×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

  • Critical XSS Flaws Patched In WordPress and Popular Plug-In

    itwbennett writes The WordPress development team on Thursday released critical security updates that address an XSS vulnerability in the comment boxes of WordPress posts and pages. An attacker could exploit this flaw to create comments with malicious JavaScript code embedded in them that would get executed by the browsers of users seeing those comments. 'In the most obvious scenario the attacker leaves a comment containing the JavaScript and some links in order to put the comment in the moderation queue,' said Jouko Pynnonen, the security researcher who found the flaw.

    40 comments | 5 days ago

  • CMI Director Alex King Talks About Rare Earth Supplies (Video 2)

    Yesterday we ran video #1 of 2 about the Critical Materials Institute (CMI) at the Iowa State Ames Laboratory in Ames, Iowa. They have partners from other national laboratories, universities, and industry, too. Obviously there is more than enough information on this subject that Dr. King can easily fill two 15-minute videos, not to mention so many Google links that instead of trying to list all of them, we're giving you one link to Google using the search term "rare earths." Yes, we know Rare Earth would be a great name for a rock band. But the mineral rare earths are important in the manufacture of items ranging from strong magnets to touch screens and rechargeable batteries, so please watch the video(s) or at least read the transcript(s). (Alternate Video Link)

    11 comments | about a week ago

  • CMI Director Alex King Talks About Rare Earth Supplies (Video)

    CMI in this context is the Critical Materials Institute at the Iowa State Ames Laboratory in Ames, Iowa. They have partners from other national laboratories, universities, and industry, too. Rare earths, while not necessarily as rare as the word "rare" implies, are hard to mine, separate, and use. They are often found in parts per million quantities, so it takes supercomputers to suss out which deposits are worth going after. This is what Dr. King and his coworkers spend their time doing; finding concentrations of rare earths that can be mined and refined profitably.

    On November 3 we asked you for questions to put to Dr. King. Timothy incorporated some of those questions into the conversation in this video -- and tomorrow's video too, since we broke this into two parts because, while the subject matter may be fascinating, we are supposed to hold video lengths down to around 10 minutes, and in this case we still ended up with two videos close to 15 minutes each. And this stuff is important enough that instead of lining up a list of links, we are giving you one link to Google using the search term "rare earths." Yes, we know Rare Earth would be a great name for a rock band. But the mineral rare earths are important in the manufacture of items from strong magnets to touch screens and rechargeable batteries. (Alternate Video Link)

    27 comments | about a week ago

  • Military Laser/Radio Tech Proposed As Alternative To Laying Costly Fiber Cable

    An anonymous reader writes "Californian comm-tech company Aoptix is testing new laser+radio hybrid communications technology with three major U.S. internet carriers. The equipment required can be bolted onto existing infrastructure, such as cell-tower masts, and can communicate a 2gbps stream over 6.5 miles. The system was developed over 10 years at a cost of $100 million in conjunction with the Air Force Research Laboratory, and the military implementation of it is called Aoptix Enhanced Air Ground Lasercom System (EAGLS). The laser component of the technology uses a deformable mirror to correct for atmospheric distortion over the mast-hop, in real-time. The laser part of the system is backed-up by a redundant radio transmitter. The radio component has low attenuation in rainy conditions with large refracting raindrops, while the laser is more vulnerable to dense fog. The system, which features auto-stabilization to compensate for cell-tower movement and is being proposed as an alternative to the tremendous cost p/m of laying fiber cable, is being tested in Mexico and Nigeria in addition to the three ISP trials.

    150 comments | about two weeks ago

  • Comet Probe Philae Unanchored But Stable — And Sending Back Images

    An anonymous reader writes with an update to the successful landing of the ESA's comet probe Philae, which (as mentioned yesterday) had problems attaching to the surface of the comet's Rosetta: "BBC now reports that Philae is stable on the surface. Although no source claims so, we can all imagine a faint humming of 'Still Alive' coming from the probe." Not just stable, but sending pictures while it can. From the article: The probe left Rosetta with 60-plus hours of battery life, and will need at some point to charge up with its solar panels. But early reports indicate that in its present position, the robot is receiving only one-and-a-half hours of sunlight during every 12-hour rotation of the comet. This will not be enough to sustain operations. As a consequence, controllers here are discussing using one of Philae's deployable instruments to try to launch the probe upwards and away to a better location. But this would be a last-resort option. New submitter Thanshin notes that the persistent Philae bounced a few times, and actually performed 3 landings, at 15:33, 17:26 & 17:33 UTC.Thanshin adds links to a handful of relevant Twitter feeds, if you want to follow in something close to real time: Philae2014; esa_rosetta; and Philae_MUPUS (MUlti PUrpose Sensor One).

    132 comments | about two weeks ago

  • The Students Who Feel They Have the Right To Cheat

    ub3r n3u7r4l1st writes with this story of endemic cheating in Indian Universities and the students who see it as a right. "Students are often keen to exercise their rights but recently there has been an interesting twist - some in India are talking about their right to cheat in university exams. 'It is our democratic right!' a thin, addled-looking man named Pratap Singh once said to me as he stood, chai in hand, outside his university in the northern state of Uttar Pradesh. 'Cheating is our birthright.' Corruption in the university exam system is common in this part of India. The rich can bribe their way to examination success. There's even a whole subset of the youth population who are brokers between desperate students and avaricious administrators. Then there's another class of student altogether, who are so well known locally - so renowned for their political links - invigilators dare not touch them. I've heard that these local thugs sometimes leave daggers on their desk in the exam hall. It's a sign to invigilators: 'Leave me alone... or else.' So if those with money or political influence can cheat, poorer students ask, why shouldn't they?"

    438 comments | about two weeks ago

  • Michelle Sleeper Creates 'Gaming, Comics, and Pop Culture Based Props'

    If you go to a sci-fi or gaming convention you'll see people in exotic "character" costumes, often holding exotic props, with some of the most popular being futuristic firearm mockups of one sort or another. Who makes all these cool fannish items? A whole bunch of artists and artisans, including Michelle Sleeper (who says she got tired of jokes about her name many years ago). She's not only one of these artisans, but is also a committed 3-D printer user, since 3-D printing is how she forms a high percentage of her props (with the word "props" being used here in the theatrical rather than the nautical sense). To keep up with what Michelle is making, you should check her blog. One of her most interesting posts, titled Atlanta Mini Maker Faire: On missing deadlines, failure, and triage, is about preparing for the event where Timothy Lord met and interviewed Michelle.

    Even if gamer gatherings and SF conventions aren't your thing, the interview (along with the links above) gives a nice glimpse into the life of an independent artisan who uses technology to create a lot of her art. (Alternate Video Link)

    35 comments | about three weeks ago

  • Ask Slashdot: Where Do You Stand on Daylight Saving Time?

    New submitter gbcox links to this article about how the switch between Standard Time and Daylight Saving Time can be dangerous, but writes Personally, I favor year 'round DST — I like the extra sunlight in the evening... but regardless, I just wish we'd pick one and stop futzing with the time twice a year. As it is right now, we only have about 4 months of standard time as it is... is it really worth the effort to switch the clocks for only four months? I think not. Where do you stand? If you have a strong opinion, it would be nice if you start your subject line in comments with "For it!" or "Against it!" If you think that the yearly clock-shifting is a good idea, when do you think each shift should occur? For those not keeping score, tonight is the switchover time for most Americans.

    613 comments | about three weeks ago

  • Ask Slashdot: Can You Say Something Nice About Systemd?

    ewhac writes: "I'm probably going to deeply deeply regret this, but every time a story appears here mentioning systemd, a 700-comment thread of back-and-forth bickering breaks out which is about as informative as an old Bud Light commercial, and I don't really learn anything new about the subject. My gut reaction to systemd is (currently) a negative one, and it's very easy to find screeds decrying systemd on the net. However, said screeds haven't been enough to prevent its adoption by several distros, which leads me to suspect that maybe there's something worthwhile there that I haven't discovered yet. So I thought it might be instructive to turn the question around and ask the membership about what makes systemd good. However, before you stab at the "Post" button, there are some rules...

    Bias Disclosure: I currently dislike systemd because — without diving very deeply into the documentation, mind — it looks and feels like a poorly-described, gigantic mess I know nothing about that seeks to replace other poorly-described, smaller messes which I know a little bit about. So you will be arguing in that environment."

    Nice Things About systemd Rules:

    1. Post each new Nice Thing as a new post, not as a reply to another post. This will let visitors skim the base level of comments for things that interest them, rather than have to dive through a fractally expanding tree of comments looking for things to support/oppose. It will also make it easier to follow the next rule:
    2. Avoid duplication; read the entire base-level of comments before adding a new Nice Thing. Someone may already have mentioned your Nice Thing. Add your support/opposition to that Nice Thing there, rather than as a new post.
    3. Only one concrete Nice Thing about systemd per base-level post. Keep the post focused on a single Nice Thing systemd does. If you know of multiple distinct things, write multiple distinct posts.
    4. Describe the Nice Thing in some detail. Don't assume, for example, that merely saying "Supports Linux cgroups" will be immediately persuasive.
    5. Describe how the Nice Thing is better than existing, less controversial solutions. systemd is allegedly better at some things than sysvinit or upstart or inetd. Why? Why is the Nice Thing possible in systemd, and impossible (or extremely difficult) with anything else? (In some cases, the Nice Thing will be a completely new thing that's never existed before; describe why it's good thing.)

    We will assume out of the gate that systemd boots your system faster than ${SOMETHING_ELSE}, so no points for bringing that up. Bonus points are awarded for:

    • Personal Experience. "I actually did this," counts for way more than, "The docs claim you can do this."
    • Working Examples. Corollary to the above — if you did a Nice Thing with systemd, consider also posting the code/script/service file you wrote to accomplish it.
    • Links to Supporting Documentation. If you leveraged a Nice Thing, furnish a link to the docs you used that describe the Nice Thing and its usage.

    928 comments | about a month ago

  • Hackers Breach White House Network

    wiredmikey writes: The White House's unclassified computer network was recently breached by intruders, a U.S. official said Tuesday. While the White House has not said so, The Washington Post reported that the Russian government was thought to be behind the act. Several recent reports have linked Russia to cyber attacks, including a report from FireEye on Tuesday that linked Russia back to an espionage campaign dating back to 2007. Earlier this month, iSight Partners revealed that a threat group allegedly linked with the Russian government had been leveraging a Microsoft Windows zero-day vulnerability to target NATO, the European Union, and various private energy and telecommunications organizations in Europe. The group has been dubbed the "Sandworm Team" and it has been using weaponized PowerPoint files in its recent attacks. Trend Micro believes the Sandworm team also has their eyes set on compromising SCADA-based systems.

    98 comments | about a month ago

  • Dangerous Vulnerability Fixed In Wget

    jones_supa writes: A critical flaw has been found and patched in the open source Wget file retrieval utility that is widely used on UNIX systems. The vulnerability is publicly identified as CVE-2014-4877. "It was found that wget was susceptible to a symlink attack which could create arbitrary files, directories or symbolic links and set their permissions when retrieving a directory recursively through FTP," developer Vasyl Kaigorodov writes in Red Hat Bugzilla. A malicious FTP server can stomp over your entire filesystem, tweets HD Moore, chief research officer at Rapid 7, who is the original reporter of the bug.

    58 comments | about a month ago

  • Ex-CBS Reporter Claims Government Agency Bugged Her Computer

    RoccamOccam writes A former CBS News reporter who quit the network over claims it kills stories that put President Obama in a bad light says she was spied on by a "government-related entity" that planted classified documents on her computer. In her new memoir, Sharyl Attkisson says a source who arranged to have her laptop checked for spyware in 2013 was "shocked" and "flabbergasted" at what the analysis revealed. "This is outrageous. Worse than anything Nixon ever did. I wouldn't have believed something like this could happen in the United States of America," Attkisson quotes the source saying.

    235 comments | about a month ago

  • When Snowden Speaks, Future Lawyers (and Judges) Listen

    TheRealHocusLocus writes: We are witness to a historic first: an individual charged with espionage and actively sought by the United States government has been (virtually) invited to speak at Harvard Law School, with applause. [Note: all of the following links go to different parts of a long YouTube video.] HLS Professor Lawrence Lessig conducted the hour-long interview last Monday with a list of questions by himself and his students.

    Some interesting segments from the interview include: Snowden's assertion that mass domestic intercept is an "unreasonable seizure" under the 4th Amendment; that it also violates "natural rights" that cannot be voted away even by the majority; a claim that broad surveillance detracts from the ability to monitor specific targets such as the Boston Marathon bombers; him calling out Congress for not holding Clapper accountable for misstatements; and his lament that contractors are exempt from whistleblower protection though they do swear an oath to defend the Constitution from enemies both foreign and domestic.

    These points have been brought up before. But what may be most interesting to these students is Snowden's suggestion that a defendant under the Espionage Act should be permitted to present an argument before a jury that the act was committed "in the public interest." Could this help ensure a fair trial for whistleblowers whose testimony reveals Constitutional violation?

    221 comments | about a month ago

  • Peter Kuran:Visual Effects Artist and Atomic Bomb Archivist

    Lasrick links to this interview with Peter Kuran, an animator of the original Star Wars and legendary visual effects artist, writing If you saw the recent remake of Godzilla, you saw stock footage from Atom Central, known on YouTube as 'the atomic bomb channel.' Atom Central is the brainchild of Kuran, who among his many talents is an expert on archival films of the atmospheric testing era of 1945 to 1963. Combining his film restoration and photography expertise with his interest in nuclear history, he has also produced and directed five documentaries. He is currently working with Lawrence Livermore and Los Alamos National Laboratories to preserve and catalog images from the bomb-testing era, and to produce a technical handbook that will help people understand these images and the techniques used to create them.

    37 comments | about a month ago

  • BBC Takes a Stand For the Public's Right To Remember Redacted Links

    Martin Spamer writes with word that the BBC is to publish a continually updated list of its articles removed from Google under the controversial 'right to be forgotten' notices." The BBC will begin - in the "next few weeks" - publishing the list of removed URLs it has been notified about by Google. [Editorial policy head David] Jordan said the BBC had so far been notified of 46 links to articles that had been removed. They included a link to a blog post by Economics Editor Robert Peston. The request was believed to have been made by a person who had left a comment underneath the article. An EU spokesman later said the removal was "not a good judgement" by Google.

    113 comments | about a month ago

  • Netflix Video Speed On FiOS Doubles After Netflix-Verizon Deal

    An anonymous reader writes: Verizon now joins AT&T and Time Warner Cable in the list of ISPs on which Netflix streaming has significantly improved after Netflix paid for access to their networks. Ars Technica notes that "[t]he interconnection deals give Netflix a direct connection to the edge of the Internet providers' networks, bypassing congested links, but without receiving priority treatment after entering the networks." The success of these deals, however, gives the ISPs no incentive whatsoever to fix their congested links. Toll roads have, in essence, been created for the internet.

    204 comments | about a month and a half ago

  • Ask Slashdot: VPN Setup To Improve Latency Over Multiple Connections?

    blogologue writes I've been playing Battlefield for some time now, and having a good ping there is important for a good gaming experience. Now I'm in the situation where I have mobile internet access from two telecom companies, and neither of those connections are stable enough to play games on, the odd ping in hundreds of milliseconds throws everything off. How can I setup a Windows client (my PC) and a Linux server (in a datacenter, connected to the internet) so that the same TCP and UDP traffic goes over both links, and the fastest packet on either link 'wins' and the other is discarded?

    174 comments | about a month and a half ago

  • Snowflake-Shaped Networks Are Easiest To Mend

    Z00L00K sends this report from New Scientist: Networks shaped like delicate snowflakes are the ones that are easiest to fix when disaster strikes. Power grids, the internet and other networks often mitigate the effects of damage using redundancy: they build in multiple routes between nodes so that if one path is knocked out by falling trees, flooding or some other disaster, another route can take over. But that approach can make them expensive to set up and maintain. The alternative is to repair networks with new links as needed, which brings the price down – although it can also mean the network is down while it happens.

    As a result, engineers tend to favor redundancy for critical infrastructure like power networks, says Robert Farr of the London Institute for Mathematical Sciences. So Farr and colleagues decided to investigate which network structures are the easiest to repair. They simulated a variety of networks, linking nodes in a regular square or triangular pattern and looked at the average cost of repairing different breaks, assuming that expense increases with the length of a rebuilt link. ... They found the best networks are made from partial loops around the units of the grid, with exactly one side of each loop missing (abstract). All of these partial loops link together, back to a central source. ... These networks have three levels of hierarchy – major arms sprouting from a central hub that branch and then branch again, but no further. When drawn, they look remarkably like snowflakes, which have a similar branching structure.

    38 comments | about 2 months ago

  • iOS Trojan Targets Hong Kong Protestors

    First time accepted submitter Kexel writes Security researchers have claimed to discover the first Apple iOS Trojan attack in a move to thwart the communications of pro-democracy Hong Kong activists. From the article: "The malicious software, known as Xsser, is capable of stealing text messages, photos, call logs, passwords and other data from Apple mobile devices, researchers with Lacoon Mobile Security said on Tuesday. They uncovered the spyware while investigating similar malware for Google Inc's Android operating system last week that also targeted Hong Kong protesters. Anonymous attackers spread the Android spyware via WhatsApp, sending malicious links to download the program, according to Lacoon. It is unclear how iOS devices get infected with Xsser, which is not disguised as an app."

    72 comments | about 2 months ago

  • Ask Slashdot: Multimedia-Based Wiki For Learning and Business Procedures?

    kyle11 writes I'm scratching my head at how to develop a decent wiki for a large organization I work in. We support multiple technologies, across multiple locations, and have ways of doing things that become exponentially convoluted. I give IT training to many of these users for a particular technology, and other people do for other stuff as well. Now, I hate wikis because everyone who did one before failed and gave them a bad name. If it starts wrong, it is doomed to failure and irrelevance.

    What I'm looking for would be something like a Wiki with YouTube built in — make a playlist of videos with embedded links for certain job based tasks. And reuse and recycle those videos in other playlists of other tasks as they may be applicable. It would go beyond the actual IT we work with and would include things like, "Welcome to working in this department. Here are 20 videos detailing stupid procedures you need to go through to request access to customers' systems/networks/databases to even think about doing your job." I tried MediaWiki and Xwiki, and maybe I'm doing it wrong, but I can't seem to find a way to tweak them to YouTube-level simplicity for anyone to contribute to without giving up on the thing because its' a pain in the butt.

    My only real requirement is that it not be cloud-based because it will contain certain sensitive information and I'd like it all to live on one virtual machine if at all possible. I can't be the only one with this problem of enabling many people to contribute and sort their knowledge without knowing how an HTML tag works, or copying files into something more complicated than a web browser. What approaches have any of you out there taken to trying to solve a similar problem?

    97 comments | about 2 months ago

Slashdot Login

Need an Account?

Forgot your password?