Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google To Disable Fallback To SSL 3.0 In Chrome 39 and Remove In Chrome 40

samzenpus posted about half an hour ago | from the get-it-out dept.

Google 5

An anonymous reader writes Google today announced plans to disable fallback to version 3 of the SSL protocol in Chrome 39, and remove SSL 3.0 completely in Chrome 40. The decision follows the company's disclosure of a serious security vulnerability in SSL 3.0 on October 14, the attack for which it dubbed Padding Oracle On Downgraded Legacy Encryption (POODLE). Following Mozilla's decision on the same day to disable SSL 3.0 by default in Firefox 34, which will be released on November 25, Google has laid out its plans for Chrome. This was expected, given that Google Security Team's Bodo Möller stated at the time: "In the coming months, we hope to remove support for SSL 3.0 completely from our client products."

Charity Promotes Covert Surveillance App For Suicide Prevention

samzenpus posted 1 hour ago | from the keeping-an-eye-on-things dept.

Privacy 26

VoiceOfDoom writes Major UK charity The Samaritans have launched an app titled "Samaritans Radar", in an attempt to help Twitter users identify when their friends are in crisis and in need of support. Unfortunately the privacy implications appear not to have been thought through — installing the app allows it to monitor the Twitter feeds of all of your followers, searching for particular phrases or words which might indicate they are in distress. The app then sends you an email suggesting you contact your follower to offer your help. Opportunities for misuse by online harassers are at the forefront of the concerns that have been raised, in addition; there is strong evidence to suggest that this use of personal information is illegal, being in contravention of UK Data Protection law.

Vulnerabilities Found (and Sought) In More Command-Line Tools

timothy posted 2 hours ago | from the one-thing-at-a-time dept.

Security 39

itwbennett writes The critical Shellshock vulnerabilities found last month in the Bash Unix shell have motivated security researchers to search for similar flaws in old, but widely used, command-line utilities. Two remote command execution vulnerabilities were patched this week in the popular wget download agent and tnftp client for Unix-like systems [also mentioned here]. This comes after a remote code execution vulnerability was found last week in a library used by strings, objdump, readelf and other command-line tools.

Getting 'Showdown' To 90 FPS In UE4 On Oculus Rift

timothy posted 2 hours ago | from the cutting-all-corners dept.

Graphics 12

An anonymous reader writes Oculus has repeatedly tapped Epic Games to whip up demos to show off new iterations of Oculus Rift VR headset hardware. The latest demo, built in UE4, is 'Showdown', an action-packed scene of slow motion explosions, bullets, and debris. The challenge? Oculus asked Epic to make it run at 90 FPS to match the 90 Hz refresh rate of the latest Oculus Rift 'Crescent Bay' prototype. At the Oculus Connect conference, two of the developers from the team that created the demo share the tricks and tools they used to hit that target on a single GPU.

Signed-In Maps Mean More Location Data For Google

timothy posted 2 hours ago | from the this-time-tomorrow dept.

Google 25

mikejuk writes The announcement on the Google Geo Developers blog has the catchy title No map is an island. It points out that while there are now around 2 million active sites that have Google Maps embedded, they store data independently, The new feature, called attributed save, aims to overcome this problem by creating an integrated experience between the apps you use that have map content and Google Maps, and all it requires is that users sign in. So if you use a map in a specific app you will be able to see locations you entered in other apps.This all sounds great and it makes sense to allow users to take all of the locations that have previously been stored in app silos and put them all together into one big map data pool. The only down side is that the pool is owned by Google and some users might not like the idea of letting Google have access to so much personal geo information. It seems you can have convenience or you can have privacy.
It might just be that many users prefer their maps to be islands.

Pirate Bay Founder Gottfrid Warg Faces Danish Jail Time

timothy posted 3 hours ago | from the he-typed-like-a-one-armed-man dept.

Crime 56

Hammeh writes BBC news reports that Pirate Bay co-founder Gottfrid Warg has been found guilty of hacking into computers and illegally downloading files in Denmark. Found guilty of breaching security to access computers owned by technology giant CSC to steal police and social security files, Mr Warg faces a sentence of up to six years behind bars. Mr Warg argued that although the computer used to commit the offence was owned by him, the hacks were carried out by another individual who he declined to name.

First Detailed Data Analysis Shows Exactly How Comcast Jammed Netflix

timothy posted 4 hours ago | from the is-there-a-market-for-non-discrimination? dept.

Networking 152

An anonymous reader writes John Oliver calls it "cable company f*ckery" and we've all suspected it happens. Now on Steven Levy's new Backchannel publication on Medium, Susan Crawford delivers decisive proof, expertly dissecting the Comcast-Netflix network congestion controversy. Her source material is a detailed traffic measurement report (.pdf) released this week by Google-backed M-Lab — the first of its kind — showing severe degradation of service at interconnection points between Comcast, Verizon and other monopoly "eyeball networks" and "transit networks" such as Cogent, which was contracted by Netflix to deliver its bits. The report shows that interconnection points give monopoly ISPs all the leverage they need to discriminate against companies like Netflix, which compete with them in video services, simply by refusing to relieve network congestion caused by external traffic requested by their very own ISP customers. And the effects victimize not only companies targeted but ALL incoming traffic from the affected transit network. The report proves the problem is not technical, but rather a result of business decisions. This is not technically a Net neutrality problem, but it creates the very same headaches for consumers, and unfair business advantages for ISPs. In an accompanying article, Crawford makes a compelling case for FCC intervention.

How Apple Watch Is Really a Regression In Watchmaking

timothy posted 4 hours ago | from the maybe-they-could-merge-with-timex dept.

Power 284

Nerval's Lobster writes Apple design chief Jony Ive has spent the past several weeks talking up how the Apple Watch is an evolution on many of the principles that guided the evolution of timepieces over the past several hundred years. But the need to recharge the device on a nightly basis, now confirmed by Apple CEO Tim Cook, is a throwback to ye olden days, when a lady or gentleman needed to keep winding her or his pocket-watch in order to keep it running. Watch batteries were supposed to bring "winding" to a decisive end, except for that subset of people who insist on carrying around a mechanical timepiece. But with Apple Watch's requirement that the user constantly monitor its energy, what's old is new again. Will millions of people really want to charge and fuss with their watch at least once a day?

A Mixed Review For CBS's "All Access" Online Video Streaming

timothy posted 5 hours ago | from the hey-this-cord-appears-quite-intact dept.

Television 57

lpress writes I tested CBS All Access video streaming. It has technical problems, which will be resolved, but I will still pass because they show commercials in addition to a $5.99 per month fee. Eventually, we will all cut the cord and have a choice of viewing modes — on-demand versus scheduled and with and without commercials — but don't expect your monthly bill to drop as long as our ISPs are monopolies or oligopolies.

Tim Cook: "I'm Proud To Be Gay"

timothy posted 6 hours ago | from the cue-up-the-poorly-socialized-legions dept.

Apple 518

An anonymous reader writes Apple CEO Tim Cook has publicly come out as gay. While he never hid his sexuality from friends, family, and close co-workers, Cook decided it was time to make it publicly known in the hopes that the information will help others who don't feel comfortable to do so. He said, "I don't consider myself an activist, but I realize how much I've benefited from the sacrifice of others. So if hearing that the CEO of Apple is gay can help someone struggling to come to terms with who he or she is, or bring comfort to anyone who feels alone, or inspire people to insist on their equality, then it's worth the trade-off with my own privacy."

Cook added that while the U.S. has made progress in recent years toward marriage equality, there is still work to be done. "[T]here are laws on the books in a majority of states that allow employers to fire people based solely on their sexual orientation. There are many places where landlords can evict tenants for being gay, or where we can be barred from visiting sick partners and sharing in their legacies. Countless people, particularly kids, face fear and abuse every day because of their sexual orientation."

Slashdot Asks: Appropriate Place For Free / Open Source Software Artifacts?

timothy posted 6 hours ago | from the you-haul dept.

Open Source 35

A friend of mine who buys and sells used books, movies, etc. recently purchased a box full of software on CD, including quite a few old Linux distributions, and asked me if I'd like them. The truth is, I would like them, but I've already collected over the last two decades more than I should in the way of Linux distributions, on at least four kinds of media (starting with floppies made from a CD that accompanied a fat book on how to install some distribution or other -- very useful in the days of dialup). I've got some boxes (Debian Potato, and a few versions of Red Hat and Mandrake Linux), and an assortment of marketing knickknacks, T-shirts, posters, and books. I like these physical artifacts, and they're not dominating my life, but I'd prefer to actually give many of them to someplace where they'll be curated. (Or, if they should be tossed, tossed intelligently.) Can anyone point to a public collection of some kind that gathers physical objects associated with Free software and Open Source, and makes them available for others to examine? (I plan to give some hardware, like a pair of OLPC XO laptops, to the same Goodwill computer museum highlighted in this video, but they probably don't want an IBM-branded radio in the shape of a penguin.)

Hacking Team Manuals: Sobering Reminder That Privacy is Elusive

timothy posted 7 hours ago | from the legitimacy-generally-is-too dept.

Privacy 31

Advocatus Diaboli writes with a selection from The Intercept describing instructions for commercial spyware sold by Italian security firm Hacking Team. The manuals describe Hacking Team's software for government technicians and analysts, showing how it can activate cameras, exfiltrate emails, record Skype calls, log typing, and collect passwords on targeted devices. They also catalog a range of pre-bottled techniques for infecting those devices using wifi networks, USB sticks, streaming video, and email attachments to deliver viral installers. With a few clicks of a mouse, even a lightly trained technician can build a software agent that can infect and monitor a device, then upload captured data at unobtrusive times using a stealthy network of proxy servers, all without leaving a trace. That, at least, is what Hacking Team's manuals claim as the company tries to distinguish its offerings in the global marketplace for government hacking software. (Here are the manuals themselves.)

Cutting the Cord? Time Warner Loses 184,000 TV Subscribers In One Quarter

timothy posted 8 hours ago | from the jacked-up-my-bill-lately-too dept.

Businesses 351

Mr D from 63 (3395377) writes Time Warner Cable's results have been buoyed recently by higher subscriber numbers for broadband Internet service. In the latest period, however, Time Warner Cable lost 184,000 overall residential customer relationships [Note: non-paywalled coverage at Bloomberg and Reuters]. The addition of 92,000 residential high-speed data customers was offset by 184,000 fewer residential video customers in the quarter. Triple play customers fell by 24,000, while residential voice additions were 14,000.

Drupal Warns Users of Mass, Automated Attacks On Critical Flaw

timothy posted 9 hours ago | from the big-targets-get-hit-first dept.

Security 65

Trailrunner7 writes The maintainers of the Drupal content management system are warning users that any site owners who haven't patched a critical vulnerability in Drupal Core disclosed earlier this month should consider their sites to be compromised. The vulnerability, which became public on Oct. 15, is a SQL injection flaw in a Drupal module that's designed specifically to help prevent SQL injection attacks. Shortly after the disclosure of the vulnerability, attackers began exploiting it using automated attacks. One of the factors that makes this vulnerability so problematic is that it allows an attacker to compromise a target site without needing an account and there may be no trace of the attack afterward.

Lenovo Completes Motorola Deal

timothy posted 9 hours ago | from the capital-is-mobile dept.

Android 52

SmartAboutThings writes If somehow you missed the reports of Lenovo buying Motorola – which was also bought by Google for $12.5 billion back in 2011 – then you should know that the deal is now complete. Lenovo has announced today that Motorola is now a Lenovo company — which makes Lenovo not only the number one PC maker in the world but also the third-largest smartphone maker.

New Crash Test Dummies Reflect Rising American Bodyweight

timothy posted 9 hours ago | from the my-self-esteem-has-certainly-taken-a-beating dept.

Transportation 132

Ever thought that all those crash-test dummies getting slammed around in slow-motion were reflecting an unrealistic, hard-to-achieve body image? One company is acting to change that, with some super-sized (or right-sized) dummies more in line with current American body shapes: Plymouth, Michigan-based company Humanetics said that it has been manufacturing overweight crash test dummies to reflect growing obesity trends in the U.S. Humanetics has been the pioneer in crash test dummies segment since the 1950s. But now, the company's crash test dummies are undergoing a makeover, which will represent thicker waistlines and large rear ends of Americans.

Australian Gov't Tries To Force Telcos To Store User Metadata For 2 Years

timothy posted 10 hours ago | from the authority-problem dept.

Australia 51

AlbanX writes The Australian Government has introduced a bill that would require telecommunications carriers and service providers to retain the non-content data of Australian citizens for two years so it can be accessed — without a warrant- by local law enforcement agencies. Despite tabling the draft legislation into parliament, the bill doesn't actually specify the types of data the Government wants retained. The proposal has received a huge amount of criticism from the telco industry, other members of parliament and privacy groups. (The Sydney Morning Herald has some audio of discussion about the law.)

Ebola Forecast: Scientists Release Updated Projections and Tracking Maps

timothy posted 11 hours ago | from the hashtag-ebola dept.

Medicine 200

An anonymous reader writes Scientists of the Northeastern University, in collaboration with European scientists, developed a modeling approach aimed at assessing the progression of the Ebola epidemic in West Africa and its international spread under the assumption that the outbreak continues to evolve at the current pace. They also considered the impact of travel restrictions, and concluded that such restrictions may delay by only a few weeks the risk that the outbreak extends to new countries. Instead, travel bans could hamper the delivery of medical supplies and the deployment of specialized personnel to manage the epidemic. In the group's page, there's also an updated assessment of the probability of Ebola virus disease case importation in countries across the world, which was also invoked during the Congressional Ebola debate. The group also released a map with real-time tracking of conversations about Ebola on Twitter. Policy makers and first responders are the main target audience of the tool, which is able to show a series of potential warnings and events (mostly unconfirmed) related to Ebola spreading and case importation.

MIT Professor Advocates Ending Asteroid Redirect Mission To Fund Asteroid Survey

samzenpus posted 11 hours ago | from the identify-the-problem dept.

Space 102

MarkWhittington writes Professor Richard Binzel published a commentary in the journal Nature that called for two things. He proposed that NASA cancel the Asteroid Redirect Mission currently planned for the early 2020s. Instead, he would like the asteroid survey mandated by the George E. Brown, Jr. Near-Earth Object Survey Act of 2005, part of the 2005 NASA Authorization Act, funded at $200 million a year. Currently NASA funds the survey at $20 million a year, considered inadequate to complete the identification of 90 percent of hazardous near-Earth objects 140 meters or greater by 2020 as mandated by the law.

Labor Department To Destroy H-1B Records

samzenpus posted yesterday | from the removed-from-the-game dept.

Government 173

Presto Vivace writes H-1B records that are critical to research and take up a small amount of storage are set for deletion. "In a notice posted last week, the U.S. Department of Labor said that records used for labor certification, whether in paper or electronic, 'are temporary records and subject to destruction' after five years, under a new policy. There was no explanation for the change, and it is perplexing to researchers. The records under threat are called Labor Condition Applications (LCA), which identify the H-1B employer, worksite, the prevailing wage, and the wage paid to the worker. The cost of storage can't be an issue for the government's $80 billion IT budget: A full year's worth of LCA data is less than 1GB."

Slashdot Login

Need an Account?

Forgot your password?