×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

  • Lavabit Loses Contempt Appeal

    After being forced to turn over encryption keys (being held in contempt of court for several weeks after initially refusing to comply), secure mail provider Lavabit halted all operations last year. With the assistance of the EFF, an appeal was mounted. Today, the appeals court affirmed the district court decision and rejected the appeal. From Techdirt: "The ruling does a decent job explaining the history of the case, which also details some of the (many, many) procedural mistakes that Lavabit made along the way, which made it a lot less likely it would succeed here. ... The procedural oddities effectively preclude the court even bothering with the much bigger and important question of whether or not a basic pen register demand requires a company to give up its private keys. The hail mary attempt in the case was to argue that because the underlying issues are of 'immense public concern' (and they are) that the court should ignore the procedural mistakes. The court flatly rejects that notion: 'exhuming forfeited arguments when they involve matters of “public concern” would present practical difficulties. For one thing, identifying cases of a “public concern” and “non-public concern” –- divorced from any other consideration –- is a tricky task governed by no objective standards..... For another thing, if an issue is of public concern, that concern is likely more reason to avoid deciding it from a less-than-fully litigated record....'"

    116 comments | yesterday

  • Microsoft Brings Office Online To Chrome OS; Ars Reviews Windows Phone 8.1

    SmartAboutThings (1951032) writes "While we are still waiting for the official Windows 8.1 touch-enabled apps to get launched on the Windows Store, Microsoft went and decided that it's time to finally bring the Office online apps to the Chrome Web Store, instead. Thus, Microsoft is making the Web versions of its Word, Excel, PowerPoint and OneNote apps available to users through the Chrome Web Store and also improving all of them with new features, along with several bug fixes and performance improvements." More on the Microsoft front: an anonymous reader wrote in with a link to Ars Technica's review of the upcoming Windows Phone 8.1 release: "It is a major platform update even if it is just a .1 release. Updates include the debut of Cortana, using the same kernel as Windows 8.1 and the Xbox One, a notebook reminder app, inner circle friend management, IE 11, Nokia's camera app by default, lock screen and background customizations, a much improved email client with calendar support, more general Windows 8.1 API inclusion for better portability, and a notification center. Ars rated it more of a Windows Phone 9 release than .1 update."

    64 comments | yesterday

  • Snowden Used the Linux Distro Designed For Internet Anonymity

    Hugh Pickens DOT Com writes: "When Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. Now Klint Finley reports that Snowden also used The Amnesic Incognito Live System (Tails) to keep his communications out of the NSA's prying eyes. Tails is a kind of computer-in-a-box using a version of the Linux operating system optimized for anonymity that you install on a DVD or USB drive, boot your computer from and you're pretty close to anonymous on the internet. 'Snowden, Greenwald and their collaborator, documentary film maker Laura Poitras, used it because, by design, Tails doesn't store any data locally,' writes Finley. 'This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources.'

    The developers of Tails are, appropriately, anonymous. They're protecting their identities, in part, to help protect the code from government interference. 'The NSA has been pressuring free software projects and developers in various ways,' the group says. But since we don't know who wrote Tails, how do we know it isn't some government plot designed to snare activists or criminals? A couple of ways, actually. One of the Snowden leaks show the NSA complaining about Tails in a Power Point Slide; if it's bad for the NSA, it's safe to say it's good for privacy. And all of the Tails code is open source, so it can be inspected by anyone worried about foul play. 'With Tails,' say the distro developers, 'we provide a tongue and a pen protected by state-of-the-art cryptography to guarantee basic human rights and allow journalists worldwide to work and communicate freely and without fear of reprisal.'"

    164 comments | 2 days ago

  • Heartbleed Disclosure Timeline Revealed

    bennyboy64 (1437419) writes "Ever since the Heartbleed flaw in OpenSSL was made public there have been various questions about who knew what and when. The Sydney Morning Herald has done some analysis of public mailing lists and talked to those involved with disclosing the bug to get the bottom of it. The newspaper finds that Google discovered Heartbleed on or before March 21 and notified OpenSSL on April 1. Other key dates include Finnish security testing firm Codenomicon discovering the flaw independently of Google at 23:30 PDT, April 3. SuSE, Debian, FreeBSD and AltLinux all got a heads up from Red Hat about the flaw in the early hours of April 7 — a few hours before it was made public. Ubuntu, Gentoo and Chromium attempted to get a heads up by responding to an email with few details about it but didn't, as the guy at Red Hat sending the disclosure messages out in India went to bed. By the time he woke up, Codenomicon had reported the bug to OpenSSL."

    62 comments | 2 days ago

  • 'weev' Conviction Vacated

    An anonymous reader writes "A few years back, Andrew 'weev' Auernheimer went public with a security vulnerability that made the personal information of 140,000 iPad owners available on AT&T's website. He was later sentenced to 41 months in prison for violating the Computer Fraud and Abuse Act (or because the government didn't understand his actions, depending on your viewpoint). Now, the Third U.S. District Court of Appeals has vacated weev's conviction. Oddly, the reason for the ruling was not based on the merits of the case, but on the venue in which he was tried (PDF). From the ruling: 'Although this appeal raises a number of complex and novel issues that are of great public importance in our increasingly interconnected age, we find it necessary to reach only one that has been fundamental since our country's founding: venue. The proper place of colonial trials was so important to the founding generation that it was listed as a grievance in the Declaration of Independence.'"

    147 comments | 5 days ago

  • Google: Teach Girls Coding, Get $2,500; Teach Boys, Get $0

    theodp (442580) writes "'Public school teachers,' reads the headline at Khan Academy (KA), 'introduce your students to coding and earn $1000 or more for your classroom!' Read the fine print, however, and you'll see that the Google-bankrolled offer is likely to ensure that girls, not boys, are going to be their Computer Science teachers' pets. 'Google wants public high school students, especially girls, to discover the magic of coding,' KA explains to teachers. 'You'll receive a $100 DonorsChoose.org gift code for every female student who completes the [JS 101: Drawing & Animation] course. When 4 or more female students complete it, we'll email you an additional $500 gift code as a thank-you for helping your students learn to code.' While 'one teacher cannot have more than 20 of the $100 gift codes activated on their DonorsChoose.org projects,' adds KA, 'if the teacher has more than 20 female students complete the curriculum, s/he will still be sent gift codes, and the teacher can use the additional gift codes on another teacher's DonorsChoose.org project.' So, is girls-are-golden-boys-are-worthless funding for teachers' projects incongruent with Khan Academy's other initiatives, such as its exclusive partnership with CollegeBoard to eliminate inequality among students studying for the SAT?"

    673 comments | about a week ago

  • Yahoo DMARC Implementation Breaks Most Mailing Lists

    pdclarry writes: "On April 8, Yahoo implemented a new DMARC policy that essentially bars any Yahoo user from accessing mailing lists hosted anywhere except on Yahoo and Google. While Yahoo is the initiator, it also affects Comcast, AT&T, Rogers, SBCGlobal, and several other ISPs. Internet Engineering Council expert John R. Levine, a specialist in email infrastructure and spam filtering, said, 'Yahoo breaks every mailing list in the world including the IETF's' on the Internet Engineering Task Force (IETF) list.

    DMARC (Domain-based Message Authentication, Reporting & Conformance) is a two-year-old proposed standard previously discussed on Slashdot that is intended to curb email abuse, including spoofing and phishing. Unfortunately, as implemented by Yahoo, it claims most mailing list users as collateral damage. Messages posted to mailing lists (including listserv, mailman, majordomo, etc) by Yahoo subscribers are blocked when the list forwards them to other Yahoo (and other participating ISPs) subscribers. List members not using Yahoo or its partners are not affected and will receive posts from Yahoo users. Posts from non-Yahoo users are delivered to Yahoo members. So essentially those suffering the most are Yahoo's (and Comcast's, and AT&T's, etc) own customers. The Hacker News has details about why DMARC has this effect on mailing lists. Their best proposed solution is to ban Yahoo email users from mailing lists and encourage them to switch to other ISPs. Unfortunately, it isn't just Yahoo, although they are getting the most attention."

    83 comments | about a week ago

  • Interviews: Jonathan Coulton Answers Your Questions

    We recently had the chance to talk with internet rock star and former code monkey Jonathan Coulton. We asked him a number of your questions and a few of our own about music, technology, and copyright issues. Read below to see what he had to say.

    36 comments | about a week ago

  • Meet the Diehards Who Refuse To Move On From Windows XP

    Hugh Pickens DOT Com (2995471) writes "Nearly every longtime Windows user looks back on Windows XP with a certain fondness, but the party's over according to Microsoft. 'It's time to move on,' says Tom Murphy, Microsoft's director of communications for Windows. 'XP was designed for a different era.' But Ian Paul writes in PC World that many people around the world refuse to give up on XP. But why? What's so great about an operating system that was invented before the age of Dropbox and Facebook, an OS that's almost as old as the original Google search engine? Bob Appel, a retiree based in Toronto, says he uses 12 PCs in a personal Dropbox-like network—10 of which are running XP. 'I use a third-party firewall, a free virus checker, and run Housecall periodically,' says Appel. 'My Firefox browser uses Keyscrambler, HTTPS Anywhere, Ghostery, and Disconnect. I also have a VPN account (PIA) when traveling. For suspicious email attachments, I deploy private proprietary bioware (me!) to analyze before opening. All the "experts" say I am crazy. Thing is, I stopped the security updates in XP years ago after a bad update trashed my system, and yet I have never been infected, although online for hours each day. So, crazy though I be, I am sticking with XP.'" (Read more, below.)

    641 comments | about a week ago

  • Book Review: Mobile HTML5

    Michael Ross (599789) writes "Web designers and developers nowadays are familiar with the critical decision they face each time before building an application intended for mobile devices: whether to target a particular device operating system (e.g., iOS) and create the app using the language dictated by the OS (e.g., Objective-C), or try to build an operating system-agnostic app that runs on any device equipped with a modern web browser (primarily using HTML5, CSS3, and JavaScript), or try to do a combination of both (using a library such as PhoneGap). The second option offers many advantages, and is the approach explored in the book Mobile HTML5, authored by Estelle Weyl, an experienced front-end developer." Keep reading for the rest of Michael's review.

    37 comments | about two weeks ago

  • Ask Slashdot: User-Friendly Firewall For a Brand-New Linux User?

    An anonymous reader writes "I am a new Linux user; I'm on 2nd day now. Currently I am trying out Ubuntu, but that could change. I am looking for a user friendly firewall that I can set up that lets me do these things:1) set up a default deny rule 2) carve out exceptions for these programs: browser, email client, chat client, yum and/or apt. 3) carve out exceptions to the exceptions in requirement 2 — i.e. I want to be able to then block off IPs and IP ranges known to be used by malware, marketers, etc., and all protocols which aren't needed for requirement 2. It also needs to have good enough documentation that a beginner like me can figure it out. Previously, I had done all of the above in AVG Firewall on Windows, and it was very easy to do. So far, I have tried these things:1) IPTABLES — it looked really easy to screw it up and then not notice that it's screwed up and/or not be able to fix it even if I did notice, so I tried other things at that point... 2) searched the internet and found various free firewalls such as Firestarter, GUFW, etc., which I weren't able to make meet my requirements. Can someone either point me to a firewall that meets my needs or else give me some hints on how to make firestarter or GUFW do what I need?"

    186 comments | about two weeks ago

  • Algorithm Challenge: Burning Man Vehicle Exodus

    Slashdot contributor Bennett Haselton writes: "A year ago, getting ready for Burning Man, I read that the cars in the exit line sometimes have to wait in the sun for hours to get out. I came up with an algorithm that I thought would alleviate the problem. Do you think it would work? If not, why not? Or can you think of a better one?" Read on for the rest of Bennett's thoughts.

    273 comments | about two weeks ago

  • Will Living On Mars Drive Us Crazy?

    Hugh Pickens DOT Com (2995471) writes "When astronauts first began flying in space, NASA worried about 'space madness,' a mental malady they thought might arise from humans experiencing microgravity and claustrophobic isolation inside of a cramped spacecraft high above the Earth. Now Megan Garber writes in The Atlantic that NASA is hoping to find out what life on Mars does to the human emotional state by putting three men and three women in a 1,000-square-foot habitat shaped like a dome for four months. The volunteers in the second HI-SEAS mission — a purposely tiny group selected out of a group of 700 applicants — include, among others, a neuropsychologist, an aerospace engineer, and an Air Force veteran who is studying human factors in aviation. 'We're going to stress them,' says Kim Binsted, the project's principal investigator. 'That's the nature of the study.' That test involves isolating the crew in the same way they'd be isolated on Mars. The only communication they'll be allowed with the outside world—that is to say, with their family and friends—will be conducted through email. (And that will be given an artificial delay of 20 minutes to simulate the lag involved in Mars-to-Earth communications.)

    If that doesn't seem too stressful, here's another source of stress: Each mission member will get only eight minutes of shower time ... per week. The stress will be compounded by the fact that the only time the crew will be able to leave their habitat-yurt is when they're wearing puffy, insulated uniforms that simulate space suits. In the Hawaiian heat. Throughout the mission, researchers will be testing the subjects' moods and the changes they exhibit in their relationships with each other. They'll also be examining the crew members' cognitive skills, seeing whether—and how—they change as the experiment wears on. Binsted says the mission has gotten the attention of the TV world but don't expect to see much inside-the-dome footage. 'You wouldn't believe the number of producers who called us,' says Binsted. 'Fortunately, we're not ethically allowed to subject our crew to that kind of thing.'"

    150 comments | about two weeks ago

  • NASA Halts Non-ISS Work With Russia Over Ukraine Crisis

    An anonymous reader writes "The Verge reports on an internal memo from NASA indicating that they've suspended all contracts and activities with Russia that aren't involved with operating the International Space Station. Quoting: 'Given Russia's ongoing violation of Ukraine's sovereignty and territorial integrity, until further notice, the U.S. Government has determined that all NASA contacts with Russian Government representatives are suspended, unless the activity has been specifically excepted. This suspension includes NASA travel to Russia and visits by Russian Government representatives to NASA facilities, bilateral meetings, email, and teleconferences or videoconferences. At the present time, only operational International Space Station activities have been excepted.' NASA Administrator Charles Bolden argued recently that our dependence on Russia for putting astronauts into space needs to end."

    291 comments | about two weeks ago

  • A Third of Consumers Who Bought Wearable Devices Have Ditched Them

    An anonymous reader writes "The Guardian reports on research (PDF) into the (alleged) wearable device trend: fully one third of customers who bought one stopped using it within six months. Activity trackers fared even worse: half of them are collecting dust. 'For comparison, you wouldn't find people from the early days of the smartphone saying that they'd abandoned their BlackBerry, Treo or Windows Mobile or Symbian phone. They were the early adopters, and they found utility in having email and (sometimes) web pages on the move. The idea of giving them up just wouldn't occur to them. ... So far, there aren't clear signs of quite what it is that smartwatches and fitness trackers are replacing, in the way that [early] music players did. Useful new technology has to replace or simplify some function, ideally; otherwise it has the challenge of persuading us that we need this entirely new thing. Smartphones are simpler ways to collect your email – and also make phone calls and surf the web (and so on). Fitness trackers... let you track your fitness. But given that 41% of people run with their smartphones, you might get by with a movement tracking app instead. The trouble with devices that claim to track your steps is they're so easily hoaxed by waving your arms around.'"

    180 comments | about two weeks ago

  • Typo Keyboard For iPhone Faces Sales Ban

    time_lords_almanac (3527081) writes "BlackBerry is trying to put the kibosh on the Typo, a physical keyboard attachment for iPhone. And they've won the first round, in the form of a sales ban on the attachment. From the article: '"BlackBerry is pleased that its motion for a preliminary injunction against Typo Products LLC was granted. This ruling will help prevent further injury to BlackBerry from Typo's blatant theft of our patented keyboard technology," a spokeswoman for BlackBerry told the news agency in an email.'"

    205 comments | about two weeks ago

  • Microsoft Promises Not To Snoop Through Email

    An anonymous reader writes "Microsoft took some much-deserved flack last week for admitting they examined the emails of a Hotmail user who received some leaked Windows 8 code. The company defended their actions at the time. Now, after hearing the backlash, Microsoft General Counsel Brad Smith says they will not do so in the future. Instead, they'll refer it to law enforcement. He wrote, 'It's always uncomfortable to listen to criticism. But if one can step back a bit, it's often thought-provoking and even helpful. That was definitely the case for us over the past week. Although our terms of service, like those of others in our industry, allowed us to access lawfully the account in this case, the circumstances raised legitimate questions about the privacy interests of our customers. ...As a company we've participated actively in the public discussions about the proper balance between the privacy rights of citizens and the powers of government. We've advocated that governments should rely on formal legal processes and the rule of law for surveillance activities. While our own search was clearly within our legal rights, it seems apparent that we should apply a similar principle and rely on formal legal processes for our own investigations involving people who we suspect are stealing from us.'"

    144 comments | about three weeks ago

  • State-Sponsored Hacking Attacks Targeting Top News Organizations

    An anonymous reader writes "Security engineers from Google have found that 21 out of the top 25 news organizations have been targeted by cyberattacks that are likely state-sponsored. We've heard about some high profile attacks on news sites, but Google actively tracks the countries that are launching these attacks, and even hosts email services for many of the news organizations. 'Huntley said Chinese hackers recently gained access to a major Western news organization, which he declined to identify, via a fake questionnaire emailed to staff. Most such attacks involve carefully crafted emails carrying malware or directing users to a website crafted to trick them into giving up credentials. Marquis-Boire said that while such attacks were nothing new, their research showed that the number of attacks on media organizations and journalists that went unreported was significantly higher than those made public.'"

    19 comments | about three weeks ago

  • Minnesota Teen Wins Settlement After School Takes Facebook Password

    schwit1 (797399) writes "A Minnesota school district has agreed to pay $70,000 to settle a lawsuit that claimed school officials violated a student's constitutional rights by viewing her Facebook and email accounts without permission. The lawsuit, filed in 2012 by the American Civil Liberties Union of Minnesota, alleged that Riley Stratton, now 15, was given detention after posting disparaging comments about a teacher's aide on her Facebook page, even though she was at home and not using school computers. After a parent complained about the Facebook chat, the school called her in and demanded her password. With a sheriff deputy looking on, she complied, and they browsed her Facebook page in front of her, according to the report. 'It was believed the parent had given permission to look at her cellphone,' Minnewaska Superintendent Greg Schmidt said Tuesday. But Schmidt said the district did not have a signed consent from the parent. That is now a policy requirement, he said.'" Asks schwit1, "How is this not a violation of the CFAA?" It sounds like the school was violating Facebook's Terms of Service, too.

    367 comments | about three weeks ago

  • Weev's Attorney Says FBI Is Intercepting His Client's Mail

    Daniel_Stuckey (2647775) writes "The FBI is intercepting the prison correspondence of infamous Internet troll Andrew "weev" Auernheimer, including letters from his defense team, according to his attorney. 'He's sent me between 10 and 20 letters in the last month or two. I've received one,' Tor Ekeland, who had just returned from visiting Auernheimer at the federal corrections institute in Allenwood, PA., told the Daily Dot in a video interview.

    Last March, Auernheimer was convicted of accessing a computer without authorization and sentenced to 41 months in prison. As a member of the computer security team Goatse Security, Auernheimer discovered a major security flaw in AT&T's network, which allowed him to download the email addresses of some 114,000 iPad users. Goatse Security reported the flaw to Gawker and provided journalists with the information, who then published it in redacted form."

    109 comments | about three weeks ago

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...