/.

Syndicate content Slashdot
News for nerds, stuff that matters
Updated: 13 hours 22 min ago

Open and Rich Co-exist But Don't Mingle So Much

Sat, 06/18/2016 - 7:30pm
In an interview with The Atlantic, Ev Williams, best known for co-founding Blogger, Twitter, and Medium, says the web is about money now -- and not creativity. According to him, the burst of creativity has repeatedly been followed by big companies showing up and locking it down. From the article: But the thing about dreaming up a future, and making it real, is then you have to live in it. Back in San Francisco, coming out of the BART station on Market Street, he admits that the web game has changed since he came up. [Editor's note: he is talking about web services that allow you to book a taxi with an app, pay for stuff you purchase with your phone]. "There were always ecommerce startups," he says. "I was never part of that world, and we kind of looked down on them when the whole boom was happening. We were creating businesses, but ours had more creativity, ours weren't just for the money. Or maybe ours were even for utility but not just money, whereas clearly there are ways for both." He laughs. "Even the Google guys -- they were trying to create something really useful and good for the world, and they made all the money." Software developer and writer Dave Winer disagrees. He believes that not all technologies are money-driven -- at least when you look at it from a different perspective. He writes: The fun is over. Now it's about money. I guess that's what you see from his perspective. And from Facebook, Apple and Google, and maybe Oracle and Salesforce, and a few others. But there are technologies that went a different way. My favorite example is Manhattan's relationship to Central Park. The apartment buildings around the park are the money, and the creativity is in the park. The buildings are exclusive, the most expensive real estate in the world. The park is open to anyone, rich or poor, from anywhere in the world. The park is the engine of renewal. It's where the new stuff comes from. The buildings are where the money is parked. In the interview Williams did with the Atlantic, in NYC, they looked into the park from a nearby hotel. That's one valid perspective of course. Or you could go for a walk and see wha''s happening inside the park. You can see a great concert at Lincoln Center or Carnegie Hall, but there's great music in the park too. It's different. But it's good music. And the price is right.

Read more of this story at Slashdot.

Political Party's Videoconference System Hacked, Allowed Spying On Demand

Sat, 06/18/2016 - 5:30pm
The political party heading the Quebec parliament "had its internal videoconference system hacked in what seems to be a default password hack," writes Slashdot reader courteaudotbiz , citing reports in a Canadian newspaper. "Quebec Liberals got a lesson in how not to use the internet," joked one Quebec news station, writing that the security flaw "allowed anyone to gain access to strategy meetings and watch any of the party's live video conferences; and at least one person did... According to the source it was as easy as using a commonly used password, that is often the default code that never gets changed." While the default password has since been changed, it represents the second high-profile Canadian password screw-up, since last week in Winnipeg, "Two 14-year-old high school students managed to hack into a Bank of Montreal ATM at a super market during their lunch break using an operator's manual they found online... They notified a nearby BMO branch manager, who was nice enough to write the pair notes for being absent from school as they showed security personnel how they did it."

Read more of this story at Slashdot.

Delete Or Update All Adobe Flash Player Instances, Experts Warn

Sat, 06/18/2016 - 3:33pm
An anonymous reader quotes an article from BankInfoSecurity: Security experts are once again warning enterprises to immediately update -- or delete -- all instances of the Adobe Flash Player they may have installed on any system in the wake of reports that a zero-day flaw in the web browser plug-in is being targeted by an advanced persistent threat group.... The bug exists in Adobe Flash Player 21.0.0.242 and earlier versions -- running on Windows, Mac, Linux, and Chrome OS -- and "successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system." Thursday Adobe released an updated version of Flash patching 36 separate vulnerabilities, including the critical vulnerability which "if exploited would allow malicious native-code to execute, potentially without a user being aware." While applauding Adobe's quick response, researchers at Kaspersky Lab say it's already been exploited in Russia, Nepal, South Korea, China, India, Kuwait and Romania, and BankInfoSecurity writes that "The latest warning over this campaign reinforces just how often APT attackers target Flash, thus making a potential business case for banning it for inside the enterprise."

Read more of this story at Slashdot.

Interviews: Ask Security Expert Mikko Hypponen A Question

Sat, 06/18/2016 - 2:30pm
Even if you pay only a fraction of your time on security news, you probably already know Mikko Hypponen (Twitter, Wikipedia). He is the Chief Research Officer at F-Secure, a security firm he joined over two decades ago. Hypponen has assisted law enforcement in the United States, Europe and Asia on cybercrime cases, and has also made several appearances on BBC, TED talks, TEDx, DLD, SXSW, Black Hat, DEF CON, and Google Zeitgeist among others. He has also written for CNN, The New York Times, Wired, and BetaNews. Hypponen has closely watched computers, networks, and security spaces grow over the years. In 2011, Hypponen tracked down the authors of the first PC virus in history -- Brain.A. Whether you want to know about the early days of malware -- when they were mostly created by hobbyists, or get an inside view of the challenges security firms face today, or how exactly does one keep himself or herself safe in the increasingly terrifying world, use the comments section to leave your question. Editor's note: We will be collecting some of the best questions and sending them to Mikko at 22:00 GMT, Monday.

Read more of this story at Slashdot.

New Algorithm Could Help Predict Future ISIS Attacks

Sat, 06/18/2016 - 1:26pm
An anonymous reader writes: Researchers have developed a new algorithm which may help law enforcement agencies predict potential terror attacks. The computer model has a particular focus on the behavioral patterns associated with Islamic State (ISIS) supporters... For eight months in 2015, the researchers tracked 108,086 individual followers on ISIS-related social media pages, noting that sudden increases in the number of pages "preceded the onset of violence in a way that would not have been detected by looking at social media references to ISIS alone." According to The Stack, the University of Miami team "used a mathematical equation typically applied in physics and chemistry to monitor the development and growth of pro-ISIS groups. 'It was like watching crystals forming. We were able to see how people were materializing around certain social groups; they were discussing and sharing information -- all in real-time... This removes the guess work. With that road map, law enforcement can better navigate what is going on, who is doing what, while state security agencies can better monitor what might be developing,..."

Read more of this story at Slashdot.

Fedora QA Lead Pans Canonical 'Propaganda' On Snap Apps

Sat, 06/18/2016 - 12:30pm
Long-time Slashdot reader JImbob0i0 shares a scathing article by Red Hat's Fedora QA "community monkey"/senior QA engineer on Canonical's announcement about their application delivery mechanism "snap"... ...and how it's going to unite all distributions and kill apt and rpm! This is, to put it diplomatically, a heaping pile of steaming bullshit... The press release and the stories together give you the strong impression that this thing called Snappy is going to be the cross-distribution future of application delivery, and it's all ready for use today and lots of major distributions are buying into it... The stories have headlines like "Adios apt and yum? Ubuntu's snap apps are coming to distros everywhere" and "Snap Packages Become Universal Binary Format for All GNU/Linux Distributions"... Now, does Snappy actually have the cross-distribution buy-in that the press release claims (but never outright states) that it has? No... The sum total of communication between Canonical and Fedora before the release of this press release was that they mailed us asking about the process of packaging snappy for Fedora, and we told them about the main packaging process and COPR. They certainly did not in any way inform Fedora that they were going to send out a press release strongly implying that Fedora, along with every other distro in the world, was now a happy traveler on the Snappy bandwagon... They just decided to send out a wildly misleading press release and actively encourage the specialist press to report that Snappy was all set to take over the world and everyone was super happy with that.

Read more of this story at Slashdot.

Ask Slashdot: Should You Store Medical Details In The Cloud?

Sat, 06/18/2016 - 11:30am
"Paper forms are a security risk", warns the web site for CareMonkey, which maintains digital and up-to-date medical information in the cloud "for any organization with a duty of care". This is raising concerns for long-time Slashdot reader rolandw, who says he's being asked by his daughter's school to approve using the site to store "her full medical details". CareMonkey say that this data is stored on AWS and their security page says that it is secured by every protocol ever claimed by AWS (apparently). As a sysadmin and developer who has used AWS extensively for non-secure information my alarm bells are sounding. Should he ignore those alarm bells and approve the storage of his daughter's medical history in the cloud? And if not, what specific reason would you give for refusing?

Read more of this story at Slashdot.

Court Slams Record Companies in New Vimeo/DMCA Ruling

Sat, 06/18/2016 - 10:30am
Remember when Capitol Records sued Vimeo over copyright-violating videos? They just lost in court again, when an Appeals court overruled three lower court decisions. Slashdot reader NewYorkCountryLawyer shares the specifics of the Appeals court's findings: [T]he Copyright Office was dead wrong in concluding that pre-1972 sound recordings aren't covered by the DMCA... the judge was wrong to think that Vimeo employees' merely viewing infringing videos was sufficient evidence of "red flag knowledge"... a few sporadic instances of employees being cavalier about copyright law did not amount to a "policy of willful blindness" on the part of the company. "The decision once again affirms that the DMCA extends immunity to a service provider for the infringement of their customers if the service provider removes material at the request of the right holder," writes Ars Technica.

Read more of this story at Slashdot.

Those 100,000 Lost Air Force Files Have Been Found Again

Sat, 06/18/2016 - 9:30am
The Air Force now says it will be able to recover those 100,000 investigation files dating back to 2004, after "aggressively leveraging all vendor and department capabilities." An anonymous reader quotes a report from Government Executive about the mysteriously corrupted database: In a short, four-sentence statement released midday on Wednesday, service officials said the Air Force continues to investigate the embarrassing incident in which the files and their backups were corrupted. "Through extensive data recovery efforts over the weekend and this week, the Air Force has been able to regain access to the data in the Air Force Inspector General Automated Case Tracking System..." the statement reads. Earlier on Wednesday, the Air Force chief of staff said that the effort to recover the files involved Lockheed Martin and Oracle, the two defense contractors that run the database, plus Air Force cyber and defense cyber crime personnel. The Chief of Staff hopes "there won't be a long-term impact, other than making sure we understand exactly what happened, how it happened and how we keep it from ever happening again." The Air Force is conducting an independent review, while Lockheed Martin is now also performing a separate internal review.

Read more of this story at Slashdot.

At Black Hat's Oscars: an Award For Hacking Junk

Sat, 06/18/2016 - 8:30am
chicksdaddy shares an article from Security Ledger: The Pwnies, a long-running awards ceremony that is the hacker community's equivalent of The Oscars (or at least The People's Choice Awards) is adding an award for "Junk Hacking" to its 2016 roster... [I]n a nod to the security industry's penchant for stunt hacking and the technology industry's penchant for unwarranted complexity, the award will be given to researchers who "discovered and performed the most needlessly sophisticated attack against the most needlessly Internet-enabled 'Thing.'" Among other new categories that are being added are Pwnies for the "Best Cryptographic Attack," the "Best Backdoor," and the closely related "Best Stunt Hack," awarded to "the researchers, their PR team, and participating journalists for the best, most high-profile, and fear-inducing public spectacle that resulted in the most panic-stricken phone calls from our less-technical friends and family members"... Anyone can nominate a recipient for a Pwnie using the organizationâ(TM)s web site. Though the award targets pointless products on the Internet of Things, one judge points out that "It may be that there's some exploit in your connected toothbrush that could also be used against a home security system..."

Read more of this story at Slashdot.

The NSA Would Be Eliminated Under President Gary Johnson

Sat, 06/18/2016 - 7:30am
An anonymous reader writes: Libertarian presidential nominee Gary Johnson says he'd sign an executive order eliminating America's National Security Agency if he wins the 2016 election. And he's also forcefully arguing that domestic surveillance of internet activity and phone calls in the United States is worse than in China. Johnson took issue with an interviewer at The Daily Beast who pointed out that China monitors political dissidents, saying "What do you call the NSA and the satellites that are trained on us and the fact that 110 million Verizon users are having everything we do on our cell phones being data-collected?" Johnson also wants to abolish the Internal Revenue Service, replacing both income taxes and corporate taxes with a single federal consumption tax, and says he'd be willing to sign legislation eliminating the Department of Education, the Department of Housing and Urban Development, and the Department of Commerce, which he says fuels "crony capitalism". "I'll sign legislation to eliminate any federal agency that they present me with." Johnson has also said that if he were elected President, he'd pardon Edward Snowden.

Read more of this story at Slashdot.

Businesses Lose $3.1 Billion to Email Scams, FBI Warns

Sat, 06/18/2016 - 6:30am
Business have lost over $3 billion because of compromised e-mail accounts, the FBI reports, citing "a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments." 22,143 business have been affected -- 14,302 within the U.S. -- with a total dollar loss of $3,086,250,090, representing an increase of 1,300% since January of 2015. Using social engineering or "computer intrusion techniques," the attackers target employees responsible for wire transfers (or issuing checks) using five scenarios, which include bogus invoices or executive requests for a wire transfer of funds, with some attackers even impersonating a corporate law firm. "Victims report that IP addresses frequently trace back to free domain registrars," warns the FBI's Internet Crime Complaint Center, which also urges businesses to avoid free web-based e-mail accounts.

Read more of this story at Slashdot.

Microsoft Tests New Tool To Remove OEM Crapware

Sat, 06/18/2016 - 5:30am
An anonymous reader quotes a report from Ars Technica: Windows 10 already includes ways to clear out applications and data to repair misbehaving systems or prepare them to be sold, courtesy of the Refresh and Reset features added in Windows 8. Microsoft is now adding a third option: a new refresh tool. Currently available only for Windows Insiders, the new tool fetches a copy of Windows online and performs a clean installation. The only option is whether or not you want to preserve your personal data. Any other software that's installed will be blown away, including the various applications and utilities that OEMs continue to bundle with their systems. Ars Technica points out that the tool isn't perfect. For example, "it installs a preview build from the fast track, but Microsoft notes that the new tool can sometimes install a version older than the one currently installed. When this kind of version mismatch occurs, the option to preserve your files is removed."

Read more of this story at Slashdot.

NASA Unveils Plans For Electric-Powered Plane

Sat, 06/18/2016 - 3:30am
An anonymous reader quotes a report from New York Times: A new experimental airplane being built by NASA could help push electric-powered aviation from a technical curiosity and pipe dream into something that might become commercially viable for small aircraft. At a conference on Friday of the American Institute of Aeronautics and Astronautics in Washington, Charles F. Bolden Jr., the NASA administrator, announced plans for an all-electric airplane (Warning: source may be paywalled) designated as X-57 and nicknamed "Maxwell," part of the agency's efforts to make aviation more efficient and less of a polluter. "The X-57 will take the first giant step in opening a new era of aviation," Mr. Bolden declared. Maxwell is equipped with 14 electric propeller-turning motors located along the wings, which will all be used to create sufficient thrust during take-off and landing. Only two large motors on the tips of the wings will be used once it's up in the air. The plane is a result of NASA's "New Aviation Horizons" initiative: a 10-year program to create a new generation of X-planes that will make use of greener energy, use half as much fuel, and be half as loud as commercial aircraft in use today.

Read more of this story at Slashdot.

Star Trek/Axanar Lawsuit Isn't Going Away Just Yet

Fri, 06/17/2016 - 11:30pm
New submitter monkeyman.kix quotes a report from Gizmodo: Even though it sounded like we may be getting close to ending the battle between the fan film Axanar and the studios that own Star Trek, the latest court action hints that it's just starting. Last month at a Star Trek fan event, J.J. Abrams indicated that they believed that CBS and Paramount's lawsuit against the fan film Axanar would be settled. At the time, he said that Star Trek Beyond director Justin Lin was "outraged by this as a longtime fan" and that they both realized "this was not an appropriate way to deal with the fans." Except that the legal proceedings haven't stopped yet. The parties were back in court today, with CBS and Paramount (the plaintiffs) taking center stage. The state of the case is this: Paramount and CBS sued Axanar Productions for copyright infringement in late 2015. The judge rejected the defendant's motion to dismiss the case, finding that the studios had sufficient cause and provided enough notice to the fan film to proceed. He also dismissed a separate brief, refusing to decide on whether Klingon as a language was copyrightable. The Hollywood Reporter writes: "Now, instead of asking for an extension, Paramount and CBS have filed their own answer to the counterclaim admitting public statements, saying such items speak for themselves, but otherwise acting as though the lawsuit is moving forward. The plaintiffs, for example, deny that the works in controversy represent a fair use of their copyrights. "

Read more of this story at Slashdot.

Cancer Is An Evolutionary Mechanism To 'Autocorrect' Our Gene Pool, Suggests Paper

Fri, 06/17/2016 - 7:30pm
schwit1 quotes a report from ScienceAlert: Two scientists have come up with a depressing new hypothesis that attempts to explain why cancer is so hard to stop. Maybe, they suggest, cancer's not working against us. Maybe the disease is actually an evolutionary 'final checkpoint' that stops faulty DNA from being passed down to the next generation. To be clear, this is just a hypothesis. It hasn't been tested experimentally, and, more importantly, no one is suggesting that anyone should die of cancer. In fact, it's quite the opposite -- the researchers say that this line of thinking could help us to better understand the disease, and come up with more effective treatment strategies, like immunotherapy, even if a cure might not be possible. So let's step back a second here, because why are our bodies trying to kill us? The idea behind the paper is based on the fact that, in the healthy body, there are a whole range of inbuilt safeguards, or 'checkpoints,' that stop DNA mutations from being passed onto new cells. One of the most important of these checkpoints is apoptosis, or programmed cell death. Whenever DNA is damaged and can't be fixed, cells are marked for apoptosis, and are quickly digested by the immune system -- effectively 'swallowing' the problem. No mess, no fuss. But the new hypothesis suggests that when apoptosis -- and the other safeguards -- don't work like they're supposed to, cancer just might be the final 'checkpoint' that steps in and gets rid of the rogue cells before their DNA can be passed on... by, uh, killing us, and removing our genetic material from the gene pool.

Read more of this story at Slashdot.

Olli is a 3D Printed, IBM Watson-Powered, Self-Driving Minibus

Fri, 06/17/2016 - 6:05pm
An anonymous reader writes from a report via Phys.Org: Arizona-based startup Local Motors unveiled Olli -- a 3D-printed minibus capable of carrying 12 people. It's powered by IBM's supercomputer platform Watson and is designed as an on-demand transportation solution that passengers can summon with a mobile app. The company claims it can be "printed" to specification in "micro factories" in a matter of hours. They say it is ready to go as soon as regulations allow it to hit the streets. While Local Motors has developed the system to control the driving, IBM's Watson system is used to provide the user interface so passengers can have "conversations" with Olli. "Watson is bringing an understanding to the vehicle," said IBM's Bret Greenstein. "If you have someplace you need to be you can say that in your own words. A vehicle that understands human language, where you can walk in and say, 'I'd like to get to work,' that lets you as a passenger relax and enjoy your journey," he said. The vehicle relies on more than 30 sensors and streams of data from IBM's cloud. Olli will be demonstrated in National Harbor, Maryland, over the next few months with additional trials expected in Las Vegas and Miami.

Read more of this story at Slashdot.

Hackers Find 138 Different Security Gaps In Pentagon Websites

Fri, 06/17/2016 - 5:25pm
An anonymous reader writes from a report via ABC News: High-tech hackers brought in by the Pentagon to breach Defense Department websites were able to burrow in and find 138 different security gaps, Defense Secretary Ash Carter said Friday. The white-hat hackers were offered various bounties if they could find vulnerabilities on five of the Pentagon's internet pages. The Pentagon says 1,410 hackers participated in the challenge and that the first gap was found just 13 minutes after the hunt began. Overall, 1,189 vulnerabilities were found, though only 138 were deemed valid and unique. The experiment cost $150,000, and about half of it was paid to the hackers as bounties. The "Hack the Pentagon" program will be followed by a series of initiatives, including a process that will allow anyone who finds a security gap in Defense Department systems to report it without fear of prosecution.

Read more of this story at Slashdot.

Watts Bar Unit 2 Is The First New US Nuclear Reactor In Decades

Fri, 06/17/2016 - 4:45pm
tomhath writes from a report via The Washington Post: The Tennessee Valley Authority's (TVA) Watts Bar Unit 2 is the first nuclear reactor to come online since 1996, when the Watts Bar Unit 1 started operations. The new reactor is designed to add 1,150 megawatts of electricity generating capacity to southeastern Tennessee. By summer's end, authorities expect the new reactor at this complex along the Chickamauga Reservoir, a dammed section of the Tennessee River extending northward from Chattanooga, to steadily generate enough electricity to power 650,000 homes. But while nuclear reactors account for the lion's share of the carbon-free electricity generated in the United States, the industry faces this new set of circumstances in a state of near-crisis. A combination of very cheap natural gas and deregulated energy markets in some states has led to a growing number of plant closures in recent years. A new report from Bloomberg New Energy Finance says that renewable energy, including solar, wind and hydroelectric will overtake natural gas as an energy source by 2027.

Read more of this story at Slashdot.