IEEE Spectrum writer Tekla Perry writes: Early this year, analyst Trip Chowdhry from Global Equities Research predicted that the tech world was going to see big layoffs in 2016 -- some 330,000 in all at major tech companies. At the time, these numbers seemed way over the top. Then IBM started slashing jobs in March -- and continued to wield the ax over and over as the year progressed. Yahoo began layoffs of some 15 percent of its employees in February. Intel announced in April that it would lay off 12,000 this year. So, was Chowdhry right? "Yes," he told me when I asked him this week. "The layoffs I predicted have been occurring." And worse, he says, these laid-off workers are never again going to find tech jobs: "They will always remain unemployed," at least in tech, he said. "Their skills will be obsolete." Some of these layoffs are due to a sea change in the industry, as it transforms to the world of mobile and cloud. But some are signs of a bubble about to pop. It's all going to get worse in 2017, he predicts, because that's when the tech bubble will burst. Chowdhry, someone who has never been reluctant to go out on a limb, is predicting that'll happen in March.

Earlier this month, Yahoo disabled the auto-forwarding feature from its Yahoo Mail email service, leaving people with little choice but to use Yahoo Mail client to check the emails their received on their Yahoo account. The company has now acknowledged the issue, explaining why it all happened, and most importantly, switched email forwarding feature on again. From a BusinessInsider report: "Why the pause? Over the past year, Yahoo Mail has been upgrading its platform. This has allowed us to bring a better search experience to Yahoo Mail, add multiple account support, and improve performance as we quickly scale this new system globally. The feature was temporarily disabled as part of this process," Michael Albers, VP of Yahoo Mail product management, wrote in a blog post. To turn on mail forwarding, go to Settings -- Account in Yahoo Mail and enter your forwarding address. After confirming that you, in fact, control that other address, automatic forwarding should be turned on.

In the aftermath of disclosure of a mega-breach at Yahoo which affects over 500 million users, Verizon may be looking at a way out of Yahoo's $4.83 billion acquisition deal. From a Reuters report: The company has a "reasonable basis" to believe that Yahoo's massive data breach of at least 500 million email accounts represents a material impact that could allow Verizon to withdraw from its $4.83 billion deal to buy Yahoo. Silliman told reporters that the data breach could trigger a clause that could allow Verizon to withdraw from the deal. "I think we have a reasonable basis to believe right now that the impact is material and we're looking to Yahoo to demonstrate to us the full impact. If they believe that it's not then they'll need to show us that," he said.

An anonymous reader writes: Yahoo has filed a patent for advertising billboards outfitted with a wide array of sensors -- including drone-based cameras -- which would use facial and vehicle recognition, data brokers, cell-tower information and social network information to attempt to identify worthwhile advertising targets and aim personalized ads at them as they pass on foot or in cars. The scheme, which was submitted on October 6th, anticipates using the same kind of micro-auction processes that currently determine which ads users see in webpages and mobile apps. The implementation of public ad-targeting brings up some fascinating and chilling prospects, as users find that the ads which "bloom" around them betray much about their private lives. Yahoo provides an example via its patent application: "According to one example, a digital billboard adjacent a busy freeway might be instrumented with or located near traffic sensors that detect information about the context of the vehicles approaching the billboard, e.g., the number and average speed of the vehicles. Such information might be used in conjunction with information about the time of day and/or the day of the week (e.g., Monday morning rush hour) to select advertisements for display that would appeal to an expected demographic and to display the advertisements for durations that are commensurate with the level of traffic congestion." The patent application also mentions how it will gather required information from individuals: "Various types of data (e.g., cell tower data, mobile app location data, image data, etc.) can be used to identify specific individuals in an audience in position to view advertising content. Similarly, vehicle navigation/tracking data from vehicles equipped with such systems could be used to identify specific vehicles and/or vehicle owners. Demographic data (e.g., as obtained from a marketing or user database) for the audience can thus be determined for the purpose of, for example, determining whether and/or the degree to which the demographic profile of the audience corresponds to a target demographic."

hackingbear writes: Contrary to the central government's wish to boost employment from peer-to-peer economy, the Chinese cities of Shenzhen, Shanghai, and Beijing, who have invested big interest in traditional taxi services, are all looking to pass municipal regulations on ride-hailing businesses that could wipe out many of Uber and Didi's drivers and cars. "There will be a sharp drop in market supply of rideshare vehicles. In Shanghai, for instance, less than 20 percent of existing rideshare vehicles meet the proposed (wide) wheelbase requirements. There will be significant decrease in the number of rideshare drivers. Of over 410,000 activated driver accounts in Shanghai, only less than 10,000 are residents with Shanghai residency registration," said Didi on its social media outlets. In China, ridesharing drivers are usually migrant workers who have few other choices of employments, and rich urban residents are not interested in such jobs. Given the sore state of the economy in China, high unemployment would mean social unrest; the ridesharing economy may prevail at the end as it has become too big to be strictly regulated. Separately, the Chinese government opened an antitrust probe into Uber's sale of its China operations to Didi in September after the announcement of the merger.

After it was revealed that Yahoo secretly scanned customer emails for U.S. intelligence agencies, now's as good of time as any to leave Yahoo Mail. However, the company has made it more difficult to leave by disabling the automatic email forwarding feature. Reuters reports: While those who have set up forwarding in the past are unaffected, users who would want to leave following recent hacking and surveillance revelations are struggling to shift to rival services, the AP reported on Monday. The company has been under scrutiny from investors after disclosing last month that at least 500 million user accounts were stolen from its network in 2014. The AP said that several users were leaving or had already left the service because of the negative headlines. The company's website says that the "automatic email forwarding" feature is under development and has been temporarily disabled.

An anonymous Slashdot reader writes: Look at this contradiction in the government's story about their secret scans on hundreds of millions of Yahoo emails. "Intelligence officials told Reuters that all Yahoo had to do was modify existing systems for stopping child pornography from being sent through its email or filtering spam messages." But three former Yahoo employee have now said that actually the court-ordered search "was done by a module attached to the Linux kernel -- in other words, it was deeply buried near the core of the email server operating system, far below where mail sorting was handled... They said that made it hard to detect and also made it hard to figure out what the program was doing."
Slashdot reader Trailrunner7 writes: Now, experts at the EFF and Sen. Ron Wyden say that the order served on Yahoo should be made public according to the text of a law passed last year. The USA Freedom Act is meant to declassify certain kinds of government orders, and the EFF says the Yahoo order fits neatly into the terms of the law. "If the reports about the Yahoo order are accurate -- including requiring the company to custom build new software to accomplish the scanning -- it's hard to imagine a better candidate for declassification and disclosure under Section 402," Aaron Mackey of the EFF said.

An anonymous Slashdot reader quotes TechHive: Spotify's ads crossed from nuisance over to outright nasty this week, after the music service's advertising started serving up malware to users on Wednesday. The malware was able to automatically launch browser tabs on Windows and Mac PCs, according to complaints that surfaced online...the ads directed users' browsers to other malware-containing sites in the hopes that someone would be duped into downloading more malicious software.
It didn't last long -- Spotify quickly posted that they'd identified "the source of the problem." And they're not the only company dealing with hidden malware in ads, since the same thing has happened to both Google and Yahoo.

More trouble for tech giants and how they are dealing with people. Google suffered a setback in an age discrimination suit this week. A judge ruled that other software engineers over age 40 who interviewed with the company but didn't get hired can step forward and join the lawsuit. From a Business Insider report: The suit was brought by two job applicants, both over the age of 40, who interviewed but weren't offered jobs. Specifically, the judge has approved turning the suit into a "collective action" meaning that people who "interviewed in person with Google for a software engineer, site reliability engineer, or systems engineer position when they were 40 years old or older, and received notice on or after August 28, 2014, that they were refused employment, will have an opportunity to join in the collective action against Google," the ruling says. While this isn't good news for Google, the ruling was strictly focused on whether the suit could be broadened to include more people. It doesn't mean that Google will ultimately lose the case. Google says it's fighting the suit.

The spy tool that the US government ordered Yahoo to install on its systems last year at the behest of the NSA or the FBI was a "poorly designed" and "buggy" piece of malware, according to two sources closely familiar with the matter, reports Motherboard. From the article: Last year, the US government served Yahoo with a secret order, asking the company to search within its users' emails for some targeted information, as first reported by Reuters this week. It's still unclear what was the information sought, but The New York Times, citing an anonymous official source, later reported that the government was looking for a specific digital "signature" of a "communications method used by a state-sponsored, foreign terrorist organization." Anonymous sources told The Times that the tool was nothing more than a modified version of Yahoo's existing scanning system, which searches all email for malware, spam and images of child pornography. But two sources familiar with the matter told Motherboard that this description is wrong, and that the tool was actually more like a "rootkit," a powerful type of malware that lives deep inside an infected system and gives hackers essentially unfettered access.

A prominent local media executive fired from Yahoo last year has filed a lawsuit accusing CEO Marissa Mayer of leading a campaign to purge male employees. "Mayer encouraged and fostered the use of (an employee performance-rating system) to accommodate management's subjective biases and personal opinions, to the detriment of Yahoo's male employees," said the suit by Scott Ard filed this week in federal district court in San Jose. From a MercuryNews article: Ard, who worked for Yahoo for 3 and a half years until January 2015, is now editor-in-chief of the Silicon Valley Business Journal. His lawsuit also claims that Yahoo illegally fired large numbers of workers ousted under a performance-rating system imposed by Mayer. That allegation was not tied to gender. Yahoo spokeswoman Carolyn Clark said Yahoo couldn't comment on pending litigation, but she defended the company's performance-review process, which she said was guided by "fairness." "Our performance-review process was developed to allow employees at all levels of the company to receive meaningful, regular and actionable feedback from others," Clark said. "We believe this process allows our team to develop and do their best work. Our performance-review process also allows for high performers to engage in increasingly larger opportunities at our company, as well as for low performers to be transitioned out."

As if Yahoo's reputation couldn't get any worse after the company revealed a massive data breach that occurred in 2014, compromising at least 500 million accounts, Reuters issued a report claiming the company secretly scanned customer emails for U.S. intelligence agencies. These reports certainly don't look good to the companies looking to acquire Yahoo, like Verizon, which has been nearing a deal since late July. Now, it appears that Verizon wants a $1 billion discount off its $4.83 billion deal to buy Yahoo. New York Post reports: Verizon is pushing for a $1 billion discount off its pending $4.8 billion agreement to buy Yahoo, several sources told The Post exclusively. "In the last day we've heard that Tim [Armstong] is getting cold feet. He's pretty upset about the lack of disclosure and he's saying can we get out of this or can we reduce the price?" said a source familiar with Verizon's thinking. That might just be tough talk to get Yahoo to roll back the price. Verizon had been planning to couple Yahoo with its AOL unit to give it enough scale to be a third force to compete with Google and Facebook for digital ad dollars. The discount is being pushed because it feels Yahoo's value has been diminished, sources said. AOL/Yahoo will reach about 1 billion consumers if the deal closes in the first quarter, with a stated goal to reach 2 billion by 2020. AOL boss Tim Armstrong flew to the West Coast in the past few days to meet with Yahoo executives to hammer out a case for a price reduction, a source said. "Tim was out there this week laying the law down and Marissa is trying to protect shareholders," said a source close to talks. "Tim knows how to be fair, while Verizon is pushing him, he can bridge the gap." At the same time, the Yahoo deal team is pushing back hard against any attempts to negotiate the price down, sources said. Yahoo is telling Verizon that a deal is a deal and that telecom giant has no legal recourse to change the terms.

An anonymous reader quotes a report from Reuters: A Yahoo operation in 2015 to scan the incoming email of its customers for specific information requested by the U.S. government was authorized under a foreign intelligence law, parts of which will expire next year, two U.S. government officials familiar with the matter said. The collection in question was specifically authorized by a warrant issued by the secret Foreign Intelligence Surveillance Court, said the two government sources, who requested anonymity to speak freely. Yahoo's request came under the Foreign Intelligence Surveillance Act, the sources said. The two sources said the request was issued under a provision of the law known as Section 702, which will expire on Dec. 31, 2017, unless lawmakers act to renew it. The FISA Court warrant related specifically to Yahoo, but it is possible similar such orders have been issued to other telecom and internet companies, the sources said. Section 702 of the FISA governs a program exposed by former National Security Agency contractor Edward Snowden known as Prism, which gathers messaging data from Alphabet Inc's Google, Facebook Inc, Microsoft Corp, Apple Inc and other major tech companies that involves a foreign target under surveillance. Another type of spying the authority allowed under Section 702 is known as "upstream," and allows the NSA to copy web traffic flowing along the internet backbone located inside the United States and search for certain terms associated with a target. "The NSA has said that it only targets individuals under Section 702 by searching for email addresses and similar identifiers," Senator Ron Wyden (OR-D) said in a statement to Reuters on Monday. "If that has changed, the executive branch has an obligation to notify the public."

Reuters reported on Tuesday that Yahoo last year secretly built a custom software program to search all of its customers' incoming emails for specific information provided by U.S. intelligence officials. When The Intercept reached out to Yahoo for an official comment and explanation, the company offered a non-denial response after 20 hours since Reuters's report, a report said. (If a report is inaccurate, the company says so explicitly. Non-denial is something you give when you are caught off guard and things reported are true.) From the report: From Yahoo's PR firm, "The article is misleading. We narrowly interpret every government request for user data to minimize disclosure. The mail scanning described in the article does not exist on our systems." This is an extremely carefully worded statement, arriving roughly 20 hours after the Reuters story first broke. That's a long time to craft 29 words. It's unclear as well why Yahoo wouldn't have put this statement out on Tuesday, rather than responding, cryptically, that they are "a law abiding company, [that] complies with the laws of the United States." But this day-after denial isn't even really a denial: The statement says only that the article is misleading, not false. It denies only that such an email scanning program "does not" exist -- perhaps it did exist at some point between its reported inception in 2015 and today. It also pins quite a bit on the word "described" -- perhaps the Reuters report was overall accurate, but missed a few details. And it would mean a lot more for this denial to come straight from the keyboard of a named executive at Yahoo -- perhaps Ron Bell, the company's general counsel -- rather than a "strategic communications firm."Reuters reported that Yahoo's decision has prompted questions in Europe whether EU citizens' data had been compromised, and this could result in derailing a new trans-Atlantic data sharing deal.

Apple, Google and Microsoft -- three of the largest technology companies in the U.S. -- have each said they don't scan all incoming messages for the U.S. government, which is exactly what Yahoo does. According to Reuters, Yahoo secretly built a custom software program last year to search all of its customers' incoming emails for specific information provided by U.S. intelligence officials. The company complied with a classified U.S. government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI. Vocativ reports: In a statement, a Microsoft spokesperson told Vocativ that "We have never engaged in the secret scanning of email traffic like what has been reported today about Yahoo." While Apple declined to give a statement on the record, a representative for the company did, in response to Vocativ's question, refer to CEO Tim Cook's official letter on consumer privacy, which reads in part: "I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will." The fact that both the companies declined further statement means it's not yet known if the NSA or FBI approached them to request they build a program like Yahoo's. Meanwhile, a spokesperson from Alphabet's Google issued a statement to CNBC: "We've never received such a request, but if we did, our response would be simple: 'no way.'" [The spokesperson later clarified that the company has not received a "directive" or "order" to that effect, either, according to The Intercept.] But the question is whether or not you believe them. With Yahoo's case, only a handful of employees knew about the program. The same could be true with Apple, Google, Microsoft or any other large tech company. Edward Snowden tweeted not too long after Reuters' report surfaced: "Heads up: Any major email service not clearly, categorically denying this tomorrow -- without careful phrasing -- is as guilty as Yahoo."

An anonymous reader shares with us an exclusive report from Reuters: Yahoo Inc last year secretly built a custom software program to search all of its customers' incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter. The company complied with a classified U.S. government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said two former employees and a third person apprised of the events. Some surveillance experts said this represents the first case to surface of a U.S. Internet company agreeing to a spy agency's demand by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real time. It is not known what information intelligence officials were looking for, only that they wanted Yahoo to search for a set of characters. That could mean a phrase in an email or an attachment, said the sources, who did not want to be identified. Reuters was unable to determine what data Yahoo may have handed over, if any, and if intelligence officials had approached other email providers besides Yahoo with this kind of request. The two former employees say that the decision Yahoo CEO Marissa Mayer made to obey the directive resulted in the June 2015 departure of CISO Alex Stamos, who left to work for Facebook. The company said in response to Reuters questions about the demand, "Yahoo is a law abiding company, and complies with the laws of the United States."

An anonymous reader quotes a report from Business Insider: The actual tally of stolen user accounts from the hack Yahoo experienced could be much larger than 500 million, according to a former Yahoo executive familiar with its security practices. The former Yahoo insider says the architecture of Yahoo's back-end systems is organized in such a way that the type of breach that was reported would have exposed a much larger group of user account information. To be sure, Yahoo has said that the breach affected at least 500 million users. But the former Yahoo exec estimated the number of accounts that could have potentially been stolen could be anywhere between 1 billion and 3 billion. According to this executive, all of Yahoo's products use one main user database, or UDB, to authenticate users. So people who log into products such as Yahoo Mail, Finance, or Sports all enter their usernames and passwords, which then goes to this one central place to ensure they are legitimate, allowing them access. That database is huge, the executive said. At the time of the hack in 2014, inside were credentials for roughly 700 million to 1 billion active users accessing Yahoo products every month, along with many other inactive accounts that hadn't been deleted. In late 2013, Yahoo CEO Marissa Mayer said the company had 800 million monthly active users globally. It currently has more than 1 billion.

New submitter OWCareers writes: Yahoo today announced its latest open-source release: a model that can figure out if images are specifically pornographic in nature. The system uses a type of artificial intelligence called deep learning, which involves training artificial neural networks on lots of data (like dirty images) and getting them to make inferences about new data. The model that's now available on GitHub under a BSD 2-Clause license comes pre-trained, so users only have to fine-tune it if they so choose. The model works with the widely used Caffe open source deep learning framework. The team trained the model using its now open source CaffeOnSpark system.
The new model could be interesting to look at for developers maintaining applications like Instagram and Pinterest that are keen to minimize smut. Search engine operators like Google and Microsoft might also want to check out what's under the hood here.The tool gives images a score between 0 to 1 on how NSFW the pictures look. The official blog post from Yahoo outlines several examples.

itwbennett writes from a report via CSO Online: After Yahoo raised eyebrows in the security community with its claim that state-sponsored hackers were responsible for the history-making breach, security firm InfoArmor now says it has evidence to the contrary. InfoArmor claims to have acquired some of the stolen information as part of its investigation into "Group E," a team of five professional hackers-for-hire believed to be from Eastern Europe. The database that InfoArmor has contains only "millions" of accounts, but it includes the users' login IDs, hashed passwords, mobile phone numbers and zip codes, said Andrew Komarov, InfoArmor's chief intelligence officer. Earlier this week, Chase Cunningham, director of cyber operations at security provider A10 Networks, called Yahoo's claim of state-sponsored actors a convenient, if trumped up, excuse: "If I want to cover my rear end and make it seem like I have plausible deniability, I would say 'nation-state actor' in a heartbeat." "Yahoo was compromised in 2014 by a group of professional blackhats who were hired to compromise customer databases from a variety of different targeted organizations," Scottsdale, Arizona-based InfoArmor said Wednesday in a report. "The Yahoo data leak as well as the other notable exposures, opens the door to significant opportunities for cyber-espionage and targeted attacks to occur."

If it wasn't already enough that the mega breach at Yahoo affects over 500 million users, a new investigative report on The New York Times states the extent to which Yahoo didn't care about its users' security (Editor's note: the link could be paywalled; alternate source). The report says Yahoo CEO Marissa Mayer refused to fund security initiatives at the company, and instead invested money in features and new products. Despite Edward Snowden warning Yahoo that it was too easy of a target for hackers, the company took one year to hire a new chief information officer. The company hired Alex Stamos, who is widely respected in the industry. But Stamos soon left partly due to clashes with Mayer, The Times adds. And it gets worse. From the report:But when it came time to commit meaningful dollars to improve Yahoo's security infrastructure, Ms. Mayer repeatedly clashed with Mr. Stamos, according to the current and former employees. She denied Yahoo's security team financial resources and put off proactive security defenses, including intrusion-detection mechanisms for Yahoo's production systems. [...] But during his tenure, Ms. Mayer also rejected the most basic security measure of all: an automatic reset of all user passwords, a step security experts consider standard after a breach. Employees say the move was rejected by Ms. Mayer's team for fear that even something as simple as a password change would drive Yahoo's shrinking email users to other services.