmatic advertisements now account for 39 per cent of that market according to a recent study by eMarketer.

The result is that: “Publishers now have no idea who serves what ads on their websites, making it virtually impossible to police for compliance and security – unless they rely on dedicated audit and scanning technology.”

BrtMedia’s campaign ran as a VPAID video advertisement on Facebook’s LiveRail “Monetization Platform for Publishes” since early September, and was most recently seen in early November. LiveRail’s RTB exchange locates bidding on the client-side, meaning that regardless of the result of the auction the malicious domain will be present in browser logs.

If the bid is indeed won, “the website’s video player parses the ad’s XML and executes the VPAID code (bidder.swf).”

Dodging iframes, VPAID allows attackers direct access to the DOM – where BrtMedia’s Javascript performs four naughty tricks, as the researchers explained:

  • First it attempts to open a pop-up window to a fake Flash update URL at browsersafeupdate[dot]com. It also loops through each link on the page, and for each of them it assesses a 1 per cent chance of replacing it with the same malicious URL. From a visitor’s perspective, it looks as if the website itself is sending you to a malicious page!
  • Secondly, the Javascript also loops through all ad formats on the page and replaces them with its own ads (amazon affiliation links).
  • Thirdly, when the ad format is 300×250, it instead bootstraps a whole video player, looping through video ads on the same ad platform that it used to get to the page in the first place.
  • Finally, BrtMedia also injects whole bogus websites on the page (i.e. turkey sandwich recipes), to profit from fake video ads traffic. This is done via a hidden iframe at http://trk.brtmedia.net/r/.

The Register has attempted to contact LiveRail regarding the platform’s use in this campaign but has not received a response at the time of publication. ®

Data Loss Prevention Data Theft Prevention

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2015/11/24/video_malware_advertising/

Posted in Linux News | Tagged | Leave a comment

Suck it, Elon – Jeff Bezos’ New Shepard space rocket blasts off, lands in one piece

Pics and vid The was much whooping and popping of champagne corks yesterday at Amazon supremo Jeff Bezos’ space outfit Blue Origin: the company’s New Shepard rocket successfully performed a VTOL flight – a vertical takeoff and landing.

It’s the organization’s second attempt at bringing a rocket back to Earth in one piece. The technology rivals Elon Musk-run SpaceX’s reusable systems that also land on their feet (in theory).

New Shepard launched from Blue Origin’s test site in west Texas, soared to 329,839 feet (100.5 km) before returning safely to terra firma.

The lift-off of New Shepard

New Shepard blasts off. Pic: Blue Origin

Bezos explained:

Our unique ring fin shifted the center of pressure aft to help control reentry and descent; eight large drag brakes deployed and reduced the vehicle’s terminal speed to 387 mph; hydraulically actuated fins steered the vehicle through 119-mph high-altitude crosswinds to a location precisely aligned with and 5,000 feet above the landing pad; then the highly-throttleable BE-3 engine re-ignited to slow the booster as the landing gear deployed and the vehicle descended the last 100 feet at 4.4 mph to touchdown on the pad.

The New Shepard rocket just prior to touchdown. Pic: Blue Origin

There’s more on the New Shepard tech here, including details on the pressurised capsule. That also touched down safely yesterday, having detached and descended by parachute.

Blue Origin has released a somewhat preposterous video of the mission. Bezos admits “we took the liberty of engineering all the drama out of the landing”:

As you can see, New Shepard is ultimately intended to lift six passengers to an edge-of-space experience. Now that Blue Origin has got the thing off the ground and back again in one piece, Bezos is keen to get potential customers to register their interest. ®

OpenStack for enterprise: The tipping point cometh

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2015/11/24/blue_origin_flight/

Posted in Linux News | Tagged | Leave a comment

NetApp, now much more object storage than you’d think

Comment NetApp, the company usually known for its FAS appliances, is putting a lot of effort into making its object storage platform, StorageGRID, more competitive. And it’s coming around to what I’ve been saying for a long time now: end users need “Flash Trash” or, put more professionally, a two-tier storage strategy.

Previously, I’ve been very skeptical about NetApp’s product strategy with ONTAP everywhere and the unified storage thing. It worked for a while, enabling NetApp’s success, but it’s no longer enough to cover all end-user needs.

I also have to say that I’ve praised many of its acquisitions, especially Bycast. They all seemed an attempt to enlarge the product portfolio, but the integration process itself, for the most part, did not lead to any favorable outcome, and the results were quite disappointing.

As in the case of Spinnaker, which has taken too long to become what it is today, due (maybe) to an ONTAP culture that’s a little too strong. Fortunately, it seems things are quickly changing and NetApp is finally embracing a different, more open-minded, approach.

Bycast StorageGRID was one of those acquisitions. I blamed NetApp for not pushing it hard enough from the beginning, but now it’s getting into gear and the product has become more competitive, with a list of features that can make object storage easier to adopt and deploy in any type of IT organisation.

StorageGRID 10.2


StorageGRID time line

I recently wrote about one of the many use cases of object storage – private cloud storage deployments – but what is really decisive today is not the single use case, which could be considered the starting point, but rather giving the end user options, namely picking up what they need now while leaving the door open to other possibilities.

NetApp, and the StorageGRID team, are doing exactly that, building an ecosystem that pivots around an object storage core.

From my POV, the most interesting feature added to this 10.2 software release is the NAS bridge option. It is interesting to note that 10.2 comes just six months after the 10.1 release, confirming a very fast six-month release cycle. It adds to other crucial improvements like global erasure coding, AD compatibility, S3-tiering, improved multi-tenancy and S3/Swift APIs.

The implementation of this NAS Bridge is quite interesting because it is deployed as a VM. This means that, at the moment, the primary focus is not performance, but:

  • Data ingestion: all files written via NFS/SMB are also accessible via APIs; giving developers the ability to migrate storage without changing applications and readying data to be accessed with APIs in the future
  • Distributed NAS: NAS virtual appliances, thanks to a local cache mechanism, can be deployed remotely (ROBO sites) and act as traditional filers while eliminating all local backup procedures and management

Last but not least, the NAS bridge is now part of StorageGRID and it comes for free, meaning 100 per cent freedom in architecture design for end users.

This solution goes hand in hand with AltaVault (cloud-based VTL) and makes the product family even more compelling for large IT organizations and service providers.

Closing the circle

There are many takeaways from this story:

  • Object storage rocks. All vendors are investing in it and end users of any size are looking at it as a potential solution for their infrastructures
  • NetApp is finally exiting from the ONTAP-everywhere loop (or, at least, this is what I take way from the effort it is putting into StorageGRID)
  • As a consequence, StorageGRID is improving release after release, by adding features, integrations and options to its ecosystem, and when new options come for free it’s always good news
  • In my opinion, NetApp is also targeting the appliance sweet spot for new object storage deployments. The top of the high-end market is already in the hands of a few vendors such as Scality, HGST, DDN or the now-IBM, Cleversafe

There are many projects starting now, in a range from a few hundred terabytes to few petabytes, where an appliance-based approach, cloud tiering, a robust ecosystem and integrations make the difference.

The latter is a much larger market segment which includes small/medium ISPs and mid/large enterprises as well. In this space, NetApp has cleverly joined vendors such as Caringo, Cloudian and HDS among others.

And I’d like to close with some wishful thinking. I know, it’s probably asking too much here, but I’d like to see more integration between ONTAP and StorageGRID. Features such as SnapVault for StorageGRID, for example, would make a lot of sense for NetApp end users.

Disclaimer: Just a reminder that I recently wrote a white paper for NetApp and it’ll be sponsoring the TECHunplugged conference in Austin on 2 February, 2016. The content has not been reviewed, approved or edited by anyone else other than the Juku team.

Data Loss Prevention Data Theft Prevention

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2015/11/24/netapp_more_objectstorage_than_youd_think/

Posted in Linux News | Tagged | Leave a comment

Ex-IT staff claim Disney fired them then gave their jobs H1-B peeps

Ex-Disney IT staffers in Florida have accused the Mickey Mouse outfit of discrimination, and hope to sue their former bosses.

The nearly two dozen techies claim they were forced to train and then hand their jobs over to foreigners working in America on H1-B visas.

Attorney Sara Blackwell told The Register she filed complaints with the US Equal Employment Opportunity Commission (EEOC) on behalf of 23 Disney employees who were let go earlier this year.

The complaints are the first step in what could become a class-action discrimination lawsuit against Disney.

According to Blackwell, the IT workers’ rights were violated when late last year they were notified they would be replaced by workers coming from India on H1-B visas. The outgoing staff were asked to stay on for several weeks to train their replacements, and dismissed in January of this year, we’re told.

Blackwell told us that in addition to discriminating against the US workers on the basis of nationality, the dismissals included workers over the age of 40 and workers who are women, so age and gender discrimination are also being claimed in the EEOC filings.

Should the commission find grounds for a legal complaint, the 23 workers will then have the option of filing suit against Disney on their own or, as Blackwell expects will be the case, together in a class-action lawsuit.

This would set the stage for a legal showdown between Disney and the workers on whether it is legal to terminate US workers and hand their positions over to H1-B-holding foreigners.

Blackwell noted the case is “very early” in the legal process, and a number of procedural steps remain before any likely resolution is reached.

Disney did not return a request for comment on the matter.

The H1-B issue has become a hotly debated topic, particularly in the technology and IT sectors, where politicians worry that foreign workers are replacing capable American employees. Companies have countered that in many cases there are not enough qualified American applicants for engineering and developer positions that H1-B visa holders are used to fill. ®

OpenStack for enterprise: The tipping point cometh

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2015/11/24/disney_it_workers_sue/

Posted in Linux News | Tagged | Leave a comment

Google launches new Star Wars themed easter egg

Screen Shot 2015-11-24 at 18.01.15

To celebrate the upcoming launch of Star Wars: The Force Awakens, Google has embedded a neat little easter egg over on Search, which transforms all your search results into a text crawl, just like the opening of every Star Wars movie.

In order to make the easter egg appear, you’ll need to head over to Google and type “A long time ago in a galaxy far far away” in the Search bar. The screen will then fade to a dark starry background and all of the search results will slide down the screen in yellow before you.

Check it out in action in the video below:

YouTube Preview Image

Article source: http://feedproxy.google.com/~r/AndroidNewsGoogleAndroidForums/~3/w8ItfvgbUHk/

Posted in Android News | Tagged , | Leave a comment

NVIDIA announces Black Friday and Cyber Monday deals on the SHIELD Android TV


NVIDIA today announced a new deal taking place on Black Friday and Cyber Monday. Starting the day after Thanksgiving, interested buyers can get $50 off the SHIELD Android TV at participating retailers.

Not only will you get $50 off of the SHIELD Android TV, but you also get a free SHIELD remote, which NVIDIA advertises as a $49.99 value. The deal is available in-person on Friday; online deals for the SHIELD Android TV will be available Monday.

Additionally, NVIDIA will be offering a handful of Black Friday deals on various video games across a variety of platforms.

As you’re out shopping on Black Friday, be sure to keep an eye out for the SHIELD TV at Best Buy, Fry’s Electronics, GameStop, and Micro Center.

Alternatively, when Cyber Monday comes around, keep an eye out on stores like Amazon, NCIX, NewEgg, and NVIDIA’s own online store.

Article source: http://feedproxy.google.com/~r/AndroidNewsGoogleAndroidForums/~3/q7doc03rUus/

Posted in Android News | Tagged , | Leave a comment

Sony is offering consumers a $50 PlayStation store credit with the purchase of a Xperia Z3+ or Xperia Z4 Tablet

Sony_promo_Xperia+Z3+_Z4tablet_PlayStattion credit_112415

For a limited time only, Sony is offering consumers a $50 PlayStation store credit if you buy the Sony Xperia Z3+ or Xperia Z4 Tablet.

The offer is valid only for U.S. residents and won’t last forever. In order to claim the $50 PlayStation store credit, you must purchase either the Xperia Z3+ or Xperia Z4 Tablet. No other devices are eligible for this offer. Consumers must purchase the device from either the company’s website, Amazon or BH Photo Video. To claim the credit, buyers must send images of the product receipt to Sony as well as the IMEI of the device. The deal will run through January 31, 2016. Our guess is that the company wants to free up stock. Let us know if you’re getting one in the comments below.

Source: Sony
Via: Android Central

Article source: http://feedproxy.google.com/~r/AndroidNewsGoogleAndroidForums/~3/XR7SMYYL0CA/

Posted in Android News | Tagged , | Leave a comment

Motorola starts sending out invites to an event it’s holding in India on December 1


Earlier today, Motorola sent out its first batch of invitations to an exclusive press event it’s holding in New Delhi on Tuesday, December 1. Unfortunately, the Lenovo-owned company hasn’t disclosed what exactly it’s planning to unveil at the conference, but there are some hints being subtly dropped by the firm that suggest we could see the release of the second-generation Moto 360 in India.

Moto 360 Invite

We don’t have any information with regards to what price tag the device will carry in the region, but in the US it’s priced between $299.99 to $429.99, depending on configuration, which leads us to believe that we could see it hit the shelves for around INR19, 900 to INR28,500.

Article source: http://feedproxy.google.com/~r/AndroidNewsGoogleAndroidForums/~3/w8wKagbb7ec/

Posted in Android News | Tagged , | Leave a comment

[Deal] Grab a Sony Xperia M4 Aqua through Amazon for $199


Amazon has just released its latest Black Friday deal, which is a must-have for any consumers looking to pick up a reliable budget-friendly waterproof smartphone. While stock lasts, you will be able to bag yourself a Sony Xperia M4 Aqua for $199.99, which is a whopping $100 off its usual retail price of $299.99. The handset is only available in black and comes as standard with a 12-month manufacturer warranty.

As this is an unlocked GSM device, it will only play nice with T-Mobile and ATT in the United States, but that doesn’t mean you can’t take it abroad as it will work with most European carriers, including Vodafone, O2 and Three. A full list of the supported carrier bands can be seen below:

  • 2G : 850/900/1800/1900
  • 3G : 850/900/1900/2100
  • 4G LTE : 1(2100), 2(1900), 3(1800), 4(1700/2100), 5(850), 7(2600), 8(900), 17(700), 20(800), 28(700)

If you like the sound of the Xperia M4 Aqua and would like to take advantage of this deal – hit the source link below.

Source: Amazon

Article source: http://feedproxy.google.com/~r/AndroidNewsGoogleAndroidForums/~3/UmOPjwyG9cQ/

Posted in Android News | Tagged , | Leave a comment