Report: 95 Percent of the ATMs in the World Still Run Windows XP
Right now, 95 percent of the 2.2 million ATMs in the world run Windows XP, according to a report by Reuters. Furthermore, Microsoft ends support for the 13-year-old operating system on April 8, only a third of the ATMs currently running XP will have been upgraded to something newer.
But unlike your home PC, which will be on its own after April 8, ATMs will still get security updates and other necessary operating system maintenance—so long as they pay up.
Britain’s five biggest banks—all five of them—are unprepared and are negotiating agreements with Microsoft so the company will continue support. As Reuters reports, it will cost each bank about $100 million total to both maintain support and also get the system upgraded.
Sridhar Athreya, the head of financial advisory at SunGard Consulting, told Reuters that the banks are so behind because they’ve been scrambling to adopt new regulations that came out of the 2007-2008 financial crisis. Athreya said:
They were probably not very serious about the directive that came in from Microsoft. There's a lot of change going on at these banks at this moment in time and they would have seen Windows XP as one more change.
Meanwhile, most of the roughly 440,000 ATMs in the United States will also keep running XP for a while after Microsoft officially ends support. They will be on extended contracts, and many will use the switch as an impetus to upgrade their ATMs with microchip readers, increased data encryption, and/or other improvements.
The situation still seems dangerous, though, since Microsoft won’t be as focused on XP once it’s retired, and hackers will probably be on the hunt for machines running the old operating system that they can try to exploit.
If the Missing Plane Isn’t in the Indian Ocean, Where Could It Be Now?
Amid the continuing uncertainty surrounding the disappearance of Malaysia Airlines Flight 370, recent reports have added weight to speculation that the plane did not merely succumb to an accident but was taken over and absconded with, perhaps by one of its own pilots. If that’s the case—and if the plane is not, as some U.S. officials apparently now suspect, in the Indian Ocean—where could the plane be now?
As I wrote earlier on Slate, MH370 was last in communication with air traffic controllers shortly after it left Malaysian airspace and before it was due to contact Vietnamese controllers—exactly the spot where a pilot intending to abscond with his jet would have the most time to turn off his electronic transmissions, change direction, and be as far away as possible before anyone noticed that the plane was missing. Controllers would continue to see the plane’s symbol traveling across their screen on the intended flight path, even as the plane was actually hightailing it in a different direction.
The U.S. Is Making Its First Curved Coin. Do We Really Need New Coins?
Coin collecting and physical media may be kind of last century, but they're not dead yet. The U.S. Mint is still innovating, most recently with the curved—that’s right, curved—National Baseball Hall of Fame Commemorative Coins.
The design is based on France's 2009 commemorative International Year of Astronomy Coins and the Southern Cross curved coins from the Royal Australian Mint. Whether you think special-issue coins are exciting or underwhelming, they are serious business. It's the law. No, really. The National Baseball Hall of Fame Commemorative Coin Act, signed in August 2012, stipulates that these coins must be minted.
The coins will be made in limited quantities and come in three tiers: 50,000 $5 gold coins (above), 400,000 $1 silver coins, and 750,000 half-dollar clad coins, which means they are made of 92 percent copper and 8 percent nickel, compared to 90 percent gold or silver and 10 percent alloy or copper in the other two. The coins will cost $35, $10, and $5 respectively when they debut on March 27, and are being made at the West Point, Denver, Philadelphia, and San Francisco mints.
The curve in the coin is intended to evoke a baseball glove on the concave side and a ball on the convex side, in celebration of the Baseball Hall of Fame’s 75th birthday. It's a smart design, but perhaps it would have been better suited to another decade. Commemorative bitcoins, anyone?
See the Groundbreaking Replay Technology That's Coming to Professional Tennis
Professional tennis—a sport not exactly defined by its loving embrace of technological advancement—is about to see a big-time upgrade in its television broadcasts. Starting this weekend at the BNP Paribas Open in Indian Wells, Calif., TennisTV's coverage will feature an innovative type of replay system known as FreeD.
The groundbreaking technology—which has been used to cover the Olympics, NFL, and the NBA's All Star Weekend festivities—provides viewers with a 360-degree view of the action by placing 22 state-of-the-art 5K cameras around the field of play. This allows producers to pause a live action shot and rotate the viewers' POV on any plane, thereby giving the commentators a chance to provide analysis on, say, a Rafael Nadal backhand, while the audience enjoys an unprecedented view of Nadal's hypothetical return.
“This is a world-first for tennis," said Steve Plasto, CEO of ATP Media, the ATP World Tour's media rights distributor, about the implementation of the new replay technology for tour events. "We expect it to be a game changer in the way the sport is covered for broadcast.”
As the video above shows, the technology definitely brings a lot to the table. It provides a glimpse into the intricacies of the game never before seen on TV and helps to highlight the freakish athleticism of the Federers and Djokovics of the world. At the very least, FreeD should go a long way toward closing the gap that currently exists between tennis broadcasts and the big-budget productions typical of other major professional sports. Plus, it's pretty cool to see Federer's million-dollar serve broken down by the millisecond.
Phishing Scams Now Offer Bitcoins. Don't Be Fooled.
Phishing scams have tricked everyone from reporters at the Associated Press to Washington insiders, and what crook worth her stolen credentials would give up on such a successful strategy? So phishers are once again repurposing a classic con: Tell people they've won or been given a lot of money and that they just have to do XYZ—this is the identity- and/or money-stealing part—to claim what's owed to them. In this iteration, the phishers are dangling bitcoins as the lure.
Slate's news editor, Chad Lorenz, received the above email yesterday around 1 p.m. He quickly realized that something was wrong, even though the email looks pretty good: It's not trying too hard, it uses the Coinbase logo (Coinbase is a popular bitcoin wallet service), and it even has a copyright sign. But Lorenz wasn't expecting any money, and certainly not any cryptocurrency. Plus, assuming it was his lucky day, whose "external bitcoin account" was the bounty coming from? (Turns out that several other Slate staffers received the email as well.)
John OBrien, a spokesperson for Coinbase, wrote in an email that the phishing message had a few warning signs: "[T]here are a few red flags. ‘Hi,’ (not addressed to anyone) and ‘from an external account’ (not from anyone). Additionally the link will not take you to Coinbase.com."
Phishing scams promising bitcoins seem to have been percolating in January, and Coinbase published a blog post on the topic last month, noting that it had upped its security and encouraging "all customers to exercise caution when clicking links to financial institutions or payment services online."
The steps to identifying one of these scam emails are the same or very similar to what they would be if the phishers were promising U.S. dollars, or any currency. It seems probable that phishers are taking advantage of confusion about what bitcoin is and how it works in order to make people click the links. For example, according to a recent interview/check-in call, my 91-year-old grandma—who reads her email on an iPad—revealed that she thinks bitcoin works like a digital giftcard.
Protecting yourself just comes down to common sense, according to Chester Wisniewski, a senior security adviser at the data security firm Sophos. "Why are you randomly, unexpectedly being given money? How often does that happen?" he wrote in an email. "Even if you want to believe it is true (it never is), the correct course of action to verify the transaction is to go to the site claiming to have emailed you ... never click a link in an unsolicited message."
Google Tweaked How It Displays Search Results. Here’s How to Change It Back.
For the past day or two, when I looked at search results on Google, I felt a little crazy. The font was too big, but when I shrunk it down a level, it was too small. The results also felt somehow unanchored, as though I had to look harder to figure out what was going on.
It turns out that this is part of Google's latest tweaks to its search results. It has enlarged the default font. The yellowish background that used to be behind some ads is gone, replaced by the standard white.
But what really threw me is that it removed the underline from the blue page names in the search results. (You can see a good before-and-after shot at the Washington Post.)
This Shirt Lets Football Fans Feel the Hit
If you’ve ever wanted to feel what it’s like to take a massive hit during a game of football, then the cable television provider Foxtel, creative agency CHE Proximity, and wearable technology company, Wearable Experiments (We:eX), have the shirt for you.
Yes, Americans, it’s Australian Rules Football. But the game is still intense. And footy—not to be confused with soccer—has avid Australian fans, who Foxtel seems to think would be keen to get inside the jerseys of their favorite players. The “Alert Shirt,” apparently the first of its kind, is designed so that fans can feel like they’re part of the game. Wearers of the shirt, the ad tells us, will feel it all: From players colliding, to a spiking heart rate when the clock’s running down, to exhausted lungs after a long sprint.
"From Nowhere to Nobels": A Future Tense Event About Women in STEM
Women now hold more than half of all American jobs, but they still make up less than 25 percent of the science, technology, engineering, and math or STEM workforce. And the numbers are even worse when it comes to the male-dominated field of computer science. Only last year a Yale study revealed that scientists at six major research institutions were more likely to favorably view a male job candidate than a woman with the same qualifications. Yet women are graduating in increasing numbers with STEM degrees, so why does this gender gap persist? And what can we learn from the trail-blazing women and institutions who have succeeded in reversing this trend?
On Thursday, March 27, Future Tense—a partnership of Slate, the New America Foundation, and Arizona State University—and New America’s Breadwinning and Caregiving Program will discuss these issues in Washington, D.C., at the Dupont Circle Hotel. You can find the agenda below.To RSVP, visit the New America Foundation website.
11:45 a.m.: Reception
12 p.m.: A Campus Success Story
President, Harvey Mudd College
12:15 p.m.: Lessons From the Lab
Winner of the 2009 Nobel Prize in Physiology or Medicine
Daniel Nathans professor and director, Department of Molecular Biology and Genetics, Johns Hopkins University School of Medicine
Amgen, Inc. professor of Molecular Biology, Massachusetts Institute of Technology
Director, Breadwinning and Caregiving Program, New America Foundation
12:45 p.m. A New Formula for Workplace Equality
President, Harvey Mudd College
Institute community and equity officer, professor of physics, Department of Physics, Massachusetts Institute of Technology
Chief officer for scientific workforce diversity, National Institutes of Health
Future Tense Fellow, New America Foundation
1:30 p.m. Incubating the Next Generation
Founder and CEO, Girls Who Code
Associate professor, School of Social Transformation, Arizona State University
Executive director, CompuGirls
Science correspondent, NPR
Mark Zuckerberg Called Obama to Lecture Him About Privacy. Apparently It Did Not Go Well.
The U.S. government risks undermining people's trust in the Internet if it keeps invading their privacy, warns Mark Zuckerberg, who ought to know.
In a status update Thursday, the Facebooker-in-chief reports that he called up President Obama himself to complain about fresh reports of government spying. He didn’t explain just what it was that set him off, but it may have been this report by Glenn Greenwald and former Future Tense-er Ryan Gallagher, which alleges that the NSA posed as a Facebook server to hack into people’s hard drives. The NSA has denied this, but then, it would.
Anyway, apparently if you invent Facebook, you can just speed-dial the president when you’ve got beef with how he’s running the country. It doesn’t guarantee, however, that you’ll like what he has to say. From Zuckerberg’s post (italics mine):
As the world becomes more complex and governments everywhere struggle, trust in the internet (sic) is more important today than ever. …
This is why I've been so confused and frustrated by the repeated reports of the behavior of the US government. When our engineers work tirelessly to improve security, we imagine we're protecting you against criminals, not our own government.
The US government should be the champion for the internet, not a threat. They need to be much more transparent about what they're doing, or otherwise people will believe the worst.
I've called President Obama to express my frustration over the damage the government is creating for all of our future. Unfortunately, it seems like it will take a very long time for true full reform.
So it's up to us—all of us—to build the internet we want. ...*
He's basically right, of course. But it does make one wonder when tech executives will learn that this sort of grandstanding plays better if you don't wait until your own corporate interests have been directly affected to take umbrage.
Politico has confirmed that the president spoke with Zuckerberg, but the White House is not offering any juicy details, so one can only guess at the president’s side of the conversation based on Zuckerberg's frustration with the outcome.* I can only assume it went something like this:
*Update, Friday, March 14, 9:40 a.m.: This post has been updated to clarify that the conclusion that the conversation did not go well is based on Zuckerberg's apparent frustration with the outcome. The headline has been changed to make it clear that this is an assumption rather than a confirmed fact.
Previously in Slate:
Report: Target Could Have Prevented That Enormous Data Breach
In an epic loss of customer information, 40 million credit card numbers and personal data from 70 million customers were stolen during an attack on Target that lasted from Nov. 27 to Dec. 18, when the big box store finally shut it down. But should Target have caught on earlier?
Bloomberg Businessweek reports that Target officials could have been made aware of the attack on Nov. 30 and again on Dec. 2. On both days the big-box store’s malware detection software, made by FireEye, sent an alert to Target's security monitors in Bangalore, India, who then contacted Target's security team in Minneapolis. But for some reason, they apparently didn't respond to either alert.
Congress is now investigating the situation, and congressional testimony shows that federal law enforcement officials got in touch with Target about the breach on Dec. 12. Businessweek spoke to 18 people who either worked on Target's cybersecurity in the past or have specific internal knowledge of the breach.
The story they tell is of an alert system, installed to protect the bond between retailer and customer, that worked beautifully. But then, Target stood by as 40 million credit card numbers—and 70 million addresses, phone numbers, and other pieces of personal information—gushed out of its mainframes.
Target is not the first company to experience mass group denial about a security problem and miss an opportunity to deal with it as a result. In December, news broke that SnapChat had known about flaws in its user information security for four months and hadn't done anything to close the loopholes. And even when the company was forced to acknowledge the weakness publicly, it still took two weeks to release an update and correct the problem.
If the situation seems totally incomprehensible, think about your personal devices. Do you download every software update or patch the moment it’s released? The situation with Target is negligent, whereas failing to download an update on a personal device tends to stem from laziness and usually has consequences only for yourself. But they may share a common root feeling: It'll never happen to me. Except then it did happen.