Tag Archives: TDO

[$] A page-table isolation update

Post Syndicated from corbet original https://lwn.net/Articles/752621/rss

Dave Hansen did much of the work to get kernel page-table isolation
(PTI) into the kernel in response to the Meltdown CPU vulnerability. In the
memory-management track of the
2018 Linux Storage, Filesystem, and Memory-Management Summit, he ran a
discussion on how PTI came about, what the costs are, and what can be done
to minimize its performance impact.

[$] The impact of page-table isolation on I/O performance

Post Syndicated from corbet original https://lwn.net/Articles/752587/rss

Ever since kernel page-table isolation
(PTI)
was introduced as a mitigation for
the Meltdown CPU vulnerability, users have worried about how it affects the
performance of their systems. Most of that concern has been directed
toward its impact on computing performance, but I/O performance also
matters. At the 2018 Linux Storage, Filesystem, and Memory-Management
Summit, Ming Lei presented some preliminary work he has done to try to
quantify how severely PTI affects block I/O operations.

Japan ISP Says it Will Voluntarily Block Pirate Sites as Major Portal Disappears

Post Syndicated from Andy original https://torrentfreak.com/japan-isp-says-it-will-voluntarily-block-pirate-sites-as-major-portal-disappears-180424/

Speaking at a news conference during March, Japan’s Chief Cabinet Secretary Yoshihide Suga said that the government was considering measures to prohibit access to pirate sites. The country’s manga and anime industries were treasures worth protecting, Suga said.

“The damage is getting worse. We are considering the possibilities of all measures including site blocking. I would like to take countermeasures as soon as possible under the cooperation of the relevant ministries and agencies,” he added.

But with no specific legislation that allows for site-blocking, particularly not on copyright infringement grounds, it appeared that Japan might face an uphill struggle. Indeed, the country’s constitution supports freedom of speech and expressly forbids censorship. Earlier this month, however, matters quickly began to progress.

On Friday April 13, the government said it would introduce an emergency measure to target websites hosting pirated manga, anime and other types of content. It would not force ISPs to comply with its blocking requests but would simply ask for their assistance instead.

The aim was to establish cooperation in advance of an expansion of legislation later this year which was originally introduced to tackle the menace of child pornography.

“Our country’s content industry could be denied a future if manga artists and other creators are robbed of proceeds that should go to them,” said Prime Minister Shinzo Abe.

The government didn’t have to wait long for a response. The Nippon Telegraph and Telephone Corp. (NTT) announced yesterday that it will begin blocking access to sites that provide unauthorized access to copyrighted content.

“We have taken short-term emergency measures until legal systems on site-blocking are implemented,” NTT in a statement.

NTT Communications Corp., NTT Docomo Inc. and NTT Plala Inc., will block access to three sites previously identified by the government – Mangamura, AniTube! and MioMio which have a particularly large following in Japan.

NTT said that it will also restrict access to other sites if requested to do so by the government. The company added that at least in the short-term, it will prevent access to the sites using DNS blocking.

While Anitube and MioMio will be blocked in due course, Mangamura has already disappeared from the Internet. The site was reportedly attracting 100 million visits per month but on April 17 went offline following an apparent voluntary shutdown by its administrators.

AnimeNewsNetwork notes that a news program on NHK dedicated to Mangamura aired last Wednesday. A second episode will reportedly focus on the site’s administrators which NHK claims can be traced back to the United States, Ukraine, and other regions. Whether this exposé played a part in the site’s closure is unclear but that kind of publicity is rarely welcome in the piracy scene.

To date, just three sites have been named by the government as particularly problematic but it’s now promising to set up a consultation on a further response. A bill will also be submitted to parliament to target sites that promote links to content hosted elsewhere, an activity which is not illegal under current law.

Two other major access providers in Japan, KDDI Corp. and SoftBank Corp., have told local media that their plans to block pirate sites have not yet been finalized.

“The fact that neglecting the situation of infringement of copyright etc. cannot be overlooked is recognized and it is recognized as an important problem to be addressed urgently,” Softbank said in a statement.

“However, since there is concern that blocking infringes secrecy of communications, we need careful discussion. We would like to collaborate with industry organizations involved in telecommunications and consider measures that can be taken from various viewpoints, such as laws, institutions, and operation methods.”

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

[$] Finding Spectre vulnerabilities with smatch

Post Syndicated from corbet original https://lwn.net/Articles/752408/rss

The furor over the Meltdown and Spectre vulnerabilities has calmed a bit —
for now, at least — but that does not mean that developers have stopped
worrying about them. Spectre variant 1 (the bounds-check bypass
vulnerability) has been of particular concern because, while the kernel is
thought to contain numerous vulnerable spots, nobody really knows how to
find them all. As a result, the defenses that have been developed for
variant 1 have only been deployed in a few places. Recently, though,
Dan Carpenter has enhanced the smatch tool to enable it to find possibly
vulnerable code in the kernel.

Married Torrent Tracker Couple Settle With BREIN

Post Syndicated from Ernesto original https://torrentfreak.com/married-torrent-tracker-couple-settles-with-brein-180420/

Dutch anti-piracy group BREIN has targeted operators and uploaders of pirate sites for more than a decade.

The group’s main goal is to shut the sites down. Instead of getting embroiled in dozens of lengthy court battles, it prefers to settle the matter with those responsible.

This week, BREIN announced another victory against a small torrent site, Snuffelland. The private tracker was targeted at a Dutch audience and the anti-piracy group managed to track down its operators.

According to BREIN, the site was run by a married couple from the town of Montfort, a 65-year-old man and a 51-year-old woman. In addition, the group also identified one of the uploaders, a 60-year-old man from Heukelum.

All three are unemployed and their financial position was taken into account in determining the scale of the settlement. The couple agreed to pay 2,500 euros and the uploader settled for 650 euros, with a threat of further penalties if they are caught again.

The private tracker itself was shut down and replaced by a message that was provided by BREIN.

“Making copyright-protected works available infringes the copyrights of the entitled rightsholder. Downloading from unauthorized sources is also prohibited in the Netherlands,” the message reads.

“For providers of legal content, snuffelland.org refers you to thecontentmap.nl and film.nl,” it adds.

These type of shutdowns are nothing new. BREIN has taken down hundreds of smaller sites in the past. However, only in recent years has the group has started to publish these settlement details.

That serves as a deterrent but also provides some more insight into how the group prefers to solve these cases, which appears to be relatively softly. In this case, it also disproves the notion that torrent sites are run by youngsters.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Notes on setting up Raspberry Pi 3 as WiFi hotspot

Post Syndicated from Robert Graham original https://blog.erratasec.com/2018/04/notes-on-setting-up-raspberry-pi-3-as.html

I want to sniff the packets for IoT devices. There are a number of ways of doing this, but one straightforward mechanism is configuring a “Raspberry Pi 3 B” as a WiFi hotspot, then running tcpdump on it to record all the packets that pass through it. Google gives lots of results on how to do this, but they all demand that you have the precise hardware, WiFi hardware, and software that the authors do, so that’s a pain.

I got it working using the instructions here. There are a few additional notes, which is why I’m writing this blogpost, so I remember them.
https://www.raspberrypi.org/documentation/configuration/wireless/access-point.md

I’m using the RPi-3-B and not the RPi-3-B+, and the latest version of Raspbian at the time of this writing, “Raspbian Stretch Lite 2018-3-13”.

Some things didn’t work as described. The first is that it couldn’t find the package “hostapd”. That solution was to run “apt-get update” a second time.

The second problem was error message about the NAT not working when trying to set the masquerade rule. That’s because the ‘upgrade’ updates the kernel, making the running system out-of-date with the files on the disk. The solution to that is make sure you reboot after upgrading.

Thus, what you do at the start is:

apt-get update
apt-get upgrade
apt-get update
shutdown -r now

Then it’s just “apt-get install tcpdump” and start capturing on wlan0. This will get the non-monitor-mode Ethernet frames, which is what I want.

MPAA and RIAA Still Can’t Go After Megaupload

Post Syndicated from Ernesto original https://torrentfreak.com/mpaa-and-riaa-still-cant-go-after-megaupload-180414/

Well over six years have passed since Megaupload was shutdown, but there is still little progress in the criminal proceedings against its founders.

The United States wants New Zealand to extradite the men but have thus far failed to achieve that goal. Dotcom and his former colleagues are using all legal means to prevent this eventuality and a final conclusion has yet to be reached.

While all parties await the outcome, the criminal case in the United States remains pending. The same goes for the lawsuits filed by the MPAA and RIAA in 2014.

Since the civil cases may influence the criminal proceedings, Megaupload’s legal team previously managed to put these cases on hold, and last week another extension was granted.

Previous extensions didn’t always go this easy. Last year there were concerns that the long delays could result in the destruction of evidence, as some of Megaupload’s hard drives were starting to fail.

However, after the parties agreed on a solution to back-up and restore the files, this is no longer an issue.

“With the preservation order in place, and there being no other objection, Defendant Megaupload hereby moves the Court to enter the attached proposed order, continuing the stay in this case for an additional six months,” Megaupload’s legal team recently informed the court.

Without any objections from the MPAA and RIAA, U.S. District Court Judge Liam O’Grady swiftly granted Megaupload’s request to stay both lawsuits until October this year.

While the US Government hopes to have Dotcom in custody by that time, the entrepreneur has different plans. Following a win at the Human Rights Tribunal in New Zealand, he hopes to put the criminal case behind him soon.

If that indeed happens, the MPAA and RIAA might have their turn.

The latest stay order

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

The answers to your questions for Eben Upton

Post Syndicated from Alex Bate original https://www.raspberrypi.org/blog/eben-q-a-1/

Before Easter, we asked you to tell us your questions for a live Q & A with Raspberry Pi Trading CEO and Raspberry Pi creator Eben Upton. The variety of questions and comments you sent was wonderful, and while we couldn’t get to them all, we picked a handful of the most common to grill him on.

You can watch the video below — though due to this being the first pancake of our live Q&A videos, the sound is a bit iffy — or read Eben’s answers to the first five questions today. We’ll follow up with the rest in the next few weeks!

Live Q&A with Eben Upton, creator of the Raspberry Pi

Get your questions to us now using #AskRaspberryPi on Twitter

Any plans for 64-bit Raspbian?

Raspbian is effectively 32-bit Debian built for the ARMv6 instruction-set architecture supported by the ARM11 processor in the first-generation Raspberry Pi. So maybe the question should be: “Would we release a version of our operating environment that was built on top of 64-bit ARM Debian?”

And the answer is: “Not yet.”

When we released the Raspberry Pi 3 Model B+, we released an operating system image on the same day; the wonderful thing about that image is that it runs on every Raspberry Pi ever made. It even runs on the alpha boards from way back in 2011.

That deep backwards compatibility is really important for us, in large part because we don’t want to orphan our customers. If someone spent $35 on an older-model Raspberry Pi five or six years ago, they still spent $35, so it would be wrong for us to throw them under the bus.

So, if we were going to do a 64-bit version, we’d want to keep doing the 32-bit version, and then that would mean our efforts would be split across the two versions; and remember, we’re still a very small engineering team. Never say never, but it would be a big step for us.

For people wanting a 64-bit operating system, there are plenty of good third-party images out there, including SUSE Linux Enterprise Server.

Given that the 3B+ includes 5GHz wireless and Power over Ethernet (PoE) support, why would manufacturers continue to use the Compute Module?

It’s a form-factor thing.

Very large numbers of people are using the bigger product in an industrial context, and it’s well engineered for that: it has module certification, wireless on board, and now PoE support. But there are use cases that can’t accommodate this form factor. For example, NEC displays: we’ve had this great relationship with NEC for a couple of years now where a lot of their displays have a socket in the back that you can put a Compute Module into. That wouldn’t work with the 3B+ form factor.

Back of an NEC display with a Raspberry Pi Compute Module slotted in.

An NEC display with a Raspberry Pi Compute Module

What are some industrial uses/products Raspberry is used with?

The NEC displays are a good example of the broader trend of using Raspberry Pi in digital signage.

A Raspberry Pi running the wait time signage at The Wizarding World of Harry Potter, Universal Studios.
Image c/o thelonelyredditor1

If you see a monitor at a station, or an airport, or a recording studio, and you look behind it, it’s amazing how often you’ll find a Raspberry Pi sitting there. The original Raspberry Pi was particularly strong for multimedia use cases, so we saw uptake in signage very early on.

An array of many Raspberry Pis

Los Alamos Raspberry Pi supercomputer

Another great example is the Los Alamos National Laboratory building supercomputers out of Raspberry Pis. Many high-end supercomputers now are built using white-box hardware — just regular PCs connected together using some networking fabric — and a collection of Raspberry Pi units can serve as a scale model of that. The Raspberry Pi has less processing power, less memory, and less networking bandwidth than the PC, but it has a balanced amount of each. So if you don’t want to let your apprentice supercomputer engineers loose on your expensive supercomputer, a cluster of Raspberry Pis is a good alternative.

Why is there no power button on the Raspberry Pi?

“Once you start, where do you stop?” is a question we ask ourselves a lot.

There are a whole bunch of useful things that we haven’t included in the Raspberry Pi by default. We don’t have a power button, we don’t have a real-time clock, and we don’t have an analogue-to-digital converter — those are probably the three most common requests. And the issue with them is that they each cost a bit of money, they’re each only useful to a minority of users, and even that minority often can’t agree on exactly what they want. Some people would like a power button that is literally a physical analogue switch between the 5V input and the rest of the board, while others would like something a bit more like a PC power button, which is partway between a physical switch and a ‘shutdown’ button. There’s no consensus about what sort of power button we should add.

So the answer is: accessories. By leaving a feature off the board, we’re not taxing the majority of people who don’t want the feature. And of course, we create an opportunity for other companies in the ecosystem to create and sell accessories to those people who do want them.

Adafruit Push-button Power Switch Breakout Raspberry Pi

The Adafruit Push-button Power Switch Breakout is one of many accessories that fill in the gaps for makers.

We have this neat way of figuring out what features to include by default: we divide through the fraction of people who want it. If you have a 20 cent component that’s going to be used by a fifth of people, we treat that as if it’s a $1 component. And it has to fight its way against the $1 components that will be used by almost everybody.

Do you think that Raspberry Pi is the future of the Internet of Things?

Absolutely, Raspberry Pi is the future of the Internet of Things!

In practice, most of the viable early IoT use cases are in the commercial and industrial spaces rather than the consumer space. Maybe in ten years’ time, IoT will be about putting 10-cent chips into light switches, but right now there’s so much money to be saved by putting automation into factories that you don’t need 10-cent components to address the market. Last year, roughly 2 million $35 Raspberry Pi units went into commercial and industrial applications, and many of those are what you’d call IoT applications.

So I think we’re the future of a particular slice of IoT. And we have ten years to get our price point down to 10 cents 🙂

The post The answers to your questions for Eben Upton appeared first on Raspberry Pi.

MPAA Quietly Shut Down Its ‘Legal’ Movie Search Engine

Post Syndicated from Ernesto original https://torrentfreak.com/mpaa-quietly-shut-down-its-legal-movie-search-engine-180411/

During the fall of 2014, Hollywood launched WhereToWatch, its very own search engine for movies and TV-shows.

The site enabled people to check if and where the latest entertainment was available, hoping to steer U.S. visitors away from pirate sites.

Aside from the usual critics, the launch received a ton of favorable press. This was soon followed up by another release highlighting some of the positive responses and praise from the press.

“The initiative marks a further attempt by the MPAA to combat rampant online piracy by reminding consumers of legal means to watch movies and TV shows,” the LA Times wrote, for example.

Over the past several years, the site hasn’t appeared in the news much, but it did help thousands of people find legal sources for the latest entertainment. However, those who try to access it today will notice that WhereToWatch has been abandoned, quietly.

The MPAA pulled the plug on the service a few months ago. And where the mainstream media covered its launch in detail, the shutdown received zero mentions. So why did the site fold?

According to MPAA Vice President of Corporate Communications, Chris Ortman, it was no longer needed as there are many similar search engines out there.

“Given the many search options commercially available today, which can be found on the MPAA website, WheretoWatch.com was discontinued at the conclusion of 2017,” Ortman informs TF.

“There are more than 140 lawful online platforms in the United States for accessing film and television content, and more than 460 around the world,” he adds.

The MPAA lists several of these alternative search engines on its new website. The old WhereToWatch domain now forwards to the MPAA’s online magazine ‘The Credits,’ which features behind-the-scenes stories and industry profiles.

While the MPAA is right that there are alternative search engines, many of these were already available when WhereToWatch launched. In fact, the site used the services of the competing service GoWatchIt for its search results.

Perhaps the lack of interest from the U.S. public played a role as well. The site never really took off and according to traffic estimates from SimilarWeb and Alexa, most of the visitors came from Iran, where the site was unusable due to a geo-block.

After searching long and hard we were able to track down a former WhereToWatch user on Reddit. This person just started to get into the service and was disappointed to see it go.

“So, does anyone know of better places or simply other places where this information lives in an easily accessible place?” he or she asked.

One person responded by recommending Icefilms.info, a pirate site. This is a response the MPAA would cringe at, but luckily, most people mentioned justwatch.com as the best alternative.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Using AWS Lambda and Amazon Comprehend for sentiment analysis

Post Syndicated from Chris Munns original https://aws.amazon.com/blogs/compute/using-aws-lambda-and-amazon-comprehend-for-sentiment-analysis/

This post courtesy of Giedrius Praspaliauskas, AWS Solutions Architect

Even with best IVR systems, customers get frustrated. What if you knew that 10 callers in your Amazon Connect contact flow were likely to say “Agent!” in frustration in the next 30 seconds? Would you like to get to them before that happens? What if your bot was smart enough to admit, “I’m sorry this isn’t helping. Let me find someone for you.”?

In this post, I show you how to use AWS Lambda and Amazon Comprehend for sentiment analysis to make your Amazon Lex bots in Amazon Connect more sympathetic.

Setting up a Lambda function for sentiment analysis

There are multiple natural language and text processing frameworks or services available to use with Lambda, including but not limited to Amazon Comprehend, TextBlob, Pattern, and NLTK. Pick one based on the nature of your system:  the type of interaction, languages supported, and so on. For this post, I picked Amazon Comprehend, which uses natural language processing (NLP) to extract insights and relationships in text.

The walkthrough in this post is just an example. In a full-scale implementation, you would likely implement a more nuanced approach. For example, you could keep the overall sentiment score through the conversation and act only when it reaches a certain threshold. It is worth noting that this Lambda function is not called for missed utterances, so there may be a gap between what is being analyzed and what was actually said.

The Lambda function is straightforward. It analyses the input transcript field of the Amazon Lex event. Based on the overall sentiment value, it generates a response message with next step instructions. When the sentiment is neutral, positive, or mixed, the response leaves it to Amazon Lex to decide what the next steps should be. It adds to the response overall sentiment value as an additional session attribute, along with slots’ values received as an input.

When the overall sentiment is negative, the function returns the dialog action, pointing to an escalation intent (specified in the environment variable ESCALATION_INTENT_NAME) or returns the fulfillment closure action with a failure state when the intent is not specified. In addition to actions or intents, the function returns a message, or prompt, to be provided to the customer before taking the next step. Based on the returned action, Amazon Connect can select the appropriate next step in a contact flow.

For this walkthrough, you create a Lambda function using the AWS Management Console:

  1. Open the Lambda console.
  2. Choose Create Function.
  3. Choose Author from scratch (no blueprint).
  4. For Runtime, choose Python 3.6.
  5. For Role, choose Create a custom role. The custom execution role allows the function to detect sentiments, create a log group, stream log events, and store the log events.
  6. Enter the following values:
    • For Role Description, enter Lambda execution role permissions.
    • For IAM Role, choose Create an IAM role.
    • For Role Name, enter LexSentimentAnalysisLambdaRole.
    • For Policy, use the following policy:
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents"
            ],
            "Resource": "arn:aws:logs:*:*:*"
        },
        {
            "Action": [
                "comprehend:DetectDominantLanguage",
                "comprehend:DetectSentiment"
            ],
            "Effect": "Allow",
            "Resource": "*"
        }
    ]
}
    1. Choose Create function.
    2. Copy/paste the following code to the editor window
import os, boto3

ESCALATION_INTENT_MESSAGE="Seems that you are having troubles with our service. Would you like to be transferred to the associate?"
FULFILMENT_CLOSURE_MESSAGE="Seems that you are having troubles with our service. Let me transfer you to the associate."

escalation_intent_name = os.getenv('ESACALATION_INTENT_NAME', None)

client = boto3.client('comprehend')

def lambda_handler(event, context):
    sentiment=client.detect_sentiment(Text=event['inputTranscript'],LanguageCode='en')['Sentiment']
    if sentiment=='NEGATIVE':
        if escalation_intent_name:
            result = {
                "sessionAttributes": {
                    "sentiment": sentiment
                    },
                    "dialogAction": {
                        "type": "ConfirmIntent", 
                        "message": {
                            "contentType": "PlainText", 
                            "content": ESCALATION_INTENT_MESSAGE
                        }, 
                    "intentName": escalation_intent_name
                    }
            }
        else:
            result = {
                "sessionAttributes": {
                    "sentiment": sentiment
                },
                "dialogAction": {
                    "type": "Close",
                    "fulfillmentState": "Failed",
                    "message": {
                            "contentType": "PlainText",
                            "content": FULFILMENT_CLOSURE_MESSAGE
                    }
                }
            }

    else:
        result ={
            "sessionAttributes": {
                "sentiment": sentiment
            },
            "dialogAction": {
                "type": "Delegate",
                "slots" : event["currentIntent"]["slots"]
            }
        }
    return result
  1. Below the code editor specify the environment variable ESCALATION_INTENT_NAME with a value of Escalate.

  1. Click on Save in the top right of the console.

Now you can test your function.

  1. Click Test at the top of the console.
  2. Configure a new test event using the following test event JSON:
{
  "messageVersion": "1.0",
  "invocationSource": "DialogCodeHook",
  "userId": "1234567890",
  "sessionAttributes": {},
  "bot": {
    "name": "BookSomething",
    "alias": "None",
    "version": "$LATEST"
  },
  "outputDialogMode": "Text",
  "currentIntent": {
    "name": "BookSomething",
    "slots": {
      "slot1": "None",
      "slot2": "None"
    },
    "confirmationStatus": "None"
  },
  "inputTranscript": "I want something"
}
  1. Click Create
  2. Click Test on the console

This message should return a response from Lambda with a sentiment session attribute of NEUTRAL.

However, if you change the input to “This is garbage!”, Lambda changes the dialog action to the escalation intent specified in the environment variable ESCALATION_INTENT_NAME.

Setting up Amazon Lex

Now that you have your Lambda function running, it is time to create the Amazon Lex bot. Use the BookTrip sample bot and call it BookSomething. The IAM role is automatically created on your behalf. Indicate that this bot is not subject to the COPPA, and choose Create. A few minutes later, the bot is ready.

Make the following changes to the default configuration of the bot:

  1. Add an intent with no associated slots. Name it Escalate.
  2. Specify the Lambda function for initialization and validation in the existing two intents (“BookCar” and “BookHotel”), at the same time giving Amazon Lex permission to invoke it.
  3. Leave the other configuration settings as they are and save the intents.

You are ready to build and publish this bot. Set a new alias, BookSomethingWithSentimentAnalysis. When the build finishes, test it.

As you see, sentiment analysis works!

Setting up Amazon Connect

Next, provision an Amazon Connect instance.

After the instance is created, you need to integrate the Amazon Lex bot created in the previous step. For more information, see the Amazon Lex section in the Configuring Your Amazon Connect Instance topic.  You may also want to look at the excellent post by Randall Hunt, New – Amazon Connect and Amazon Lex Integration.

Create a new contact flow, “Sentiment analysis walkthrough”:

  1. Log in into the Amazon Connect instance.
  2. Choose Create contact flow, Create transfer to agent flow.
  3. Add a Get customer input block, open the icon in the top left corner, and specify your Amazon Lex bot and its intents.
  4. Select the Text to speech audio prompt type and enter text for Amazon Connect to play at the beginning of the dialog.
  5. Choose Amazon Lex, enter your Amazon Lex bot name and the alias.
  6. Specify the intents to be used as dialog branches that a customer can choose: BookHotel, BookTrip, or Escalate.
  7. Add two Play prompt blocks and connect them to the customer input block.
    • If booking hotel or car intent is returned from the bot flow, play the corresponding prompt (“OK, will book it for you”) and initiate booking (in this walkthrough, just hang up after the prompt).
    • However, if escalation intent is returned (caused by the sentiment analysis results in the bot), play the prompt (“OK, transferring to an agent”) and initiate the transfer.
  8. Save and publish the contact flow.

As a result, you have a contact flow with a single customer input step and a text-to-speech prompt that uses the Amazon Lex bot. You expect one of the three intents returned:

Edit the phone number to associate the contact flow that you just created. It is now ready for testing. Call the phone number and check how your contact flow works.

Cleanup

Don’t forget to delete all the resources created during this walkthrough to avoid incurring any more costs:

  • Amazon Connect instance
  • Amazon Lex bot
  • Lambda function
  • IAM role LexSentimentAnalysisLambdaRole

Summary

In this walkthrough, you implemented sentiment analysis with a Lambda function. The function can be integrated into Amazon Lex and, as a result, into Amazon Connect. This approach gives you the flexibility to analyze user input and then act. You may find the following potential use cases of this approach to be of interest:

  • Extend the Lambda function to identify “hot” topics in the user input even if the sentiment is not negative and take action proactively. For example, switch to an escalation intent if a user mentioned “where is my order,” which may signal potential frustration.
  • Use Amazon Connect Streams to provide agent sentiment analysis results along with call transfer. Enable service tailored towards particular customer needs and sentiments.
  • Route calls to agents based on both skill set and sentiment.
  • Prioritize calls based on sentiment using multiple Amazon Connect queues instead of transferring directly to an agent.
  • Monitor quality and flag for review contact flows that result in high overall negative sentiment.
  • Implement sentiment and AI/ML based call analysis, such as a real-time recommendation engine. For more details, see Machine Learning on AWS.

If you have questions or suggestions, please comment below.

Police Assisted By MPAA Shut Down Pirate TV Box Sellers

Post Syndicated from Andy original https://torrentfreak.com/police-assisted-by-mpaa-shut-down-pirate-tv-box-sellers-180404/

Piracy configured set-top boxes are the next big thing, today. Millions have been sold around the world and anti-piracy groups are scrambling to rein them in.

Many strategies are being tested, from pressurizing developers of allegedly infringing addons to filing aggressive lawsuits against sites such as TVAddons, a Kodi addon repository now facing civil action in both the United States and Canada.

Also under fire are companies that sell set-top boxes that come ready configured for piracy. Both Tickbox TV and Dragon Media Inc are being sued by the Alliance for Creativity and Entertainment (ACE) in the US. At this stage, neither case looks promising for the defendants.

However, civil action isn’t the only way to deal with defendants in the United States, as a man and woman team from Tampa, Florida, have just discovered after being arrested by local police.

Mickael Cantrell and Nancy Major were allegedly the brains behind NBEETV, a company promising to supply set-top boxes that deliver “every movie, every tv show that’s ever been made, plus live sports with no blackouts” with “no monthly fees ever.”

As similar cases have shown, this kind of marketing spiel rarely ends well for defendants but the people behind NBEE TV (also known as FreeTVForLife Inc.) were either oblivious or simply didn’t care about the consequences.

A company press release dated April 2017 advertising the company’s NBPro 3+ box and tracked down by TF this week reveals the extent of the boasts.

“NBPRO 3+ is a TV box that offers instant access to watch every episode of any TV show without paying any monthly bill. One just must attach the loaded box to his TV and stream whatever they want, with no commercials,” the company wrote.

But while “Free TV for Life” was the slogan, that wasn’t the reality at the outset.

NBEETV’s Kodi-powered Android boxes were hellishly expensive with the NBPRO 1, NBPRO 3, NBPRO 5 costing $199.00, $279.00 and $359.00 respectively. This, however, was presented as a bargain alongside a claim that the “average [monthly] cable bill across the country is approximately $198.00” per month.

On top of the base product, NBEETV offered an 800 number for customer support and from their physical premises, they ran “training classes every Tuesday and Thursdays at 11:00” for people to better understand their products.

The location of that building isn’t mentioned in local media but a WHOIS on the company’s FreeTVForLife domain yields a confirmed address. It’s one that’s also been complained about in the past by an unhappy customer.

“Free TV for LIFE [redacted]..(next to K-Mart) Hudson, Fl.. 34667. We bought the Little black box costing $277.00. The pictures were not clear,” Rita S. wrote.

“The screen froze up on us all the time, even after hooking straight into the router. When we took the unit back they kept $80 of our money….were very rude, using the ************* word and we will not get the remainder of our money for 14-28 days according to the employee at the store. Buyers beware and I am telling everyone!!!”

While this customer was clearly unhappy, NBEETV claimed to be a “movement which is spreading across the country.” Unfortunately, that movement reached the eyes of the police, who didn’t think that the content being offered on the devices should have been presented for free.

“We saw [the boxes] had Black Panther, The Shape Of Water, Jumanji was on there as well,” said Detective Darren Hill.

“This is someone blatantly on the side of the road just selling them, with signage, a store front; advertising on the internet with a website.”

Detective Hill worked on the case with the MPAA but even from TorrentFreak’s limited investigations this week, the couple were incredibly easy to identify.

Aside from providing accurate and non-hidden address data in WHOIS records, Mickael Cantrell (also known as Michael Cantrell) put in his real name too. The listed email address is also easily traced back to a company called Nanny Bees Corporation which was operated by Cantrell and partner Nancy Major, who was also arrested in the NBEETV case.

Unfortunately for the couple, the blundering didn’t stop there. Their company YouTube channel, which is packed with tutorials, is also in Cantrell’s real name. Indeed, the photograph supplied to YouTube even matches the mugshot published by ABC Action News.

The publication reports that the Sheriff’s Office found the couple with around 50 ‘pirate’ boxes. The store operated by the couple has also been shutdown.

Finally, another curious aspect of NBEETV’s self-promotion comes via a blog post/press release dated August 2017 in which Cantrell suddenly ups the ante by becoming Michael W. Cantrell, Ph. D alongside some bold and unusual claims.

“Dr. Cantrell unleashes his latest innovation, a Smart TV Box that literally updates every ten minutes. Not only does the content (what you can view) but the whole platform updates automatically. If the Company changes an icon you receive the change in real time,” the release reads.

“Thanks to the Overlay Processor that Dr. Cantrell created, this processor named B-D.A.D (Binary Data Acceleration Dump) which enhances an Android unit’s operating power 5 times than the original bench test, has set a new industry standard around the world.”

Sounds epic….perhaps it powered the following video clip.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

UK IPTV Provider ACE Calls it Quits, Cites Mounting Legal Pressure

Post Syndicated from Andy original https://torrentfreak.com/uk-iptv-provider-ace-calls-it-quits-cites-mounting-legal-pressure-180402/

Terms including “Kodi box” are now in common usage in the UK and thanks to continuing coverage in the tabloid media, more and more people are learning that free content is just a few clicks away.

In parallel, premium IPTV services are also on the up. In basic terms, these provide live TV and sports through an Internet connection in a consumer-friendly way. When bundled with beautiful interfaces and fully functional Electronic Program Guides (EPG), they’re almost indistinguishable from services offered by Sky and BTSport, for example.

These come at a price, typically up to £10 per month or £20 for a three-month package, but for the customer this represents good value for money. Many providers offer several thousand channels in decent quality and reliability is much better than free streams. This kind of service was offered by prominent UK provider ACE TV but an announcement last December set alarm bells ringing.

“It saddens me to announce this, but due to pressure from the authorities in the UK, we are no longer selling new subscriptions. This obviously includes trials,” ACE said in a statement.

ACE insisted that it would continue as a going concern, servicing existing customers. However, it did keep its order books open for a while longer, giving people one last chance to subscribe to the service for anything up to a year. And with that ACE continued more quietly in the background, albeit with a disabled Facebook page.

But things were not well in ACE land. Like all major IPTV providers delivering services to the UK, ACE was subjected to blocking action by the English Premier League and UEFA. High Court injunctions allow ISPs in the UK to block their pirate streams in real-time, meaning that matches were often rendered inaccessible to ACE’s customers.

While this blocking can be mitigated when the customer uses a VPN, most don’t want to go to the trouble. Some IPTV providers have engaged in a game of cat-and-mouse with the blocking efforts, some with an impressive level of success. However, it appears that the nuisance eventually took its toll on ACE.

“The ISPs in the UK and across Europe have recently become much more aggressive in blocking our service while football games are in progress,” ACE said in a statement last month.

“In order to get ourselves off of the ISP blacklist we are going to black out the EPL games for all users (including VPN users) starting on Monday. We believe that this will enable us to rebuild the bypass process and successfully provide you with all EPL games.”

People familiar with the blocking process inform TF that this is unlikely to have worked.

Although nobody outside the EPL’s partners knows exactly how the system works, it appears that anti-piracy companies simply subscribe to IPTV services themselves and extract the IP addresses serving the content. ISPs then block them. No pause would’ve helped the situation.

Then, on March 24, another announcement indicated that ACE probably wouldn’t make it very far into 2019.

“It is with sorrow that we announce that we are no longer accepting renewals, upgrades to existing subscriptions or the purchase of new credits. We plan to support existing subscriptions until they expire,” the team wrote.

“EPL games including highlights continue to be blocked and are not expected to be reinstated before the end of the season.”

The suggestion was that ACE would keep going, at least for a while, but chat transcripts with the company obtained by TF last month indicated that ACE would probably shut down, sooner rather than later. Less than a week on, that proved to be the case.

On or around March 29, ACE began sending emails out to customers, announcing the end of the company.

“We recently announced that Ace was no longer accepting renewals or offering new reseller credits but planned to support existing subscription. Due to mounting legal pressure in the UK we have been forced to change our plans and we are now announcing that Ace will close down at the end of March,” the email read.

“This means that from April 1st onwards the Ace service will no longer work.”

April 1 was yesterday and it turns out it wasn’t a joke. Customers who paid in advance no longer have a service and those who paid a year up front are particularly annoyed. So-called ‘re-sellers’ of ACE are fuming more than most.

Re-sellers effectively act as sales agents for IPTV providers, buying access to the service at a reduced rate and making a small profit on each subscriber they sign up. They get a nice web interface to carry out the transactions and it’s something that anyone can do.

However, this generally requires investment from the re-seller in order to buy ‘credits’ up front, which are used to sell services to new customers. Those who invested money in this way with ACE are now in trouble.

“If anyone from ACE is reading here, yer a bunch of fuckin arseholes. I hope your next shite is a hedgehog!!” one shouted on Reddit. “Being a reseller for them and losing hundreds a pounds is bad enough!!”

While the loss of a service is probably a shock to more recent converts to the world of IPTV, those with experience of any kind of pirate TV product should already be well aware that this is nothing out of the ordinary.

For those who bought hacked or cloned satellite cards in the 1990s, to those who used ‘chipped’ cable boxes a little later on, the free rides all come to an end at some point. It’s just a question of riding the wave when it arrives and paying attention to the next big thing, without investing too much money at the wrong time.

For ACE’s former customers, it’s simply a case of looking for a new provider. There are plenty of them, some with zero intent of shutting down. There are rumors that ACE might ‘phoenix’ themselves under another name but that’s also par for the course when people feel they’re owed money and suspicions are riding high.

“Please do not ask if we are rebranding/setting up a new service, the answer is no,” ACE said in a statement.

And so the rollercoaster continues…

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

The 4.16 kernel is out

Post Syndicated from corbet original https://lwn.net/Articles/750693/rss

Linus has released the 4.16 kernel, as
expected. “We had a number of fixes and cleanups elsewhere, but none
of it made me go ‘uhhuh, better let this soak for another week’
“.
Some of the headline changes in this release include initial support for
the Jailhouse
hypervisor, the usercopy whitelisting
hardening patches, some improvements to the deadline scheduler and, of
course, a lot of Meltdown and Spectre mitigation work.

Why Did The World’s Largest Streaming Site Suddenly Shut Down?

Post Syndicated from Andy original https://torrentfreak.com/why-did-the-worlds-largest-streaming-site-suddenly-shut-down-180401/

With sites like The Pirate Bay still going great guns in the background, streaming sites are now all the rage. With their Netflix style interfaces and almost instant streaming, these platforms provide the kind of instant fix impatient pirates long for.

One of the most successful was 123Movies, which over the past 18 months and several rebrandings (123movieshub, GoMovies) later managed to build a steady base of millions of users.

Had such a site made its base in the US or Europe, it’s likely that authorities would’ve been breathing down its neck somewhat sooner. However, the skyrocketing platform was allegedly based in Vietnam, a country not exactly known for its staunch support of intellectual property rights. Nevertheless, the tentacles of Hollywood and its friends in government are never far away.

In March 2017, US Ambassador to Vietnam Ted Osius called on the local Government to criminally prosecute the people behind movie streaming site 123movies, Kisscartoon, and a Putlocker variant.

Osius had a meeting with Truong Minh Tuan, Vietnam’s Minister of Information and Communications, after which the Minister assured the Ambassador that Vietnam wanted to protect copyrights. He reportedly told Osius that a decision would soon be made on how to deal with the pirate streaming sites. Perhaps coincidentally, perhaps not, during the discussions 123Movies suffered a significant period of downtime.

Almost exactly a year later, the MPAA piled on the pressure again when it branded 123Movies as the “most popular illegal site in the world”, noting that its 98 million monthly visitors were being serviced from Vietnam.

Then, around March 19, 2018, 123Movies announced that it would be shutting down for good. A notice on the site was accompanied by a countdown timer, predicting the end of the site in five days. When the timer ran out, so did the site and it remains down to this day. But was its closure entirely down to the MPAA?

For the past couple of years, Vietnam has been seeking to overhaul its intellectual property laws, not least due to pressure from countries like the United States. Then, last October, Vietnamese Ambassador Duong Chi Dung was voted in as chairman of the World Intellectual Property Organization (WIPO) General Assembly for the 2018-19 tenure.

It was the first time in 12 years that the Asia-Pacific region had had one of its representatives serving as chairperson of the WIPO General Assembly. Quite an honor considering the diplomat enjoyed the backing of 191 member nations during the Assembly’s 49th session in Geneva, Switzerland.

Then in February, local media began publishing stories detailing how Vietnam was improving its stance towards intellectual property. Citing the sixth annual International IP Index released that month by the US Chamber of Commerce Global Innovation Policy Center (GIPC), it was noted that Vietnam’s score was on the increase.

“Vietnam has taken some positive steps forward towards strengthening its IP framework to compete more closely with its Southeast Asian peers, increasing its score,” said Patrick Kilbride, vice president of GIPC.

“With continued investment in strong IP rights, Vietnam can harness this positive momentum to become a leader in the region, stimulate its domestic capacity for innovation, and enhance its global competitiveness.”

The Vietnam government was also credited with passing legislation to “strengthen the criminal standards for IP infringement”, a move set to “strengthen the enforcement environment” in the country.

Amid the positive developments, it was noted that Vietnam has a way to go. Early March a report in Vietnam News cited a deputy chief inspector of the Ministry of Science and Technology as saying that while an intellectual property court is “in sight”, it isn’t yet clear when one will appear.

“There needs be an intellectual property court in Vietnam, but we don’t know when it will be established,” Nguyễn Như Quỳnh said. That, it appears, is happily being exploited, both intentionally and by those who don’t know any better.

“Several young people are making tonnes of money out of their online businesses without having to have capital, just a few tricks to increase the number of ‘fans’ on their Facebook pages,” she said. “But a lot of them sell fake stuff, which is considered an infringement.”

Come April 10, 2018, there will be new IP regulations in place in Vietnam concerning local and cross-border copyright protection. Additionally, amendments made last year to the Penal Code, which took effect this year, mean that IP infringements carried out by businesses will now be subject to criminal prosecution.

“Article 225 of the Penal Code stipulates that violations of IPR and related rights by private individuals carries a non-custodial sentence of three years or a jail term of up to three years,” Vietnamnet.vn reports.

“Businesses found guilty will be fined VND300 million to VND1 billion (US$13,000-43,800) for the first offense. If the offense is repeated, the penalty will be a fine of VND3 billion ($130,000) or suspension of operations for up to two years.”

The threshold for criminality appears to be quite low. Previously, infringements had to be carried out “on a commercial scale” to qualify but now all that is required is an illicit profit of around US$500.

How this soup of intellectual property commitments, legislative change, hopes, dreams and promises will affect the apparent rise and fall of streaming platforms in Vietnam is unclear. All that being said, it seems likely that all of these factors are playing their part to ratchet up the pressure.

And, with the US currently playing hardball with China over a lack of respect for IP rights, Vietnam will be keen to be viewed as a cooperative nation.

As for 123Movies, it’s unknown whether it will reappear anytime soon, if at all, given the apparent shifting enthusiasm towards protecting IP in Vietnam. Perhaps against the odds its sister site, Animehub, which was launched in December 2017, is still online. But that could be gone in the blink of an eye too, if recent history is anything to go by.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Another Branch Prediction Attack

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2018/03/another_branch_.html

When Spectre and Meltdown were first announced earlier this year, pretty much everyone predicted that there would be many more attacks targeting branch prediction in microprocessors. Here’s another one:

In the new attack, an attacker primes the PHT and running branch instructions so that the PHT will always assume a particular branch is taken or not taken. The victim code then runs and makes a branch, which is potentially disturbing the PHT. The attacker then runs more branch instructions of its own to detect that disturbance to the PHT; the attacker knows that some branches should be predicted in a particular direction and tests to see if the victim’s code has changed that prediction.

The researchers looked only at Intel processors, using the attacks to leak information protected using Intel’s SGX (Software Guard Extensions), a feature found on certain chips to carve out small sections of encrypted code and data such that even the operating system (or virtualization software) cannot access it. They also described ways the attack could be used against address space layout randomization and to infer data in encryption and image libraries.

Research paper.

Qubes OS 4.0 has been released

Post Syndicated from ris original https://lwn.net/Articles/750318/rss

The security-focused distribution Qubes OS has released
version 4.0. “This release delivers on the features we promised in
our announcement
of Qubes 4.0-rc1
, with some course corrections along the way, such as
the switch from HVM to PVH for most VMs in response to Meltdown
and Spectre
. For more details, please see the full Release Notes.

Dotcom Wins Privacy Breach Case Against New Zealand Government

Post Syndicated from Ernesto original https://torrentfreak.com/dotcom-wins-privacy-breach-case-against-new-zealand-government-180326/

Following the Megaupload shutdown and the raid on Kim Dotcom’s mansion, many hours have been spent on the case in courts around the world.

While Dotcom and several of his former colleagues were targeted for alleged copyright crimes, thus far the major battles have been focused on other legal aspects of the case.

In a complaint filed at the Human Rights Tribunal, Dotcom accused the New Zealand Government of improperly withholding information. In 2015 Dotcom asked 28 ministers and several government departments to disclose information they held on him, without result.

The requests were labeled as “urgent” due to Dotcom’s pending legal case, but then-Attorney General Chris Finlayson denied them as being vexatious and without sufficient grounds.

Today the Human Rights Tribunal ruled that, by denying the requests, “…the Crown to be in clear breach of its obligations under the Privacy Act,” awarding the Megaupload founder $90,000 in damages for “loss of dignity or injury to feelings.”

While the financial windfall must be welcome, Dotcom also sees this ruling as a big victory in the grander scheme of things. According to the New Zealand entrepreneur, it means that the U.S. extradition bid is dead in the water.

“What does the Human Rights Tribunal Judgement mean for my Extradition case? It is OVER!” Dotcom just tweeted

“By unlawfully withholding information that could have helped my case the former Attorney General of New Zealand has perverted the course of Justice,” he adds.

It’s over…?

In addition to awarding damages, the ruling also requires the ministers and Government to comply with the original requests, as Newshub writes.

The Tribunal’s decision is a clear win for Dotcom. While it doesn’t automatically end the extradition case, going forward it certainly doesn’t hurt the position of Megaupload’s founder.

Who it could hurt, according to Dotcom, is New Zealand’s Privacy Commissioner John Edwards.

“I call for the immediate resignation of the Privacy Commissioner of New Zealand for his complicity with the former Attorney General and Crown Law in unlawfully withholding information that New Zealanders were legally entitled to,” Dotcom tweets.

The Privacy Commissioner retweeted Dotcom’s request without commenting on it, which elicited another blow from Dotcom.

“I appreciate the acknowledgment. The Human Rights Tribunal judgment makes you look utterly incompetent at best or co-conspiratorial at worst. Which is it? Either way, you’re done,” Dotcom added.

A copy of the Human Rights Tribunal ruling is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Pirate Streaming Giant 123Movies Announces Shutdown

Post Syndicated from Ernesto original https://torrentfreak.com/pirate-streaming-giant-123movies-announces-shutdown-180319/

With millions of visitors per day, 123movies(hub), also known as Gomovies, is one of the largest pirate streaming sites on the web.

However, according to a new message posted on the site, this will soon end. The site’s operators say that they will shut down at the end of the week.

“We’ve been providing links to movies and shows for years. Now it’s time to say goodbye. Thank you for being our friends and thanks for staying with us that long,” the 123movies team writes.

In addition, 123movies encourages its users to “respect” filmmakers by paying for movies and TV-shows instead of pirating them.

“PS: Please pay for the movies/shows, that’s what we should do to show our respect to people behind the movies/shows,” the team adds.

123movies shutdown notice

The shutdown announcement, which is currently only visible on the classic homepage, comes a few days after the MPAA branded the site as the the most popular illegal site in the world.

“Right now, the most popular illegal site in the world, 123movies.to (at this point), is operated from Vietnam, and has 98 million visitors a month,” MPAA’s Executive Vice President & Chief of Global Content Protection, Jan van Voorn said.

That wasn’t the first time the site had been called out. Last year the US Ambassador to Vietnam called on the local Government to criminally prosecute the site’s operators on their alleged home turf. In addition, the site was also on the radar of the office of the US Trade Representative, which featured 123movies in its latest Notorious Markets report.

While 123movies has changed names several times over the course of the last few months, it was still a relative newcomer. It first emerged less than three years ago, but quickly became a dominant player.

According to the announcement, however, it will be all over in a few days. With millions of potential estranged users, that will leave a huge gap to fill.

The reason for the planned closure decision is unknown. Speculation would suggest legal pressure being high on the list, but the 123movies team hasn’t commented on its motivation.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.