How Hackers Accidentally Sold a Pre-Release XBox One To the FBI
From the way the article describes it, the FBI actually stole the group's home-made XBox-like computer. The group used stolen login credentials to get the XBox specs and built a rig to spec with parts bought from NewEgg. Apparently a group of XBox enthusiasts paid $5000 for it (they knew it was a home-made rig), but then the guy who was supposed to send it to them handed it to the FBI instead.
To summarize: Group builds a computer with same specs as XBox. Group agrees to sell it to another group, and is paid $5000. During delivery it instead ends up in the hands of the FBI.
Home Depot Confirms Breach of Its Payment Systems
I'm in Canada, and we've been using chip cards for a few years now. I just called my bank 45 minutes ago after noticing a fraudulent charge on my credit card from August 30th. Since I bought a bunch of stuff at Home Depot in May/June, I'm assuming they managed to clone my card from the stolen data. The charge was only $4.56, at a gas station halfway across the country, so I would guess that someone was testing the clone to see if it was a valid card number (maybe testing one number from a batch of 100s or 1000s, to see if the numbers were legit.)
Just so we're clear, I'm not saying the fraudulent purchase itself was made using the chip. I only ever use chip + pin when making purchases, but I suppose a cloned card could use NFC (eg: PayWay) for a purchase that small, or even just the magstripe, neither of which requires them to have compromised my pin. My point is that I thought I was being safe using chip + pin, but still got hit regardless. Fortunately, banks seem to be good about this sort of thing, and my new card is on its way.
Restoring Salmon To Their Original Habitat -- With a Cannon
Goddamn it - Funny and Overrated shouldn't be next to each other in the moderation drop-down. Now I have to post here just to undo my mistake. Is there a way I could suggest to Slashdot devs that Overrated be moved up to be with all the other downmods at the top of the drop-down list, rather than tucked in between Funny and Underrated, so I don't hit it by mistake?
How a Solar Storm Two Years Ago Nearly Caused a Catastrophe On Earth
I don't see what the fuss is about. The odds of being hit by a CME have to be quite low. Let's work it out together:
- To make the math simple, let's first assume CMEs can be fired in any direction.
- For a CME to hit the Earth, it has to occupy the same space as us at the same time.
- The Earth is approx 1 AU from the sun at any given time; so to hit the Earth, the CME has to hit a particular spot on a sphere of space 1 AU in radius.
- So the probability of a given CME hitting Earth is approximately equivalent to the ratio of half the Earth's surface area (since only half faces the Sun at a time) to the surface area of a sphere with a radius of 1 AU.
- 1 AU = 149,597,871 km
- Surface area of a sphere is 4*pi*r^2, so our orbital sphere has an area of approx 2.8 x 10^17 km^2.
- Surface area of the Earth = 510,072,000 km^2, or 5.1 x 10^8 km^2
Therefore the probability of being hit by a given CME is (2.8 x 10^17) / (5.1 x 10^8) = 5.5 x 10^-8, or a 0.0000055% chance.
Now the number of CMEs per year is actually higher than I expected, which I suppose explains why we do in fact get hit between 0 - 70 times per year. However the number of annual large CMEs is quite low, with none of the sites I visited actually agreeing on the number (most seemed to agree it's less than 5 per year in a solar maximum.) Let's say there are 5 per year. That only brings the chance of being hit by one of them up to 0.000028% per year. So if I live to be 100, the chances I'll see one in my lifetime are only 0.0028%.
caveat: These calculations ignore CME cross-section (essentially width and height) and duration (essentially length), since I couldn't find any accurate information on those. If you find those, you can factor them into these calculations by multiplying by the cross-section, multiplying by the % duration that the CME's strength is high, and multipyling by the Earth's average orbital velocity. That will modify the probility to take into account the volume of space the Earth occupies while the CME is traversing the edge of our 1 AU sphere, and how much of the surface of the sphere is touched by the CME.
Judge: $324M Settlement In Silicon Valley Tech Worker Case Not Enough
The accepted story was submitted by itwbennett, and links to a story on itworld.com. I think it's a fair assumption that it was submitted by Amy Bennett, ITworld's Managing Editor. According to her achievements, she's had 2^9 submissions accepted, from which we can conclude that Slashdot editors probably prioritize her submissions. I imagine her submissions are fairly well written, link to a somewhat reputable source, and have already been deemed interesting enough to the IT crowd for a story on ITworld. So they get fast-tracked, and other worthy submissions are reviewed later, deemed to be duplicates, and discarded.
Would be nice if her submissions lead off with the fact that she was the managing editor for ITworld though, just to make it clear that she's just trying to feed traffic to her own site. (Which is a valid action if the story is original and interesting, but should require a disclaimer.)
Parenting Rewires the Male Brain
So far, I haven't been getting much advice that is critical of our plans, except from one person: my very traditional mother, who is probably secretly horrified that my husband is going to stay at home.
I've got two kids and a third due in about 9 weeks. My best advice to parents-to-be is to ignore all the advice you'll get (small joke there.) Everyone you meet will think they know better than you what being a parent will be like, and that they know best how you should raise your child. Many of them will then offer that advice in strong terms, even when you clearly don't want/need it. Listen to them, nod politely, and go on doing it the way you think best.
... perhaps there's a chance that I'll become more maternal. I worry about it.
Annecdotal, but: We both became more maternal/paternal when our son was born. I had trouble bonding the first couple of weeks - they just cry, sleep and poop the first while, and nursing didn't go well (apparently the stats are that 50% of women have trouble with nursing for the first child. Ignore anyone that pressures you for or against nursing - it's your choice to try and for how long.) But taking time to just sit quietly and take care of him, hold him when he's sleeping, stuff like that helped us bond. Looking back now, I do wish I'd taken some videos of us having that quiet bonding time.
So, trust yourself and good luck - it's a hell of a ride, but totally worth it!
California City Considers Restarting Desalination Plant To Fight Drought
... or you use pumps to pressurize a bunch of salt water and use a membrane to filter out the salt. Again pressurizing the water consumes a lot of energy.
Couldn't you just drop a container into the ocean, one with only two openings - one with your membrane for salt water in, the other opening for desalinated water out? The deeper you put it, the more pressure outside the container that pushes the salt water through your membrane. Then you could use a low power pump to slowly remove the clean water through a hose attached to the other opening.
Lessig Launches a Super PAC To End All Super PACs
PAC is short for Political Action Committee and it is a way of buying politicians. What is boils down to is a way for many people to combine their political contributions into one entity. (sarc) If the PAC supports your issues then that's ok. (/sarc)
If you have enough money to buy politicians in lots of half a dozen, is it a 6-PAC?
If you can only afford a third of that, then it's a 2-Pac.
Canada Halts Online Tax Returns In Wake of Heartbleed
No, Telefile was discontinued last year.
Earth Barely Dodged Solar Blast In 2012
The summary says "From the Reuters article", but none of the links point to a story by Reuters. The links go to Nature, Wikipedia and UC Berkeley. The Berkeley article one doesn't mention Reuters; the Nature paper is paywalled, I can't check it's sources without forking over $32, but I would doubt it would rely on a news report as a source.
Hungarian Law Says Photogs Must Ask Permission To Take Pictures
I guess it's back to old school photograhpy then. 100 years ago, photographs of landmarks didn't have people in then unless they were willing to stand perfectly still for 20 minutes or more. So just get a tripod, set up at your chosen landmark, and open the shutter. None of the people moving around will show up in your picture, and if you want to be in your own photo, just walk in front of the camera and strike a pose that you can hold for a half hour or so.
Lies Programmers Tell Themselves
"We can tune for performance after we're done implementing the required functionality."
US Carriers Said To Have Rejected Kill Switch Technology Last Year
While I agree with others worried that a kill switch could be abused (by carriers / government / MPAA / RIAA / etc), I'm now wondering if it would be a handy way to counter (un)lawful search and seizure of a device by various authorities? Say you're transiting through the US and a TSA agent decides they want to confiscate (and presumably search) your smartphone. If the kill switch is easy to activate (maybe a number you call and enter a code, or via your laptop or friend's smartphone), you could wipe your device before they get the contents.
Scientists Study Permian Mass Extinction Event As Lesson For 21st Century
6,000,000 cubic kilometers of molten material - enough to cover the continental U.S. at a one mile depth.
I don't think the submitter understands math. One mile is about 1.6 km, so 6,000,000 km^3 of lava would cover an area of 3,750,000 km^2. Yet when I check Wikipedia (and Princeton, and the other top 5 Google results), they all say the Contiguous United States has an area of just over 8,000,000 km^2. That's an awfully big mistake. I hope the actual Stanford paper is of better quality than the Slashdot summary.
CES 2014: There's a 'Pre-Show' Before the Consumer Electronics Show (Video)
I'm on m.slashdot.org with my iPad, and there's no video. Not even a placeholder for a video (if they were using Flash or Silverlight.) So I also checked the CES Unveiled link in the summary, but it just goes to the schedule, no details. Not impressed guys...
Encrypted PIN Data Taken In Target Breach
knowing that each pin is exactly 4 digits?
I didn't see anything in the stories saying the pins were all exactly four digits. The examples of bad pins given in one story were four digits long, but most debit systems in North America accept larger pins. For the past 25 years, I've banked primarily with RBC (the largest bank in Canada), and I've always had a 6 digit pin. I have travelled a fair bit in that time, and the only place I had problems was at the ATMs for smaller banks in New Zealand, which had GUIs limiting pin input to 4 digits.
FOIA: NSA Contracts Stored In Paper Files, Unsearchable, Unindexed
That summary is misleading. It's based on an NSA response to a FOI request, worded as follows:
A search for overly broad keywords such as "CNO" and "computer network attack" would be tantamount to conducting a manual search through thousands of folders and then reading each document in order to determine whether the document pertains to a contract.
That could be network folders (ie: directories) and Word documents, they never said anything was on "paper". The way I read that quote was that they've got heaps of contracts, stored in lots of directories, and even if they did a search they'd have to read each document returned to see if it was a contract pertaining to the FOI request. They're trying to say that's too burdensome, which in theory gives them a way of not supplying the information. In practice, a judge might decide they should be able to do the search in a reasonable amount of time, and force them to comply.
Will New Red-Text Warnings Kill Casual Use of Java?
This update might be the death knell for the Java4K contest. That would be a real shame - lots of great developers have submitted games over the years, such as Markus Persson of Minecraft fame. But after the recent changes and now this red text warning, I'd bet most casual users will turn off Java in their browser (and who can blame them?) A contest with only developers can still be fun, but not as fun as having several hundred or thousand people play your game.
Flies See the World In Slo-Mo, Say Researchers
I've thought of this too every time I try to swat a fly that found its way into my house. Flies seem to be able to do aerial maneuvers in reaction to threats that you would think impossible given their tiny brains.
I thought it was because your hand creates a big buffer of air in front of it, like a bow wave. The fly is so small, it's easily buffeted ahead and aside, so any manoeuvring gets it out of the line of your hand. Even easier when your hand approaches a hard surface - then the air squishes out to the sides, and the fly goes out with it. This is probably easier to visualize in a body of water - float a cork or a small piece of plastic in your sink, put your hand in the water, then try to squish the item up against the side of the sink. It won't work most of the time, as the bow wave will push the item off to one side, and it only gets worse the faster your move your hand.
I expect that's why fly swatters are just a mesh - so the air can flow through without creating an air buffer.
The History of The Oregon Trail
Looks like a rehash of the story we saw here a couple of years ago. I've only read the first few paragraphs of this new article, but I haven't found anything different from the previous one. I'm not suggesting plagiarism, I'm just saying it looks like the author just took the information from previous stories and rewrote it in his own words, without adding anything new.
Heartbleed: Revenue Canada breached, 900 SINs leaked
Walking The Walk (1003312) writes "The Canadian Revenue Agency (CRA) released a statement yesterday explaining that they had been notified of a breach of their system. The CRA attempted to avoid being compromised by halting online tax returns, taking down Netfile and other related websites affected by Heartbleed. The statement indicates that affected individuals and businesses will receive notification by registered mail, "to ensure that our communications are secure and cannot be exploited by fraudsters through phishing schemes.""
Snowden Document: CSEC spying on Canadians
Walking The Walk (1003312) writes "It seems the NSA isn't the only agency doing illegal domestic spying. According to a Snowden document obtained by the CBC, Canada's Communications Security Establishment Canada (CSEC) has apparently been tracking domestic travellers, starting from when they first use free wifi at an airport, and continuing for days after they left the terminal. From the article:
The document indicates the passenger tracking operation was a trial run of a powerful new software program CSEC was developing with help from its U.S. counterpart, the National Security Agency.
In the document, CSEC called the new technologies "game-changing," and said they could be used for tracking "any target that makes occasional forays into other cities/regions."
The CBC notes early in the article that the spy agency:
is supposed to be collecting primarily foreign intelligence by intercepting overseas phone and internet traffic, and is prohibited by law from targeting Canadians or anyone in Canada without a judicial warrant.
Predictably, CSEC's chief is quoted saying that they aren't allowed to spy on Canadians, so therefore they don't. As observed by experts consulted for the story, that claim is equivalent to saying that they collect the data but we're to trust that they don't look at it."
Canadian Spy Agencies Deliberately Misled Courts
Walking The Walk (1003312) writes "Canada's spy agency deliberately withheld information from the courts in an effort to do an end-run around the law when it applied for top-secret warrants to intercept the communications of Canadians abroad, a Federal Court judge said Friday. CSIS assured Judge Richard Mosley the intercepts would be carried out from inside Canada, and controlled by Canadian government personnel, court records show. However, Canadian officials then asked for intercept help from foreign intelligence allies without telling the court. 'It is clear that the exercise of the court's warrant issuing has been used as protective cover for activities that it has not authorized,' Mosley wrote in redacted reasons."
Link to Original Source
Company offers scholarship to Dawson student who exposed security flaws
Walking The Walk (1003312) writes "The Dawson College computer science student who was expelled after discovering a security breach in a system used by students across Quebec has been offered a scholarship by the company behind the software.
"We will offer him a scholarship so he can finish his diploma in the private sector," said Edouard Taza, the president of Skytech.
Taza said he also reached out to Hamed Al-Khabaz, 20, and offered him a part-time job in information technology security."
Link to Original Source
Quantum measurements leave Schrödinger's cat alive
Walking The Walk (1003312) writes "Your co-workers who keep using Schrödinger's cat metaphor may need to find a new one. New Scientist reports that
by making constant but weak measurements of a quantum system, physicists have managed to probe a delicate quantum state without destroying it – the equivalent of taking a peek at Schrodinger's metaphorical cat without killing it. The result should make it easier to handle systems such as quantum computers that exploit the exotic properties of the quantum world.
Link to Original Source
Walking The Walk (1003312) writes "Jaycar Sunswift III broke the Transcontinental World Record today, by an incredible 3 days! As previously mentioned on slashdot, the UNSW Solar Racing Team started their 4000km journey across Australia 6 days ago. Cloudy weather the first two days couldn't slow them down, and they raced into Sydney in 5.5 days, surpassing the previous record of 8.5 days with ease. Several news agencies were on hand to meet the team on their triumphant arival. Read about the team's history and previous attempts on their site, www.sunswift.com"
Walking The Walk has no journal entries.