×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Why Screen Lockers On X11 Cannot Be Secure

Soulskill posted yesterday | from the targeted-for-improvement dept.

Security 327

jones_supa writes: One thing we all remember from Windows NT is the security feature requiring the user to press CTRL-ALT-DEL to unlock the workstation (this can still be enabled with a policy setting). The motivation was to make it impossible for other programs to mimic a lock screen, as they couldn't react to the special key combination. Martin Gräßlin from the KDE team takes a look at the lock screen security on X11. On a protocol level, X11 doesn't know anything of screen lockers. Also the X server doesn't know that the screen is locked as it doesn't understand the concept. This means the screen locker can only use the core functionality available to emulate screen locking. That in turn also means that any other client can do the same and prevent the screen locker from working (for example opening a context menu on any window prevents the screen locker from activating). That's quite a bummer: any process connected to the X server can block the screen locker, and even more it could fake your screen locker.

Justice Department: Default Encryption Has Created a 'Zone of Lawlessness'

Soulskill posted yesterday | from the what-would-you-call-this-zone-that's-allegedly-associated-with-danger? dept.

Encryption 389

Jason Koebler writes: Leslie Caldwell, an assistant attorney general at the Justice Department, said Tuesday that the department is "very concerned" by the Google's and Apple's decision to automatically encrypt all data on Android and iOS devices.

"We understand the value of encryption and the importance of security," she said. "But we're very concerned they not lead to the creation of what I would call a 'zone of lawlessness,' where there's evidence that we could have lawful access through a court order that we're prohibited from getting because of a company's technological choices.

The iPad Is 5 Years Old This Week, But You Still Don't Need One

Soulskill posted yesterday | from the interactive-chopping-boards dept.

Handhelds 257

HughPickens.com writes: Five years ago, Steve Jobs introduced the iPad and insisted that it would do many things better than either a laptop or a smartphone. Will Oremus writes at Future Tense that by most standards, the iPad has been a success, and the tablet has indeed emerged as a third category of computing device. But there's another way of looking at the iPad. According to Oremus, Jobs was right to leave out the productivity features and go big on the simple tactile pleasure of holding the Internet in your hands.

But for all its popularity and appeal, the iPad never has quite cleared the bar Jobs set for it, which was to be "far better" at some key tasks than a laptop or a smartphone. The iPad may have been "far better" when it was first released, but smartphones have come a long way. The iPhone 6 and 6 Plus and their Android equivalents are now convenient enough for most mobile computing tasks that there's no need to carry around a tablet as well. That helps explain why iPad sales have plateaued, rather than continuing to ascend to the stratospheric levels of the iPhone. "The iPad remains an impressive machine. But it also remains a luxury item rather than a necessity," concludes Oremus. "Again, by most standards, it is a major success. Just not by the high standards that Jobs himself set for it five years ago."

Apple Posts $18B Quarterly Profit, the Highest By Any Company, Ever

Soulskill posted yesterday | from the all-about-the-benjamins dept.

Businesses 468

jmcbain writes: Yesterday, Apple reported its financial results for the quarter ending December 27, 2014. The company posted $18 billion in profit (on $74 billion in revenue), the largest quarterly profit by any company, ever. The previous record was $16 billion by Russia's Gazprom (the largest natural gas extractor in the world) in 2011. Apple sold 74.5 million iPhones last quarter, along with 5.5 million Macs and 21.4 million iPads.

Engineers Develop 'Ultrarope' For World's Highest Elevator

Soulskill posted yesterday | from the for-when-super-rope-just-doesn't-cut-it dept.

Science 240

HughPickens.com writes: Halfway up the Shard, London's tallest skyscraper, you are asked to step out of the elevator at the transfer floor, or "sky lobby," a necessary inconvenience in order to reach the upper half of the building, and a symptom of the limits of elevators today. To ascend a mile-high (1.6km) tower using the same technology could necessitate changing elevators as many as 10 times. Elevators traveling distances of more than 500m [1,640 ft] have not been feasible because the weight of the steel cables themselves becomes so great. Now, after nine years of rigorous testing, Kone has released Ultrarope — a material composed of carbon-fiber covered in a friction-proof coating that weighs a seventh of the steel cables, making elevators of up to 1km (0.6 miles) in height feasible to build.

Kone's creation was chosen to be installed in what's destined to become the world's tallest building, the Kingdom Tower in Jeddah, Saudi Arabia. When completed in 2020, the tower will stand a full kilometer in height, and will boast the world's tallest elevator at 660m (2,165ft). A 1km-tall tower may seem staggering, but is this the build-able limit? Most probably not, according to Dr. Sang Dae Kim. "With Kingdom Tower we now have a design that reaches around 1 km in height. Later on, someone will push for 1 mile, and then 2 km," says Kim. He adds that, technically speaking, 2 km might be possible at the current time. Anything higher would require new materials and building techniques.

Gamma-ray Bursts May Explain Fermi's Paradox

Soulskill posted yesterday | from the fault-in-our-stars dept.

Space 221

An anonymous reader writes: A new study confirms the potential hazard of nearby gamma-ray bursts. It quantifies the probability of an event near Earth, and more generally in the Milky Way and other galaxies over time: "[Evolved] life as it exists on Earth could not take place in almost any galaxy that formed earlier than about five billion years after the Big Bang." This could explain the Fermi's paradox, or why we don't see billion-year-old civilizations all around us.

YouTube Ditches Flash For HTML5 Video By Default

Soulskill posted yesterday | from the now-if-they-can-ditch-the-commenters dept.

Youtube 217

An anonymous reader writes: YouTube today announced it has finally stopped using Adobe Flash by default. The site now uses its HTML5 video player by default in Google's Chrome, Microsoft's IE11, Apple's Safari 8, and in beta versions of Mozilla's Firefox browser. At the same time, YouTube is now also defaulting to its HTML5 player on the web. In fact, the company is deprecating the "old style" Flash object embeds and its Flash API, pointing users to the iFrame API instead, since the latter can adapt depending on the device and browser you're using.

Ask Slashdot: Best Medium For Personal Archive?

timothy posted 2 days ago | from the but-with-8-tracks-you-can-still-lose-7 dept.

Media 247

An anonymous reader writes What would be the best media to store a backup of important files in a lockbox? Like a lot of people we have a lot of important information on our computers, and have a lot of files that we don't want backed up in the cloud, but want to preserve. Everything from our personally ripped media, family pictures, important documents, etc.. We are considering BluRay, HDD, and SSD but wanted to ask the Slashdot community what they would do. So, in 2015, what technology (or technologies!) would you employ to best ensure your data's long-term survival? Where would you put that lockbox?

Valve's Economist Yanis Varoufakis Appointed Greece's Finance Minister

timothy posted 2 days ago | from the finger-on-all-the-buttons dept.

The Almighty Buck 318

eldavojohn writes A turnover in the Greek government resulted from recent snap elections placing SYRIZA (Coalition of the Radical Left) in power — just shy of an outright majority by two seats. Atheist, and youngest Prime Minister in Greek history since 1865, Alexis Tsipras has been appointed the new prime minister and begun taking immediate drastic steps against the recent austerity laws put in place by prior administrations. One such step has been to appoint Valve's economist Yanis Varoufakis to position of Finance Minister of Greece. For the past three years Varoufakis has been working at Steam to analyze and improve the Steam Market but now has the opportunity to improve one of the most troubled economies in the world.

"Mammoth Snow Storm" Underwhelms

timothy posted 2 days ago | from the blame-uber dept.

Earth 390

mi (197448) writes You heard the scare-mongering, you heard the governors and mayors closing public transit and declaring driving on public roads a crime. But it turned out to have been a mistake. Boston may have been hit somewhat, but further South — NYC and Philadelphia — the snowfall was rather underwhelming. Promised "2-3 feet" of snow, NYC got only a few inches. Is this an example of "better safe than sorry," or is government's overreach justified by questionable weather models exceeding the threshold of an honest mistake?

White House Drone Incident Exposes Key Security Gap

timothy posted 2 days ago | from the if-you-can-breathe-there's-a-security-gap dept.

United States 232

HughPickens.com writes The Washington Post reports that the intrusion by a recreational drone onto the White House lawn has exposed a security gap at the compound that the Secret Service has spent years studying but has so far been unable to fix. Commercial technology is available that can use a combination of sensitive radar and acoustic trackers to detect small drones, though coming up with an effective way to stop them has been more elusive. "To do something about the problem, you have to find it, you have to track it, you have to identify it and you have to decide what to do with it," says Frederick F. Roggero. "But especially in an urban environment, it would be tough to detect and tough to defeat kinetically without shooting it down and causing collateral damage." Most recreational drones, like the one that crashed Monday, weigh only a few pounds and lack the power to do much harm. Larger models that can carry payloads of up to 30 pounds are available on the market and are expected to become more common. The FAA imposes strict safety regulations on drones flown by government agencies or anyone who operates them for commercial purposes. In contrast, hardly any rules apply to people who fly drones as a hobby, other than FAA guidelines that advise them to keep the aircraft below 400 feet and five miles from an airport. "With the discovery of an unauthorized drone on the White House lawn, the eagle has crash-landed in Washington," says Senator Charles Schumer. "There is no stronger sign that clear FAA guidelines for drones are needed."

EFF Unveils Plan For Ending Mass Surveillance

Soulskill posted 2 days ago | from the hopeful-but-doubtful dept.

Electronic Frontier Foundation 275

An anonymous reader writes: The Electronic Frontier Foundation has published a detailed, global strategy for ridding ourselves of mass surveillance. They stress that this must be an international effort — while citizens of many countries can vote against politicians who support surveillance, there are also many countries where the citizens have to resort to other methods. The central part of the EFF's plan is: encryption, encryption, encryption. They say we need to build new secure communications tools, pressure existing tech companies to make their products secure against everyone, and get ordinary internet-goers to recognize that encryption is a fundamental part of communication in the surveillance age.

They also advocate fighting for transparency and against overreach on a national level. "[T]he more people worldwide understand the threat and the more they understand how to protect themselves—and just as importantly, what they should expect in the way of support from companies and governments—the more we can agitate for the changes we need online to fend off the dragnet collection of data." The EFF references a document created to apply the principles of human rights to communications surveillance, which they say are "our way of making sure that the global norm for human rights in the context of communication surveillance isn't the warped viewpoint of NSA and its four closest allies, but that of 50 years of human rights standards showing mass surveillance to be unnecessary and disproportionate."

Davos 2015: Less Innovation, More Regulation, More Unrest. Run Away!

Soulskill posted 2 days ago | from the can't-we-all-just-get-along dept.

ch 332

Freshly Exhumed writes: Growing income inequality was one of the top four issues at the 2015 World Economic Forum meeting in Davos, Switzerland, ranking alongside European adoption of quantitative easing and geopolitical concerns. Felix Salmon, senior editor at Fusion, said there was a consensus that global inequality is getting worse, fueling overriding pessimism at the gathering. The result, he said, could be that the next big revolution will be in regulation rather than innovation. With growing inequality and the civil unrest from Ferguson and the Occupy protests fresh in people's mind, the world's super rich are already preparing for the consequences. At a packed session, former hedge fund director Robert Johnson revealed that worried hedge fund managers were already planning their escapes. "I know hedge fund managers all over the world who are buying airstrips and farms in places like New Zealand because they think they need a getaway," he said. Looking at studies like NASA's HANDY and by KPMG, the UK Government Office of Science, and others, Dr Nafeez Ahmed, executive director of the Institute for Policy Research & Development, warns that the convergence of food, water and energy crises could create a "perfect storm" within about fifteen years.

Ubisoft Revokes Digital Keys For Games Purchased Via Unauthorised Retailers

Soulskill posted 2 days ago | from the there-is-no-entertainment-except-through-us dept.

Businesses 457

RogueyWon writes: For the last several days, some users of Ubisoft's uPlay system have been complaining that copies of games they purchased have been removed from their libraries. According to a statement issued to a number of gaming websites, Ubisoft believes that the digital keys revoked have been "fraudulently obtained." What this means in practice is unclear; while some of the keys may have been obtained using stolen credit card details, others appear to have been purchased from unofficial third-party resellers, who often undercut official stores by purchasing cheaper boxed retail copies of games and selling their key-codes online, or by exploiting regional price differences, buying codes in regions where games are cheaper to sell them elsewhere in the world. The latest round of revocations appears to have triggered an overdue debate into the fragility of customer rights in respect of digital games stores.

Police Organization Wants Cop-Spotting Dropped From Waze App

samzenpus posted 2 days ago | from the don't-report-me dept.

Censorship 454

An anonymous reader writes "The Register reports on a request from the US National Sheriffs' Association, which "wants Google to block its crowd-sourced traffic app Waze from being able to report the position of police officers, saying the information is putting officer's lives at risk." From the article: "'The police community needs to coordinate an effort to have the owner, Google, act like the responsible corporate citizen they have always been and remove this feature from the application even before any litigation or statutory action,' AP reports Sheriff Mike Brown, the chairman of the NSA's technology committee, told the association's winter conference in Washington....Brown called the app a 'police stalker,' and said being able to identify where officers were located could put them at personal risk. Jim Pasco, executive director of the Fraternal Order of Police, said his members had concerns as well. 'I can think of 100 ways that it could present an officer-safety issue,' Pasco said. 'There's no control over who uses it. So, if you're a criminal and you want to rob a bank, hypothetically, you use your Waze.'"

Plan C: The Cold War Plan Which Would Have Brought the US Under Martial Law

samzenpus posted 2 days ago | from the gentlemen-you-can't-fight-in-here-this-is-the-war-room dept.

United States 299

v3rgEz writes with this story of a top secret Cold War plan which would have brought the U.S. under martial law. Starting on April 19, 1956, the federal government practiced and planned for a near-doomsday scenario known as Plan C. When activated, Plan C would have brought the United States under martial law, rounded up over ten thousand individuals connected to 'subversive' organizations, implemented a censorship board, and prepared the country for life after nuclear attack. There was no Plan A or B....Details of this program were distributed to each FBI field office. Over the following months and years, Plan C would be adjusted as drills and meetings found holes in the defensive strategy: Communications were more closely held, authority was apparently more dispersed, and certain segments of the government, such as the U.S. Attorneys, had trouble actually delineating who was responsible for what. Bureau employees were encouraged to prepare their families for the worst, but had to keep secret the more in-depth plans for what the government would do if war did break out. Families were given a phone number and city for where the relocated agency locations would be, but not the exact location.

Windows 10: Charms Bar Removed, No Start Screen For Desktops

samzenpus posted 2 days ago | from the check-it-out dept.

Windows 375

jones_supa writes Late last week, Microsoft pushed out a new build (9926) of Windows 10 to those of you who are running the Technical Preview. The latest version comes with many new features, some easily accessible, others bubbling under, but two big changes are now certain: the Charms bar is dead, and Start Screen for large devices is no more. Replacing the Charms bar is the Action Center, which has many of the same shortcuts as the Charms bar, but also has a plethora of other information too. Notifications are now bundled into the Action Center and the shortcuts to individual settings are still easily accessible from this window. The Start Screen is no longer present for desktop users, the options for opening it are gone. Continuum is the future, and it has taken over what the Start Screen initiated with Windows 8.

Google Explains Why WebView Vulnerability Will Go Unpatched On Android 4.3

samzenpus posted 2 days ago | from the no-patch-for-you dept.

Google 567

MojoKid writes If you're running Android 4.3 or earlier, you're pretty much out of luck when it comes to a baked-in defense against a WebView vulnerability that was discovered earlier this month by security analyst Tod Beardsley. The vulnerability leaves millions of users open to attack from hackers that choose to exploit the security hole. WebView is a core component of the Android operating system that renders web pages. The good news is that the version of WebView included in Android 4.4 KitKat and Android 5.0 Lollipop is based on Chromium and is not affected by the vulnerability. The bad news is that those running Android 4.3 and earlier are wide open, which means that 60 percent of Android users (or nearly one billion customers) are affected. What's most interesting is that Google has no trouble tossing grenades at the feet of Microsoft and Apple courtesy of its Project Zero program, but doesn't seem to have the resources to fix a vulnerability that affects a substantial portion of the Android user base.

Omand Warns of "Ethically Worse" Spying If Unbreakable Encryption Is Allowed

samzenpus posted 2 days ago | from the don't-make-it-hard-for-us dept.

Privacy 388

Press2ToContinue writes In their attempts to kill off strong encryption once and for all, top officials of the intelligence services are coming out with increasingly hyperbolic statements about why this should be done. Now, a former head of GCHQ, Sir David Omand has said: "One of the results of Snowden is that companies are now heavily encrypting [communications] end to end. Intelligence agencies are not going to give up trying to get the bad guys. They will have to get closer to the bad guys. I predict we will see more close access work." According to The Bureau of Investigative Journalism, which reported his words from a talk he gave earlier this week, by this he meant things like physical observation, bugging rooms, and breaking into phones or computers. "You can say that will be more targeted but in terms of intrusion into personal privacy — collateral intrusion into privacy — we are likely to end up in an ethically worse position than we were before." That's remarkable for its implied threat: if you don't let us ban or backdoor strong encryption, we're going to start breaking into your homes.

Verizon, Cable Lobby Oppose Spec-Bump For Broadband Definition

timothy posted 2 days ago | from the never-let-the-government-define-words dept.

Government 255

WheezyJoe writes Responding to the FCC's proposal to raise the definition of broadband from 4Mbps downstream and 1Mbps upstream to 25Mbps down and 3Mbps up, the lobby group known as the National Cable & Telecommunications Association (NCTA) wrote in an FCC filing Thursday that 25Mbps/3Mbps isn't necessary for ordinary people. The lobby alleges that hypothetical use cases offered for showing the need for 25Mbps/3Mbps "dramatically exaggerate the amount of bandwidth needed by the typical broadband user", referring to parties in favor of the increase like Netflix and Public Knowledge. Verizon, for its part, is also lobbying against a faster broadband definition. Much of its territory is still stuck on DSL which is far less capable of 25Mbps/3Mbps speeds than cable technology.

The FCC presently defines broadband as 4Mbps down and 1Mbps up, a definition that hasn't changed since 2010. By comparison, people in Sweden can pay about $40 a month for 100/100 mbps, choosing between more than a dozen competing providers. The FCC is under mandate to determine whether broadband is being deployed to Americans in a reasonable and timely way, and the commission must take action to accelerate deployment if the answer is negative. Raising the definition's speeds provides more impetus to take actions that promote competition and remove barriers to investment, such as a potential move to preempt state laws that restrict municipal broadband projects.

Slashdot Login

Need an Account?

Forgot your password?