Tax season already sucks for independent contractors, but some Uber drivers who logged on to the company’s Partners portal to receive their 1099s are complaining about an especially nasty surprise: Instead of their own information, drivers say they received the tax forms of other drivers. Read more…
Continue Reading:
Uber Screwup Exposed Driver’s Social Security Number and Tax Info
Floating things on magnets makes most things cooler. Bonsai trees are certainly no exception. Kickstarter project ” Air Bonsai ” combines together magnetic levitation, wee plants and traditional Japanese “monozukuri” (craftsmanship). Using the same magnetic floating trick we’ve seen in speakers , everything that the tree — or plant of your choosing — needs is contained within the floating ball. The team has already passed its goal of $80, 000 but you can still add to the money pot, with $200 enough to land you a basic starter kit. Because of the import issues of sending plants between countries, US-based backers will be receiving locally-sourced, tiny pine trees, but there’s nothing to stop you floating different tiny plants for your own bizarre anime dream. Depending on your aesthetic tastes, you can upgrade the “little star” floating orb, with a particularly attractive lava-stone pot at the top of our shopping list. There’s four designs for the “energy base” that maintains the magnetic field: all of which look classier than the chintzy speakers we’ve seen at tech trade shows. And if you’re feeling classy to the extent of $10, 000 , then you can get an exclusive handmade cushion, base and Bonsai “star”, as well as a tour of both a Bonsai garden and the workshop behind the project. Source: Kickstarter
See the original article here:
Floating Bonsai trees are better than floating speakers
California lawmaker, State Rep. Jim Cooper (D-Elk Grove), has introduced a bill that would effectively ban the sale of mobile devices that have encryption on by default beginning in 2017. The bill, AB 1681 , demands that any phone sold after January 1, 2017 be “capable of being decrypted and unlocked by its manufacturer or its operating system provider.” Should this bill become law, manufacturers found in violation would be subject to fines of $2, 500 per phone. Cooper’s reasoning puts a novel spin on the same, tired “The police can’t do their jobs unless tech companies do it for them” argument. This time, he used human trafficking as the boogeyman that needs defeating and which can only be accomplished if the government has unfettered, disk-level access to its citizens’ cell phones. “If you’re a bad guy [we] can get a search record for your bank, for your house, you can get a search warrant for just about anything, ” Cooper told ArsTechnica . “For the industry to say it’s privacy, it really doesn’t hold any water. We’re going after human traffickers and people who are doing bad and evil things. Human trafficking trumps privacy, no ifs, ands, or buts about it.” Apparently human trafficking also trumps the 4th Amendment as well. Via: The Next Web Source: Ars Technica
See more here:
California lawmaker wants to ban phone encryption in 2017
Remember how, back in September 2015, researchers revealed that virtually every “smart” baby-monitor they tested was riddled with security vulnerabilities that let strangers seize control over it, spying on you and your family? (more…)
Continued here:
Griefer hacks baby monitor, terrifies toddler with spooky voices
msm1267 writes: A patch for a critical Linux kernel flaw, present in the code since 2012, is expected to be pushed out today. The vulnerability affects versions 3.8 and higher, said researchers at startup Perception Point who discovered the vulnerability. The flaw also extends to two-thirds of Android devices, the company added. An attacker would require local access to exploit the vulnerability on a Linux server. A malicious mobile app would get the job done on an Android device. The vulnerability is a reference leak that lives in the keyring facility built into the various flavors of Linux. The keyring encrypts and stores login information, encryption keys and certificates, and makes them available to applications. Here’s Perception Point’s explanation of the problem. Read more of this story at Slashdot.
Continue Reading:
Serious Linux Kernel Vulnerability Patched
An anonymous reader writes: Security researcher Sean Cassidy has developed a fairly trivial attack on the LastPass password management service that allows attackers an easy method for collecting the victim’s master password. He developed a tool called LostPass that automates phishing attacks against LastPass, and even allows attackers to collect password vaults from the LastPass API. Read more of this story at Slashdot.
Originally posted here:
LastPass Vulnerable To Extremely Simple Phishing Attack
An anonymous reader writes: The DDoSing outfit that spawned the trend of “DDoS-for-Bitcoin” has been arrested by Europol in Bosnia Herzegovina last month. DD4BC first appeared in September 2015, when Akamai blew the lid on their activities. Since then almost any script kiddie that can launch DDoS attacks has followed their business model by blackmailing companies for Bitcoin. Read more of this story at Slashdot.
Read More:
"DDoS-For-Bitcoin" Blackmailers Arrested
Uber was hit with a $7.6 million fine on Thursday after the California Public Utilities Commission found that the company failed to provide proper data on its drivers in 2014. Uber plans to pay the fine to avoid a suspension of its operating license, though it will appeal the ruling, the Los Angeles Times reports. In July 2015, a judge recommended Uber be fined upwards of $7 million for failing to provide relevant driver data under California’s new ride-hailing laws . Today’s fine stems from that recommendation. The CPUC says Uber failed to provide accessibility information (how many riders asked for accessible vehicles and actually received them), service information (pickup and payment data in each zip code where Uber operates), and the cause of each “driving incident” involving an Uber vehicle. Uber has since provided all of this information to the CPUC, the LA Times reports. Uber’s main competition, Lyft, isn’t facing any penalties in California. While you’re doing the math on all of this, remember: Uber is valued at more than $60 billion . Source: Los Angeles Times
Read this article:
California fines Uber $7.6 million for not reporting driver data
itwbennett writes: Trend Micro has released an automatic update fixing the problems in its antivirus product that Google security engineer Tavis Ormandy discovered could allow “anyone on the internet [to] steal all of your passwords completely silently, as well as execute arbitrary code with zero user interaction.” The password manager in Trend’s antivirus product is written in JavaScript and opens up multiple HTTP remote procedure call ports to handle API requests, Ormandy wrote. Ormandy says it took him 30 seconds to find one that would accept remote code. He also found an API that allowed him to access passwords stored in the manager. This is just the latest in a string of serious vulnerabilities that have been found in antivirus products in the last seven months. Read more of this story at Slashdot.
See the original article here:
Trend Micro Flaw Could Have Allowed Attacker To Steal All Passwords
The company makes ignition interlock breathalyzers that are mandated by courts as a condition of driving after DUI convictions. (more…)
Continue Reading:
Internal documents from breathalyzer company Lifesaver dumped online