Facebook wants to crack down against hate speech on migrants

Facebook's Mark Zuckerberg says the social network needs to get better at cracking down on hate speech against migrants. He identified them as a group that needed protection during a public "town hall" session in Berlin. Around 1,000 young people were invited, many of them students. Germany's history with the Nazi party means there are strict laws around the protection of minorities. Facebook has faced criticism in Germany for failing to police anti-immigration posts. Their ministry of justice has said the social network acts quicker to remove sexual imagery than it does racist messages. It was reported in January that German authorities were working on a deal with Facebook, Google and Twitter to make sure the law took priority over company policy. When asked to clarify Facebook's position directly, Zuckerberg said: "There's not a place for this kind of content on Facebook. Learning more about German culture and law has led us to change the approach," he said. He did not specify how he would stop this sort of material, but added: "Hate speech against migrants is an important part of what we now have no tolerance for on Facebook." Germany receives more refugees and asylum seekers than any other EU country. Many of those have come from war-torn Syria.

The increased numbers of migrants entering has seen support for anti-immigration groups rise. Tensions have grown in Germany both on and offline, especially after a series of assaults on New Year's Eve which were largely blamed on migrants. Authorities say about 1,000 people, mostly men, congregated at Cologne's central train station before breaking off into small groups that molested and robbed women. Despite this, last week about 100 people in the town of Clausnitz took to the streets and shouted "we are the people" and tried to block the bus carrying about 20 asylum seekers. Video footage showing migrants crying caused outrage. Two days after the protest in Clausnitz, a shelter for asylum-seekers was set alight in Bautzen while onlookers applauded.

Germany is currently considering proposals to tighten its immigration policy after the assaults on New Year's Eve. Businesses are expected to argue migrants would help replace the shrinking work force. However, Zuckerberg said he hoped the US would follow Germany's lead allowing more refugees into the country.

For more stories like this one you can now download the BBC Newsbeat app straight to your device. For iPhone go here. For Android go here.

Remarkable Boston Dynamics robot puts up with bullying

Boston Dynamics - the robotics firm owned by Google - has created a humanoid that is able to withstand all manner of bullying and still achieve its task.
Researchers push, kick and tease the remarkable new Atlas robot, which is an upgrade of models we've seen from the firm previously.
Despite the distractions, Atlas continues with its task of picking up and moving boxes.
In one instance, a member of the Boston Dynamics team gives Atlas such a severe whack to its upper back that it falls over, face first on to the floor.

After a moment of reflection, the robot pushes its arms out and jolts itself upright, before somewhat dejectedly walking out of the building. Other demonstrations shown in the video posted by Boston Dynamics show Atlas walking around in the snow, righting itself whenever it encounters difficult terrain. "It is electrically powered and hydraulically actuated," the company explained. "It uses sensors in its body and legs to balance and LIDAR and stereo sensors in its head to avoid obstacles, assess the terrain and help with navigation." The robot is 5ft 9in (175cm) tall and weighs 180lb (82kg). We learned in December last year that plans to develop a four-legged dog-like robot had been shelved after it was deemed too noisy for its purpose on combat zones. It had been hoped that the robot would be able to follow troops while carrying extra kit.

Apple apologises for iPhone 'error 53' and issues fix

Apple has said sorry to iPhone customers whose phones were disabled after third-party repairs, and issued a fix for the problem.

Some users found that their iPhone stopped working following servicing by a non-Apple technician and saw an "error 53" message in iTunes.

Previously, Apple had said the error was a "security measure" taken to prevent fraudulent transactions.

Now, the company has released a software update to fix the error.

In a statement, Apple said that "error 53" occurs when a device fails a standard security test designed to ensure that the Touch ID fingerprint scanner is working correctly.

However, the company added: "We apologise for any inconvenience, this was designed to be a factory test and was not intended to affect customers.

"Customers who paid for an out-of-warranty replacement of their device based on this issue should contact AppleCare about a reimbursement."

A software update has now been released so that iPhone customers with disabled phones may restore their device via iTunes on a PC or Mac.

Apple 'prodded'

"To me, there was a lot of logic in what they said around the 'error 53' element," said mobile analyst Ben Wood at CCS Insight.

"If you're using your fingerprint to unlock sensitive data or make payments and there was the ability for someone to replace the screen and modify the module to take control of your phone - that's not a good thing at all."

Mr Wood added that Apple faced something of a backlash over the error after it appeared "retrospectively" on repaired phones following a software update, and was not something iPhone users had expected.

Apple had even faced a class action lawsuit led by a Seattle-based firm over error 53-disabled phones.

"I think it's a sensible decision by Apple," he told the BBC.

"If they've found a way to allow people to do repairs to the phone without that error occurring, that's great news."

Some customers praised the company's decision on Apple's discussion forums.

"Perhaps my sentiment of a week ago or so (that I would not buy an iPhone 6), which generated so much complaining by people with huge numbers of posts, in its small way helped to prod Apple into fixing this," wrote one user, risandy, following news of the fix.

"Glad to see Apple have back-tracked on this one," added Jay 75.

TED 2016: HoloLens unveils 'teleportation' to Mars

HoloLens creator Alex Kipman has shown off Microsoft's augmented reality technology at the TED (Technology, Entertainment and Design) conference.

Using a camera hooked up to a HoloLens headset, he was able to "teleport" Nasa scientist Jeff Morris to the TED stage.

Microsoft is due to starting selling HoloLens developer units this spring for $3,000 (£2,000).

Some have questioned whether the technology will appeal to the mass market.

Mr Kipman said that AR would eventually replace the computer, smartphone and laptop screens we currently use.

"We will look back at this decade as being like cavemen in terms of technology," he said.

"Machines are becoming capable of understanding our world and interacting with us."

Virtual meets physical

That, he said, will ultimately lead to a world where the real and the digital are merged seamlessly.

"We will turn a dial and get reality and turn it the other way and get virtual reality."

In his demonstration at TED he showed delegates an other-worldly garden and digital rain before "teleporting" Mr Morris, who appeared to be standing on Mars.

"I'm in three places. I'm in a room across the street, I'm on the TED stage and I am also on Mars," said Mr Morris.

Critics have questioned whether HoloLens will be something that consumers will be prepared to pay for.

"I think we're a good few years away from a compelling consumer AR smart glasses solution which has the desirable content and is cheap enough to drive a broader interest in the technology," said Piers Harding-Rolls, an analyst at research firm IHS.

"I see consumer AR as more embryonic than VR and still very much at an experimental stage," he added.

Most activity in AR at the moment is "business-focused using smart glasses for commercial applications," he added.

VR connection

Virtual reality (VR) and augmented reality (AR) have been constant themes at this year's TED with a VR theme park being demonstrated, alongside another AR headset from Meta.

Virtual reality film-maker Chris Milk used his TED talk to conduct the world's biggest simultaneous VR experience.

Delegates had earlier been asked to download an app to their smartphones and each of the 1,200-strong TED audience was given a Google Cardboard headset to view a video.

It was a combination of films made by Mr Milk's start-up Vrse - including film shot from a helicopter above New York City and footage from refugee camps.

Mr Milk called VR "the last medium".

"We have just started to scratch the surface of the true power of virtual reality," he said.

"It's not a video game peripheral. It connects humans to other humans in a profound way that I've never seen before in any other form of media - and it can change people's perceptions of each other.

"And that's how I think virtual reality has the potential to actually change the world."

Bitcoin could help cut power bills

The technology behind the Bitcoin virtual currency could help cut electricity bills, suggests research.

A blockchain-based smart plug that can adjust power consumption minute-by-minute has been created by technologists at Accenture.

The blockchain is the automated ledger that underpins Bitcoin and tracks where the coins are spent and swapped.

The plug shops for different power suppliers and will sign up for a cheaper tariff if it finds one.

Accenture said the smart plug could help people on low incomes who pay directly for power.

Smart contract

The smart plug modifies the basic Bitcoin blockchain technology to make it more active, said Emmanuel Viale, head of the Accenture team at the firm's French research lab that worked on the plug.

Instead of just resolving and confirming transaction records, the Accenture work has changed the blockchain to let it negotiate deals on behalf of its owner.

"It's about how we put more business behaviour or logic into the blockchain," said Mr Viale, adding that this essentially embeds a "smart contract" into the digital ledger.

The smart plug prototype works with other gadgets in the house that monitor power use. When demand is high or low it searches for energy prices and then uses the modified blockchain to switch suppliers if it finds a cheaper source.

So far, said Mr Viale, the Accenture system was just a proof of concept, but it could help many people on lower incomes who pay for their power via a meter.

Being able to quickly shift suppliers could save this group more than £660m in the UK annually, suggests Accenture research.

A blockchain-based system that can act on behalf of its owner might also prove useful as the Internet of Things becomes more ubiquitous, said Mr Viale.

Managing many different gadgets might be tricky without a more centralised system, he said,

Martin Garner, a mobile services expert at analyst firm CCS Insight, said blockchains were starting to crop up in many different areas including share trading, fishing rights databases and land registry claims.

They had two chief attractions for the Internet of Things, he said.

"They avoid dependence on any one supplier or ecosystem - some users have concerns about the potential dominance of key internet players creating, for example, the Google-of-Things or the Amazon-of-Things," he said.

"The second attraction is as a way of enabling autonomous trading between things, such as the appliances in your house being set up to re-order supplies from a pre-approved list of suppliers," he added.

Glibc: Mega bug may hit thousands of devices

A major computer security vulnerability has been discovered - with experts cautiously warning it could potentially affect hundreds of thousands of devices, apps and services.

However, due to the nature of the bug, it is extremely difficult to know how serious the problem is.

"Many people are running around right now trying to work out if this is truly catastrophic or whether we have dodged a bullet," said Prof Alan Woodward, a security expect from the University of Surrey.

Google engineers, working with security engineers at Red Hat, have released a patch to fix the problem.

It is now up to manufacturers, and the community behind the Linux operating system, to issue the patch to affected software and devices as soon as possible.

In a blog post explaining the discovery, Google's team detailed how a flaw in some commonly-used code could be exploited in a way that allows remote access to a devices - be it a computer, internet router, or other connected piece of equipment.

The code can also be within many of the so-called "building blocks" of the web - programming languages such as PHP and Python are affected, as well as systems used when logging in to sites or accessing email.

"It's not a sky-is-falling scenario," said Washington D.C-based security researcher Kenneth White.

"But it's true there's a very real prospect that a sizable portion of internet-facing services are at risk for hackers to crash, or worse, run remote code to attack others."

He said that while there is no publicly known attack code using the flaw, it's a "near certainty" hackers would try to exploit the weakness.

Remote execution

The bug is found in glibc - a open-source library of code that is widely used in internet-connected devices.

One particular function is domain look-up. This is when the device converts a typical web domain, say bbc.com, and finds its corresponding IP address so it can access whatever website or service is needed.

The domain look-up code in glibc contains a bug that could allow hackers to maliciously implant code within a device's memory. From here, attacks such as remote execution - controlling the device over the internet - could take place.

However, Google said it is very hard to exploit the flaw although their engineers have worked out how. For obvious security reasons they are not making that public.

The scale of the problem is difficult to determine because it is unclear how many devices and systems make use of the glibc code.

For instance, Google Android devices use a substitute library which is not vulnerable to this particular attack.

But hundreds of thousands of others could be, and so manufacturers are being urged to test their systems using a proof-of-concept attack developed and released on Tuesday by Google's team.

Major systems like Windows or OS X are unaffected - but consumers need to be more concerned about smaller connected devices.

"Think routers and increasingly anything considered part of the 'Internet of Things'," said Prof Woodward.

Worryingly, it appears that the bug was first reported to the team that maintains glibc in July last year, but it was flagged as low priority.

The vulnerability is being compared to Shellshock, a bug discovered in 2014 which affected a huge range of computing devices.

The bug discovered in glibc has been present since 2008, experts said.

Bounty hunter finds Facebook account hijack bug

A British security analyst has been given $7,500 (£5,240) by Facebook after notifying it of a flaw on its website.

Like many big tech firms, Facebook offers financial rewards, known as bug bounties, in exchange for issues reported directly to it rather than publicised.

It is Jack Whitton's second big payout from Facebook - a previous find netted him $20,000.

The more serious the bug, the higher the reward.

It means that vulnerabilities can be fixed before they fall into the hands of hackers.

Facebook recently announced that it had paid a total of $4.3m in bug bounties since it launched its programme in 2010.

Last year, it awarded $936,000 to 210 people. The average payment was $1,780.

Jack Whitton describes so-called bug hunting as a hobby. He has also identified weaknesses in platforms run by Paypal, Microsoft, Dropbox and Snapchat among others.

"It can take a day to find, then more to investigate whether it's a real issue," he told the BBC.

His most recent find involved an image that could be embedded with malicious code, which would enable its owner to take over a Facebook account once a particular member had clicked on it - a vulnerability known as cross-site scripting.

It would not have affected the user's computer, but would have enabled their account to be accessed and controlled remotely - including sending private messages, posting links and pictures.

"No-one had actually exploited it," Mr Whitton said.

"Facebook were pretty pleased. They managed to get a quick fix - within six hours. They are a great company to report bugs to, they take it seriously."

Increased awareness

A permanent fix took longer, which is why he is only now able to talk about the bug although he found it last year.

The social network has also included Jack Whitton in its "hall of fame" - a list of white hat - or ethical - hackers who have helped it to make the platform more secure.

However, potential bug hunters should choose their websites carefully, he added.

"Firms are becoming more aware that every company has issues, if you don't let people report them, the bad guys will use them and you just won't know about it," he said.

"It's fun to find these things - and it is also very nice to get money from it - but only if the website has an official bug bounty policy.

"Otherwise you might find yourself accused of hacking."

Bounty balancing act

Cybersecurity expert Prof Alan Woodward told the BBC that bug hunters were a cost-effective way for tech firms to find security flaws.

"Compare the potential financial loss to a company and the bug bounties they pay and you soon realise it is a very cost-effective means of finding and plugging security holes," he said.

Companies have a difficult balancing act to perform with the size of bounty they pay.

If they pay too little, they can be accused of undervaluing the work of security researchers, and thereby not taking security seriously enough. If they pay too much, the companies might be accused of paying sums equivalent to protection money.

"While there are security flaws and those willing to exploit them for criminal purposes, there will be a need to pay people a bounty to responsibly disclose what they find," Prof Woodward added.

"Just like in the Wild West, it's not an ideal solution, but it works."