The Upload: Your tech news briefing for Tuesday, June 30

Security flaw pushes OPM web app offline... Oracle can charge Google for Java in Android... Microsoft mapping tech finds its way to Uber

Government personnel agency takes background check system offline for background checks

Hoping to avoid a third strike against it, the U.S. Office of Personnel Management has taken offline a system used for performing background checks on potential new hires. The agency discovered a security flaw in the web app, E-QIP, while auditing its IT systems after two spectacular hacks resulted in the theft of personnel records of millions of government employees and the security clearance questionnaires of many others. There is no evidence the flaw was exploited, OPM said Monday, but it will keep the system offline for up to six weeks while it checks it out.

Supreme Court denies Google request in Java infringement case

The U.S. Supreme Court effectively gave Oracle the go-ahead to charge licensing fees for Java in Android on Monday, when it declined to hear Google's appeal of a May 2014 ruling by the U.S. Court of Appeals for the Federal Circuit. In that decision, the appeals court ruled that Java APIs used by Google were covered by copyright. Java creator Sun Microsystems initially welcomed Google's 2007 announcement that it would use Java in Android, but the relationship soured after Oracle purchased Sun in 2010.

Uber buys mapping tools from Microsoft...

After buying mapping startup deCarta in March, Uber has acquired a chunk of mapping technologies from Microsoft's Bing unit. Around 100 Microsoft employees will move to Uber, which will also gain a data center and cameras allowing it to collect its own street-level imagery and other mapping data, according to TechCrunch.

... and appears to be spending money like water

Uber's operating loss exceeds its revenue, according to documents provided to potential investors and seen by Bloomberg News. The company made an operating loss of $470 million on revenue of $415 million, it apparently told investors to whom it hopes to sell up to $1.2 billion in convertible bonds.

Bruised by past mistakes, tech firms brace for 'leap second'

Computerized clocks around the world will pause for a moment late Tuesday to squeeze in an extra second. The leap second, as it's called, is needed to keep Coordinated Universal Time (UTC) in line with solar time. The two get out of whack due to changes in the earth's rotation, and 25 leap seconds have been added to clocks since 1971. But the last leap second in 2012 took some IT companies and other firms by surprise, and caused websites including LinkedIn and Reddit, as well as Qantas' passenger reservation system, to crash.

PayPal says it won't robocall users without permission after all

PayPal backtracked on plans to robocall its users on Monday, changing its privacy policy to say it will only call if invited. Earlier this month, PayPal generated controversy when it introduced policy changes that would allow it make unsolicited calls for marketing and other purposes from July 1. The Federal Communications Commission warned the changes might violate federal laws.

Microsoft's parental controls let kids browse more than they should, less than they'd like

Microsoft is introducing some draconian limits on kids' PC use with an update to its Family Safety controls, now rebranded as Microsoft Family. The old version allowed parents to set multiple periods during which their offspring could play on the PC -- say an hour each before breakfast and after dinner -- but now Microsoft is restricting the programming to just one session per day. Add that to the recent bug that allowed kids to browse sites not on the whitelist defined by their parents, and it's no wonder some are upset.

With free streaming for 90 days, Apple Music launches in U.S. today

Apple is offering free music streaming in the U.S. from today, starting the 90-day countdown to when it starts billing users $10/month. The Wall Street Journal wonders whether such services are changing us as much as they are changing the music industry.

Watch now

IBM's Watson will finally have something to trade weird recipe ideas with next year, when Sereniti Kitchen's Cooki goes on sale. It's a robot chef for those who don't have time to cook -- but who do have time to fill, chill, load, unload and wash or recycle the many plastic tubs in which the ingredients are stored. See it in action on IDG.TV.

One last thing

From the Department of We Told You So: It was in 1998 that seven security experts from a group called L0pht Heavy Industries told the U.S. Senate Committee on Governmental Affairs of their concerns about the security of the Internet and the many devices connected to it. The Washington Post has the story on what's happened to them -- and to the Internet-- in the 17 years since that warning.

Join the CSO newsletter!

Error: Please check your email address.

Tags U.S. Office of Personnel ManagementSereniti KitchenpaypalgovernmentL0pht Heavy IndustriesinternetOracleUber TechnologiesAppleGoogleMicrosoftsecurityU.S. Federal Communications Commissionsoftware

More about AppleBloombergFederal Communications CommissionGoogleIDGMicrosoftNewsOraclePayPalQantasSun MicrosystemsUberWall Street

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by IDG News Service staff

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place