So without further ado, here are our top picks for the weirdest products we've discovered on Amazon this week:
If your coworkers are lame, simply get one of these hybrid fish tank office organizers and replace them with a group of pet-friendly cabins. At first glance, what appears to be a potential safety hazard is actually a surprisingly well-designed aquarium that runs running water for the little guys inside. For $ 34.99 you will get the LED light, the clock, the complete aquarium hybrid with its own decorative pebbles and its artificial plant. (Fish not included.)
The ultimate in cat's eye decoration, this new tissue paper dispenser will take kleenex out of the back of a cat like a wacky magician. If your guests suffer from allergies, you can direct them to the source of the problem to soothe their sneezing. Since it's made in an easy-to-clean material, simply mix the tissue holder with warm, soapy water to rinse it off after the flu season. Take one for $ 35.55.
Of course, we love Drake. But let us not forget that it is Celine Dion who takes the crown as Canada's supreme superstar. For only $ 69.97, you can install a life-size cardboard cutout from the singer "My Heart Will Go On" at your next meeting to add some glam to the celebrity.
In theory, a pillow that allows you to sleep comfortably anywhere can look like a dream. In reality? It's a bit of a nightmare. Considered "the ultimate immersive pillow" with a cocoon feel, the ostrich pillow is supposed to be perfect for catching a few z at work, during a long flight or when yawning ensues. Just slip it on your hand and breathe through its unusual little opening to head to the land of dreams. L & # 39; get for $ 99.
Somewhere on Sesame StreetErnie is posted shaking his head with disgust. Is nothing sacred and healthy? Whatever it is, take a Pack of 12 for $ 9.99 so that your children can float in a soapy bathtub filled with rubber poop.
Looking for a creative way to master your junk food cravings? Why not expose a replica of five pounds of human body fat. On reflection, please do not. Eat the Oreeos and continue to live your best life. The fat blob is at a reasonable price (?) $ 75.07 if you find yourself on the market for one.
You know what they say: Why solve a problem when you can hide it, instead. And if the problem involved is the stench of rotting rats in the walls of your home, you can choose this specially formulated product. blend of oils for $ 14.65 on Amazon. Honestly, he has rave reviews.
If you are looking for the perfect gift for that special person in your life, why not send him an Idaho potato with your face? Thanks to Potato Parcel – already featured on Shark tank – You can upload a photo of your choice and print it on a real potato. Get one for on Amazon.
Prove your fidelity to the burrito by swaddling your toddler in a microfiber and polyester blend of a realistic tortilla. Why not wrap your newborn in the blanket, complete the look with the matching hat and head to Chipotle? Maybe you'll even have free food. Probably not, though. Get the comfortable set for $ 8.69.
lifestyle (t) humor (t) amazon (t) culture (t) mashable-shopping (t) consumer technique</pre></pre>
Letting people opt out of the data collection is better than not letting them choose at all. But for decades, that's the breadth of the conversation. This gives too many giant tech companies a plausible denial for the frantic transfer of your personal information and allows them to blame the victim implicitly when they go too far: Do not be angry with us, you could have withdrawn all this time. Here is a simple suggestion: Let people register instead.
This is a simple problem to explain. A paradigm of "unsubscribe" means that data collection is done automatically and you must actively look for ways to stop it. Under "Opt in", you must affirmatively grant the right to access such data to a company before you can do so. You are in control from the beginning.
"Not only do participation mechanisms serve consumers better, they also serve democracy better."
Joseph Tomain, University of Indiana
At the moment, we do not know what form Apple's unsubscribe to Siri will take; The company has temporarily suspended its collection of voice data and only indicates that once it is resumed, "users will have the opportunity to opt in." Apple has not responded to a request for more specific information.
But to illustrate the limitations of unsubscribe options, look no further than Alexa from Amazon, who already has a mechanism to say "no thank you" to strangers who listen to your orders. Ready for that? Open the Alexa application. Tap the three dots in the upper left corner. Then go to Settings. Then go to Alexa account. Then go to Alexa privacy. Then go to Manage how your data improves Alexa. Then go Help develop new features to off. Then set the rocker under Use messages to improve transcripts to off. Theseus had an easier time fleeing the Minotaur.
This criticism applies much more widely than simple voice assistants, of course. Facebook is the undisputed master of art. This is not a new concern either; search the WIRED archives and you'll find titles like "Investigation: the opt-out is a loophole"Almost two decades ago. Consider this as an indicator not of the mold's argument, but of the length of time since this problem was infected and the little progress made.
"Not only do participation mechanisms serve consumers better, they also serve democracy better. They do this by helping to reduce the power imbalance between companies and individuals, "said Joseph Tomain, a researcher at Indiana University's Center for Applied Cybersecurity Research. "The information collected about us harbors our human strength, our autonomy and our human dignity in a way that we should not lose sight of."
"Companies that opt for an incentive to offer data practices that people would really agree to," said Tomain. That does not seem so much to ask.
Changing the current churn frame to accept does not solve all the problems. In fact, he would create some.
"Even if you had a big list of progressive things to sign up for, then you have a lot of fun on what the right options look like," says Michelle Richardson, director of privacy and data at the Center for Democracy. nonprofit organization. Technology "Do you show them [users] all different types of data and make them make changes to each type of data? Have you made any granular decisions? Do you notify them at any time of the changes? It's a lot to handle for a basic user. "
According to Richardson, the emphasis on whether to opt-out is ultimately the responsibility of the individual, not the companies that misuse the data. Plus, your data travels through hundreds of businesses with which you have no interaction, an underground economy of ghost data brokers. You can not get rid of it any more than you can hit a ghost.
Ideally, a strong privacy law will someday raise the question of questionable consent. "You need a privacy bill that companies can not continue to do these very risky things that continue to hurt people," Richardson said.
The establishment of strong membership policies does not preclude a possible general law on the protection of privacy. And, in some ways, the huge amount of data you have to collect is exactly why businesses should need it. You would finally have some idea of the gravity of the situation.
In reality, the opt-in practice seems like a long shot. Among the various privacy-related bills that go through Congress, only one handle include itand focusing on certain categories of sensitive information. But every time a company bursts its data under a sip layers of parameters, every time Big Tech takes more than that givesIt seems less radical to suggest that the least they can do is to get your explicit permission first.
Would you like to receive this two minute summary as an email every day of the week? Register here!
Dogs are play a big role in human cancer research
Cancer in older dogs is very common, but it turns out that treatments for your furry friend also have implications for people. Many types of cancer dogs resemble those found in humans. Through collaboration between Animal Medicine and Human Medicine as part of Obama's Cancer Moonshot initiative, researchers are investigating treatments that could save the lives of dogs and people.
A Phishing scam of Amazon Strike just in time for the First Day
With the first day of Amazon around the corner, the security company Mcafee detailed phishing this allows hackers to send an email that resembles that of Amazon, with a PDF attachment that leads anyone who clicks on a website mimicking an Amazon login page. From there, the malicious site not only asks for the victim's name, but also their birthday, home address, credit card information, and social security number. Remember: always check who your emails come from and do not open attachments unless you are sure it comes from someone you trust.
The FTC hit Facebook with a record $ 5 billion settlement
After months of negotiations, FTC reportedly fined Facebook a record $ 5 billion for his privacy violations If approved by the civilian division of the Department of Justice, it will be the first substantive sanction imposed on Facebook in the United States. But until then, important issues remain unresolved, for example if the FTC will personally hold Facebook's CEO, Mark Zuckerberg, and what kind of external control Facebook may have to follow.
The controversy surrounding voice assistants for smartphones has stoked its flames this week when a Belgian public broadcaster has had access to more than 1,000 Google Assistant records from a Google entrepreneur responsible for reviewing them. What are the providers listening to Google Assistant queries? Everything from requests for pornography to family arguments, medical discussions and conversations with children.
Scooters are in fashion these days, but what can you do if you do not want to share your scooter with someone else? Well, you can buy one just for you and the Boosted scooter is as attractive as possible.
How taming Slack for a more productive day of work.
This daily report is available via the newsletter. You can register just here to make sure you receive the news in your inbox every day of the week!
A new report from the RiskIQ threat detection company explains how Magecart hackers have found a way to analyze Amazon S3 buckets repositories that contain data and other essentials for sites and businesses. do not just read their content, but write to them, applying the desired modifications. For example, insert a code that steals credit card numbers from e-commerce sites.
RiskIQ has been monitoring the activity since the beginning of April; he first noticed the technique after seeing several Internet supply chain companies to compromise In May Rather than the typical targeted attacks that Magecart groups had deployed in the past, they proved to be part of a new "spray and prayer" technique. The Magecart hackers have laid the foundation for the widest possible network, modifying the code of countless sites devoid of e-commerce function, hoping to catch enough for the process of the cards to credit makes their efforts profitable.
"We are currently discussing," said Yonathan Klijnsma, Threat Researcher at RiskIQ. "All these guys are just trying to find mis-configured S3 buckets, and their skimmers are becoming everywhere."
It's a more complicated question than it appears. The simplest answer is: 17,000 domains, including, according to RiskIQ, some of the 2,000 largest sites in the world.
But many of these sites do not deal with credit card transactions at all, making the Magecart code irrelevant. It is also difficult to know how many current S3 buckets are affected, as several domains can be linked to the same one. Thus, the current answer, the one that matters, lies at the center of the Venn diagram, which consists of "domains linked to aggressively misconfigured S3 buckets" and "domains that process credit card payments". Or more specifically, whoever is unfortunate enough to pay for something on one of these sites before the resolution of the attack.
Which could take a moment. RiskIQ is working with Amazon to alert affected administrators of their exposure, but 17,000 domains are taking time. As are the necessary adjustments.
The question of compromised e-commerce sites, no matter how many, will have obvious consequences. But the biggest problem comes from the attack method itself.
Amazon S3 buckets are secured by default. Companies encounter difficulties when they actively modify these authorizations, whether during the development process or when they do not work with a third party. These Amazon S3 bucket configuration errors caused a lot of problems before. However, the benefits generally have been limited to the disclosure of personally identifiable information, huge databases of usernames and passwords, anniversaries and payroll numbers. social security that end up ending up. for sale or free, on the dark web and elsewhere. It's because of these gaffes usually give read permission to intruders, but not the ability to to write code. Magecart hackers have found a way to detect configuration errors that make both, and now they know 17,000 vulnerable domains.
"It's a whole new level of misconfiguration," Klijnsma said. "These buckets belong pretty much to anyone who talks, on a different scale, to a different type of data leak." Virtually everyone can do anything in these S3 buckets, and the reach of those it's big enough. "
Magecart hackers have a singular goal: the shaving of credit cards. But it is hard to imagine a group that thinks bigger, or at least with a more anarchic penchant. With the same technique, you can add all kinds of malicious programs to the same sites.
Amazon has developed tools to help its cloud users prevent this type of attack, including an option to "block public access" in one click deployed last fall Tweak this setting, and this problem disappears. But obviously, thousands of domains have still not locked their infrastructure, with potentially devastating consequences.
"Nobody seems to have noticed it," says Klijnsma, "and it continues at such an insane pace."
The virtual assistant can provide weather forecasts and traffic updates, and run more than 90,000. additional functions, or "skills" contributed by external developers. The problem is that you can usually only do one of these generous things at a time.
This limitation, also encountered in competitors such as Siri and Google Assistant-He hindered the ideal of virtual assistants serving as ubiquitous butlers. A user who wants to combine the varied skills of a virtual assistant to perform a multipart task usually has to make several requests, one after the other.
On Wednesday, Amazon introduced a new model in which Alexa performs multiple tasks in a single conversation, which combines previously isolated services into separate skills. This new power is promised in the coming months and it will initially be limited to one use case: a dinner and a movie.
Alexa offers multiple skills to buy movie tickets and book restaurant tables, but each one should be used in isolation. In a demonstration of the new experience, after a person bought two movie tickets via a skill called Atom Tickets, Alexa asked "Do you want to eat out?"
When the answer was "Yes, find me a Chinese restaurant", Alexa went to a discussion of nearby options and reserved a table for two. The assistant then offered to organize a walk in the restaurant and programmed an Uber.
Previously, Rohit Prasad, vice president of artificial intelligence work behind Alexa, has achieved everything that could have been asked a user to talk to Alexa at least 40 times. The new multitasking conversation system can achieve the same result in 13 utterances or less, in part because the user does not have to repeat the time and location multiple times.
"It transfers the cognitive load from the client to the assistant," says Prasad. I announced Alexa's new conversation skills at the re: MARS Conference of Amazon in Las Vegas on Wednesday. The experience does not depend on Alexa's suggestions: Users can also proactively request a booking for a tour or dinner to accompany their movie tickets. The Google assistant can handle some complementary questions referring to previous orders, but not to proactively remix external services, as Amazon showed on Wednesday.
Changing the way people plan their trips to the movies is a nice but small update of Alexa's abilities. It's also a small step forward to meet one of the most challenging challenges in computer science: how to make sure that machines master the language well enough to to converse properly with people.
One of the reasons why Alexa and other assistants have been limited to ad hoc queries indicating that software is struggling to cope with the diversity of languages. Even simple questions, like asking someone to share a meal, can take many forms: you can talk about food, a dinner, a bite or a meal at l & # 39; outside. The answers bring more complexity: not just "yes" or "no" but all the nuances of indecision and opinions about what kind of food or restaurant. Limiting user options reduces uncertainty. Conversations, where each utterance mixes a new meaning with the previous context, are particularly difficult for machines.
Prasad explains that Alexa's new multitasking mode relies on improving Amazon's ability to use the context of conversation to resolve ambiguous sentences. This encourages Alexa to choose the right answer in conversations that are not limited to a single function, he says.
The Alexa upgrade also depends on the software that guesses when to suggest switching to a different function, and data, such as times and locations, to be transferred for the functions to work properly.
Amazon claims that the underlying technology can be applied in many scenarios and languages. The movie planning service will be limited to the US and the English, but Prasad said that Amazon would soon give Alexa the power to perform multiple tasks at once, of course. 39, an unspecified way.
Travel would be an obvious use of this new capability, says Werner Goertz, research director at Gartner. Juggling with hotel reservations, car rentals, flight schedules and other logistical aspects is tricky; Alexa could use multiple services to manage them in one conversation.
Making sure that Alexa works as a broker for the services of another company could also bring new challenges. According to Goertz, Amazon will have to be careful not to ask users too aggressive questions about additional services such as rides or restaurants, as this could be embarrassing or incite users to wonder if Alexa is working on behalf of users. other companies. Amazon searches on Alexa detect frustration in the voice of a user can help with that.
Expanding Alexa's conversations could also add to the business challenges raised by the external hosting skills, according to Goertz. The new multi-tasking model sees Alexa playing a more active role in bringing users and other companies closer together. Not everyone can like how Amazon displays its brand, or chooses what will be presented, says Goertz.
Prasad said that Amazon is already thinking about such challenges and is currently discussing with developers to get their point of view on the new approach to the conversation. Since 2017, the assistant is responding to a user saying "Alexa, I need a ride" for the first time by suggesting both Uber and Lyft. After that, the default one is the one you used previously.
In the longer term, Amazon intends to play a less active role in designing specific use cases such as the night film planning system. Tools will be offered to developers to enable them to experiment with multiple services in a single conversation. In the end, Alexa should be flexible enough to combine all the skills required for a conversation, says Prasad.