"FBI officials said Tuesday they have been stymied in their efforts to unlock the cellphone of the man who shot and killed at least 26 people at a church here on Sunday," reports the Houston Chronicle. Slashdot reader Anon E. Muss writes: The police obtained a search warrant for the phone, but so far they've been unable to unlock it. The phone has been sent to the FBI, in the hope that they can break in... If it is secure, and the FBI can't open it, expect all hell to break loose. The usual idiots (e.g. politicians) will soon be ranting hysterically about the evil tech industry, and how they're refusing to help law enforcement.
FBI special agent Christopher Combs complained to the Chronicle that "law enforcement increasingly cannot get in to these phones."

A law professor at the Georgia Institute of Technology argues there's other sources of information besides a phone, and police officers might recognize this with better training. As just one example, Apple says the FBI could've simply just used the dead shooter's fingerprint to open his iPhone. But after 48 hours, the iPhone's fingerprint ID stops working.

There's just four days left to vote for the winner of the 23rd Annual Interactive Fiction Competition. An anonymous reader writes: This year's contest set a record, drawing 79 new text adventures -- 36% more entries than the previous year's 58. All of this year's games are available online, furthering the competition's goal of "making them freely available in order to encourage the creation, play, and discussion of interactive fiction." (And they're also available in a 236-megabyte .zip archive.)

Each game's developer is competing for $4,800 in cash prizes, to be shared among everyone who finishes in the top two-thirds (including a $247 prize to the first-place winner). Authors of the top-rated games will also get to choose from a 38-prize pool (which includes another $200 cash prize donated by Asymmetric Publications, as well as a "well-loved" used Wii console). But the most important thing is there's a bunch of fun new text adventures to play. Reviews are already appearing online, lovingly collected by the Interactive Fiction Wiki. And one game designer even livestreamed their text adventure-playing on Twitch.

An anonymous reader quotes the New York Times: Facebook estimates that about 200 million of its more than 2.07 billion users may be fakes... [Non-paywalled article here.] Colin Stretch, the general counsel of Facebook, told the Senate Intelligence Committee the company was doubling its review staff to 20,000 and using artificial intelligence to find more "bad actors"... Sean Edgett, Twitter's general counsel, testified before Congress that about 5 percent of its 330 million users are "false accounts or spam," which would add up to more than 16 million fakes.

Independent experts say the real numbers are far higher. On Twitter, little more than an email address is needed to start tweeting. Facebook's requirement that users be their authentic selves means the company asks for a smattering of information to sign up -- name, birthday, gender and email address. But few checks exist to verify if that information is true when a user signs up.

Thomas Claburn, writing for The Register: Developers really dislike Perl, and projects associated with Microsoft, at least among those who volunteer their views through Stack Overflow. The community coding site offers programmers a way to document their technical affinities on their developer story profile pages. Included therein is an input box for tech they'd prefer to avoid. For developers who have chosen to provide testaments of loathing, Perl tops the list of disliked programming languages, followed by Delphi and VBA. The yardstick here consists of the ratio of "likes" and "dislikes" listed in developer story profiles; to merit chart position, the topic or tag in question had to show up in at least 2,000 stories. Further down the down the list of unloved programming language comes PHP, Objective-C, CoffeeScript, and Ruby. In a blog post seen by The Register ahead of its publication today, Stack Overflow data scientist David Robinson said usually there's a relationship between how fast a particular tag is growing and how often it's disliked. "Almost everything disliked by more than 3 per cent of Stories mentioning it is shrinking in Stack Overflow traffic (except for the quite polarizing VBA, which is steady or slightly growing)," said Robinson. "And the least-disliked tags -- R, Rust, TypeScript and Kotlin -- are all among the fast-growing tags (TypeScript and Kotlin growing so quickly they had to be truncated in the plot)."

An anonymous reader quotes HPE Insights: Software developers and testers must be sick of hearing security nuts rant, "Beware SQL injection! Monitor for cross-site scripting! Watch for hijacked session credentials!" I suspect the developers tune us out... The industry has generated newer tools, better testing suites, Agile methodologies, and other advances in writing and testing software. Despite all that, coders keep making the same dumb mistakes, peer reviews keep missing those mistakes, test tools fail to catch those mistakes, and hackers keep finding ways to exploit those mistakes. One way to see the repeat offenders is to look at the Open Web Application Security Project Top 10, a sometimes controversial ranking of the 10 primary vulnerabilities, published every three or four years by the Open Web Application Security Project... It boggles the mind that a majority of top 10 issues appear across the 2007, 2010, 2013, and draft 2017 OWASP lists...

It's sad that eight out of 10 of the issues from 2013 are still top security issues in 2017. In fact, if you consider that the draft 2017 list combined two of the 2013 items, it's actually nine out of 10. Ouch... What can you do? Train everyone better, for starters. Look at coding and test tools that can help detect or prevent security vulnerabilities, but don't consider them silver bullets. Do dynamic application security testing, including penetration testing and fuzz testing. Ensure admins do their part to protect applications. And finally, make sure you establish a culture of security-aware programming and deployment.

According to a new study, the best way to reduce pesticides from your supermarket apple is to use a baking soda solution. The discovery was made by a team of scientists from the University of Massachusetts at Amherst. They compared the effectiveness of plain tap water, a commercial bleach solution and a baking soda/water mix in removing pesticides from apples. CNET reports: The scientists started with organic Gala apples and applied the fungicide thiabendazole and the insecticide phosmet before testing the different washing liquids. "The baking soda solution was the most effective at reducing pesticide," a release on the study notes. "After 12 and 15 minutes, 80 percent of the thiabendazole was removed, and 96 percent of the phosmet was removed, respectively." The researchers say the industry-standard approach of washing fruit in a bleach solution for two minutes after harvest is not an effective way to completely remove pesticides. They also found the fungicide thiabendazole penetrated into the apple peel much more than the insecticide. Apple lovers would need to remove the peel to also get rid of the pesticide that wasn't washed off with the baking soda solution. The researchers published the findings this week in the American Chemical Society's Journal of Agricultural and Food Chemistry.

New submitter fstack writes: Senior software architect Mark Maybee who has been working at Oracle/Sun since '98 says maybe we "could" still see ZFS be a first-class upstream Linux file-system. He spoke at the annual OpenZFS Developer Summit about how Oracle's focus has shifted to the cloud and how they have reduced investment in Solaris. He admits that Linux rules the cloud. Among the Oracle engineer's hopes is that ZFS needs to become a "first class citizen in Linux," and to do so Oracle should port their ZFS code to Oracle Linux and then upstream the file-system to the Linux kernel, which would involve relicensing the ZFS code.

Denuvo, an anti-tamper technology and digital rights management scheme, isn't doing a very good job preventing PC games from being copied. According to Ars Technica, Denuvo releases are being publicly cracked within a day of their launch. From the report: This week's release of South Park: The Fractured but Whole is the latest to see its protections broken less than 24 hours after its release, but it's not alone. Middle Earth: Shadow of War was broken within a day last week, and last month saw cracks for Total War: Warhammer 2 and FIFA 18 the very same day as their public release. Then there's The Evil Within 2, which reportedly used Denuvo in prerelease review copies but then launched without that protection last week, effectively ceding the game to immediate potential piracy. Those nearly instant Denuvo cracks follow summer releases like Sonic Mania, Tekken 7, and Prey, all of which saw DRM protection cracked within four to nine days of release. But even that small difference in the "uncracked" protection window can be important for game publishers, who usually see a large proportion of their legitimate sales in those first few days of availability. The presence of an easy-to-find cracked version in that launch window (or lack thereof) could have a significant effect on the initial sales momentum for a big release. If Denuvo can no longer provide even a single full day of protection from cracks, though, that protection is going to look a lot less valuable to publishers.

An anonymous reader shares a report: California employers can no longer ask job applicants about their prior salary and -- if applicants ask -- must give them a pay range for the job they are seeking, under a new state law that takes effect Jan. 1. AB168, signed Thursday by Gov. Jerry Brown, applies to all public- and private-sector California employers of any size. The goal is to narrow the gender wage gap. If a woman is paid less than a man doing the same job and a new employer bases her pay on her prior salary, gender discrimination can be perpetuated, the bill's backers say. Last year, the state passed a weaker law that said prior compensation, by itself, cannot justify any disparity in compensation. The new bill goes further by prohibiting employers, "orally or in writing, personally or through an agent," from asking about an applicant's previous pay. However, if the applicant "voluntarily and without prompting" provides this information, the employer may use it "in determining the salary for that applicant."

An anonymous reader quotes the Washington Post: On Wednesday, AT&T told regulators that it expects to finish the quarter with about 90,000 fewer TV subscribers than it began with. AT&T blamed a number of issues, including hurricane damage to infrastructure, rising credit standards and competition from rivals. The report also shows AT&T lost more traditional TV customers than it gained back through its online video app, DirecTV Now. And analysts are suggesting that that's evidence that cord-cutting is the main culprit... "DirecTV, like all of its cable peers, is suffering from the ravages of cord-cutting," said industry analyst Craig Moffett in a research note this week. Moffett added that while nobody expected AT&T's pay-TV numbers to look good, hardly anyone could have predicted they would look "this bad."

The outlook doesn't look much healthier for the rest of the television industry. Over the past year, cable and satellite firms have collectively lost nearly 3 million customers, according to estimates by market analysts at SNL Kagan and New Street Research. The number of households with traditional TV service is hovering at about the level it was in 2000, according to New Street's Jonathan Chaplin, in a study last week. Other analysts predict that, after factoring in AT&T's newly disclosed losses, the industry will have lost 1 million traditional TV subscribers by the end of this quarter.

jrepin writes: KDE publishes this autumn's Plasma feature release, KDE Plasma 5.11. Plasma 5.11 desktop environment brings a redesigned settings app, improved notifications, a more powerful task manager. Plasma 5.11 is the first release to contain the new "Vault," a system to allow the user to encrypt and open sets of documents in a secure and user-friendly way, making Plasma an excellent choice for people dealing with private and confidential information.

Microsoft's newest programming language will run on yet-to-be developed quantum computers. An anonymous reader quotes CIO Today: Microsoft said its new quantum computing language, which has yet to be named, is "deeply integrated" into its Visual Basic development environment and does many of the things other standard programming languages do. However, it is specifically designed to allow programmers to create apps that will eventually run on true quantum computers... Like other companies, such as Google and IBM, Microsoft has been working for years to advance quantum computing research to the point where the technology becomes feasible rather than theoretical... Joining Satya Nadella on stage, Fields Medal-winning mathematician Michael Freedman added, "Microsoft's qubit will be based on a new form of matter called topological matter that also has this property that as the information stored in the matter is stored globally, you can't find the information in any particular place..." The programming language is expected to be available as a free preview by the end of the year and "also includes libraries and tutorials so developers can familiarize themselves with quantum computing," Microsoft said.

An anonymous reader writes: "VPN providers often advertise their products as a method of surfing the web anonymously, claiming they never store logs of user activity," writes Bleeping Computer, "but a recent criminal case shows that at least some do store user activity logs." According to the FBI, VPN providers played a key role in identifying an aggressive cyberstalker by providing detailed logs to authorities, even if they claimed in their privacy policies that they don't. The suspect is a 24-year-old man that hacked his roommate, published her private journal, made sexually explicit collages, sent threats to schools in the victim's name, and registered accounts on adult portals, sending men to the victim's house...
FBI agents also obtained Google records on their suspect, according to a 29-page affidavit which, ironically, includes the text of one of his tweets warning people that VPN providers do in fact keep activity logs. "If they can limit your connections or track bandwidth usage, they keep logs."

An anonymous reader quotes a report from Jalopnik: Hurricane Maria was the most devastating hurricane to make land in Puerto Rico in nearly 100 years and the country is still reeling in its wake. Much of the island still doesn't have running water, reliable communication or electricity. Recently, NASA published a set of date-processed photos that show the island's nighttime lights both before and after the storm. Here, you can see images of the country's capital, San Juan, on a typical night before Maria. It's based on cloud-free and low moonlight conditions. Conversely, the following composite image is of data taken on the nights of Sept. 27 and 28 -- nearly a week after the storm hit -- by the Visible Infrared Imaging Radiometer Suite, a scanning radiometer that collects visible and infrared imagery of land, atmosphere, cryosphere and oceans, according to NASA's website.

More than 400,000 lives are lost every year to malaria, reports the New York Post. But Thursday Science published two new studies on promisings ways to fight malaria -- with genetic engineering. The first study focused on whether mosquitoes that have been genetically modified to be more resistant to the malaria-causing parasite would become weaker and less able to mate and breed... The study, led by mosquito vector biologist George Dimopoulos, found that one type of genetically modified mosquito not only bred well, but became more attractive to normal mosquitoes... Within one generation, the mosquito population was becoming 90 percent genetically modified... The results suggest the genetically modified mosquitoes would not just thrive but could possibly drive their genetic immunity to the malaria parasite into mosquito populations to which they are introduced.

The second study published Thursday uses genetic modification of bacteria found inside mosquitoes to fight malaria. Researchers genetically modified a type of bacteria, which caused it to secrete a substance inside the mosquitoes' gut that kills off the malaria-causing parasite before it can develop properly... the genetically modified versions of the bacteria automatically spread to offspring in generation after generation, the researchers found. The next step for both approaches -- the genetically modified mosquitoes and bacteria -- is to test if they work outside the lab in conditions simulating nature. Johns Hopkins has built a "mosquito house" research facility in Zambia designed specifically for such experiments... But the researchers must first convince the Zambian government to allow their genetically modified subjects into its borders.

An anonymous reader writes: In a bid to help Android smartphone vendors the Linux LTS (Long Term Support) kernels will now be maintained for a period of six years. The Linux LTS initiative backed by the Linux Foundation has supported annual LTS kernels for two years worth of updates, but that is being changed for Linux 4.4+ at the request of Google and their Project Treble. This means the Linux 4.4 LTS kernel will be maintained through 2022 and the upcoming Linux 4.14 LTS through 2023 for security/bug fixes in order to last a complete "device lifecycle."

schwit1 quotes the AP: Government bodies are increasingly turning the tables on citizens who seek public records that might be embarrassing or legally sensitive. Instead of granting or denying their requests, a growing number of school districts, municipalities and state agencies have filed lawsuits against people making the requests -- taxpayers, government watchdogs and journalists who must then pursue the records in court at their own expense.

The lawsuits generally ask judges to rule that the records being sought do not have to be divulged. They name the requesters as defendants but do not seek damage awards. Still, the recent trend has alarmed freedom-of-information advocates, who say it's becoming a new way for governments to hide information, delay disclosure and intimidate critics. "This practice essentially says to a records requester, 'File a request at your peril,'" said University of Kansas journalism professor Jonathan Peters, who wrote about the issue for the Columbia Journalism Review in 2015, before several more cases were filed. "These lawsuits are an absurd practice and noxious to open government."

"Three-point-one-four was more than a number to museum curator Larry Shaw," writes the San Francisco Chronicle. Long-time Slashdot reader linuxwrangler writes: In 1988 at a retreat for San Francisco Exploratorium staff, Larry Shaw proposed linking the digits of pi, which begins 3.14, with the date March 14. Initially the "holiday" was only celebrated by museum staff but it didn't take long for the idea to spread and Pi Day was born.

For 38 years, Mr. Shaw donned a red cap emblazoned with the magic digits and led a parade of museum goers, each of them holding a sign bearing one of the digits of pi. Shaw died August 19 at age 78 and a memorial is planned for Sunday September 24.
The memorial will be held in Mill Valley, California, the Chronicle reports, adding that "pie will be served."

A new study finds the highest-energy cosmic rays to bombard Earth come from galaxies far, far away. Space.com reports: The sun emits relatively low-energy cosmic rays. However, for more than 50 years, scientists have also detected ultra-high-energy cosmic rays, ones far beyond the capability of any particle accelerator on Earth to generate. One way to discover the origins of ultra-high-energy cosmic rays is to study their directions of travel. However, ultra-high-energy cosmic rays only rarely strike Earth's atmosphere, with one hitting any given area about the size of a soccer field about once per century, the researchers said. In order to detect ultra-high-energy cosmic rays, scientists look for the spray of electrons, photons and other particles that result when ultra-high-energy cosmic rays hit the top of Earth's atmosphere. Each of these showers contains more than 10 billion particles, which fly downward in a disk shaped like a giant plate miles wide, according to the statement. Scientists examined the sprays from ultra-high-energy cosmic rays using the largest cosmic-ray observatory yet: the Pierre Auger Observatory built in the western plains of Argentina in 2001. It consists of an array of 1,600 particle detectors deployed in a hexagonal grid over 1,160 square miles (3,000 square kilometers), an area comparable in size to Rhode Island. A connected set of telescopes is also used to see the dim fluorescent light the particles in the sprays emit at night.

The researchers analyzed data collected between 2004 and 2016. During these 12 years, the scientists detected more than 30,000 ultra-high-energy cosmic rays. If ultra-high-energy cosmic rays came from the Milky Way, one might perhaps expect them to come from all across the sky, or perhaps mostly from the direction of the supermassive black hole at the galaxy's center. However, the researchers saw that ultra-high-energy cosmic rays mostly came from a broad area of sky about 90 degrees away from the direction of the Milky Way's core.

New submitter fstack writes: Phoronix has carried out tests comparing AMD's high-end EPYC 7601 CPU to AMD Opteron CPUs from about ten years ago, looking at the EPYC/Opteron Linux performance and power efficiency. Both on the raw performance and performance-per-Watt, the numbers are quite staggering though the single-threaded performance hasn't evolved quite as much. The EPYC 7601 is a $4,200 USD processor with 32 cores / 64 threads. The first of many tests was with NAS Parallel Benchmarks: "For a heavily threaded test like this, going from a single Opteron 2300 series to the EPYC 7601 yielded around a 40x increase in performance," reports Phoronix. "Not bad when also considering it was only a 16x increase in the thread count (4 physical cores to 32 cores / 64 threads). The EPYC 7601 has a lower base clock frequency than the Opteron 2300 CPUs tested but has a turbo/boost frequency higher, among many architectural advantages over these K10 Opterons. With the NASA test's Lower-Upper Gauss-Seidel solver, going from the dual Opteron 2384 processors to a single EPYC 7601 yields around a 25x improvement in performance over the past decade of AMD server CPUs. Or in looking at the performance-per-Watt with the LU.C test, it's also around a 25x improvement over these older Opterons."