Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Skilled Foreign Workers Treated as Indentured Servants

operator_error Re:Was pretty obvious (270 comments)

The LA Times has recently covered how Electronics For Imaging (EFI) clearly underpaid Indian immigrant laborers. $1.21 an hour in Silicon Valley, 122 hours in a week, and no overtime. Thank goodness EFI got caught!

http://www.latimes.com/busines...

Still, I don't think the non-IT general public knows an industry called IT *labor* even exists. Except for the Obama-care website snafu that is. (Maybe in Oregon, the folks there know about Oracle Corp. by now) Millions of iPhones are begging for greater robotic assemblies, because those gizmos don't build themselves, and it'll happen.

yesterday
top

U.K. Supermarkets Beta Test Full-Body 3D Scanners For Selfie Figurines

operator_error Re:And in other marketing opportunities (165 comments)

Where do you think Skynet will be sourcing its replicants from? C'mon, look at the timeline and start to do the math, then all this makes perfect sense.

about a week ago
top

BitTorrent Performance Test: Sync Is Faster Than Google Drive, OneDrive, Dropbox

operator_error Re:Is it open source yet? (124 comments)

For my workgroup/use-case we looked into Syncthing/Pulse and ruled it out because another requirement of ours is read-only sharing/distribution. So far, we're still stuck using the official Bit-Torrent Sync. In other words, so far, given our long list of fairly strict requirements, Bit-Torrent Sync sucks less then everything else.

I'm hoping git annex assistant will pass testing once I get to it. We're trying to distribute files using wifi at open-source conferences, using some kind of LAN technology, since we tend to quickly congest conference wireless/hardware facilities, and can't reliably work with an outside server. In our experience so far, Bit-Torrent Sync sucks less then everything else we've tried.

about a week ago
top

BitTorrent Performance Test: Sync Is Faster Than Google Drive, OneDrive, Dropbox

operator_error Re:Is it open source yet? (124 comments)

Here's an 'unofficial' open-source bit-sync client:
www.yeasoft.com/site/projects:btsync-deb:btsync-server

It doesn't install on .rpm based distros so far as I can tell. I have a use-case that calls for drop-dead-easy cross-platform sync, and I'm leaning towards using git-annex assistant, but haven't had time to thoroughly test it yet.

about a week ago
top

Microsoft Gearing Up To Release a Smartwatch of Its Own

operator_error Re:I can already see it (172 comments)

But what would that possibly accomplish? Or right, it can run Windows.

A few weekends ago I read about someone that can bootup Windows 95 on their smartwatch.

http://arstechnica.com/gadgets...

about two weeks ago
top

Ubuntu Turns 10

operator_error Gnome3 FTW! (110 comments)

Agreed. Gnome3 user here; and I like it! Me no likes Unity; although I can start to see how I might use it, due to recent evolutions.

Also FWIW, every single non-techie, former Windows XP refugee I've turned onto Ubuntu Gnome3 likes Gnome3/Ubuntu also. They tell me they can't believe they used to live that way.

about two weeks ago
top

The Largest Ship In the World Is Being Built In Korea

operator_error That boat is bigger than Larry's! (275 comments)

Larry Ellison doesn't have a boat that comes close to that. C'mon Larry, you're losing your Mojo dude! And its made in Korea!

Of course his (Russian) Mig29 could probably sink it.

What's it gonna be Larry? Are you gonna kick ass or chew gum?

about two weeks ago
top

iFixit Tears Apart Apple's Shiny New Retina iMac

operator_error Re:Mac Mini (109 comments)

Ummmm, err VMware on Intel CPUs, all the way. And LMGFTY.com is your friend.

about two weeks ago
top

iFixit Tears Apart Apple's Shiny New Retina iMac

operator_error Re:Mac Mini (109 comments)

You must be doing it wrong. VMware, all the way.

about two weeks ago
top

NSA CTO Patrick Dowd Moonlighting For Private Security Firm

operator_error Re:Conflict of interest is just what they do (83 comments)

Retiring and getting millions funneled into your pockets is far more lucrative than being promoted a rank.

The converse is also true. It simply isn't possible to enlist in the service past 39-42 years of age. Also, never underestimate the power of attrition. Now that you now, profit(!), right? God Bless America.

But seriously, think about the *many* that have truly made sacrifices for the entire country.

about two weeks ago
top

"Double Irish" Tax Loophole Used By US Companies To Be Closed

operator_error Re:Why..... (259 comments)

...while companies are given a huge incentive to reinvest their profits outside America.

So true! Where did the 8 or 9 Billion dollars Microsoft used to buy Skype came from? Or the 3 billion Microsoft used to buy Nokia with? Or the 1.5 billion Google used to buy their London District HQ?

about two weeks ago
top

Windows Flaw Allowed Hackers To Spy On NATO, Ukraine, Others

operator_error Re:Sensationalize much? (97 comments)

So where did the "five year" timeline come from?

From TFA

iSight is not the first to spot the attackers in the wild. Other security firms, including F-Secure in Finland, have uncovered victims over the years. But iSight was able to tie various attacks together to expose commonalities in the five-year campaign. It was encoded references to Dune—which appear in URLs for the attackers’ command-and-control servers—that helped tie some of the attacks together. The URLs include base64 strings that when decoded translate to “arrakis02,” “houseatreides94,” and “epsiloneridani0,” among others.

“Some of the references were very obscure so whoever was writing the malware was a big Dune geek,” says John Hultquist, senior manager for iSight’s Cyber Espionage Threat Intelligence team.

about two weeks ago
top

WhatsApp's Next Version To Include VoIP Calls and Recording

operator_error Meeting The Masses (65 comments)

First, what does the image of sexy exposed mud wrestlers below the text of TFA have to do with Whatsapp or VOIP technology?

Second, all Whatsapp is doing is making existing voip recording technology more mainstream and accessible. Anyone with an Atsterisk/FreePBX server can already do this, but of course that server stuff is not as mainstream as the Whatsapp client. Corporate call centers obviously use this technology every day, and use the disclaimer recorded greeting you must first listen to, before your call can advance in the queue. "This call may be monitored for training purposes" At that point, it is a good idea to also start recording the call on your own, and you're certainly free to do so. *IF* Whatsapp extended beyond its walled garden, this tool would give the plebes a means to record the call centers I've just described.

Third, the Whatsapp Corporation shits on their developers, so watch out. But you knew it is part of Facebook now already, so you weren't expecting much.

about two weeks ago
top

Four Dutch Uberpop Taxi Drivers Arrested, Fined

operator_error Re:Getting tired of this shit (282 comments)

Uber said it will pay all fines forced upon its drivers by the authorities. Meanwhile the government said it will greatly increase the fines for multiple offenses by these same drivers, should they occur. I am with the government here, and welcome such regulation, as opposed to Uber's 'rating system' for driver's, or whatever Uber calls it.

Full disclosure, I'm a bicyclist and a pedestrian, and I feel threatened lately with the increase of in-car gizmos, and I believe only government will help people like me, except when it doesn't.

about two weeks ago
top

Snowden's Tough Advice For Guarding Privacy

operator_error Re:Taking it a step further (210 comments)

This is an interesting premise, especially for I.T. workers. For everyone else, there's enough computer illiteracy and lack of access, (and apathy) that such a diversion isn't necessary. I think you can also draw a sort of curve, given to the age of people and what is expected of them in terms of computer literacy. That age curve also provides a relative form of plausible deniability. But IT workers are screwed in this way.

about three weeks ago
top

Flash IDE Can Now Reach Non-Flash Targets (Including Open Source)

operator_error Is this OSX only? Does it run on Linux (57 comments)

It looks like Adobe is trying sell tools, which is fair enough. Adobe Cloud is req'd. Does it run on Linux? The most detailed spec I could gather is:

The Architecture, MAC-friendliness, and the Boost (a la NOS!)

Flash Pro CC is a comprehensively refactored, modular, 64-bit application. During the course of this release, the entire code-base was refreshed to turn Flash Pro in to a native cocoa application.

I'm not talking about what OS the tool outputs to, what OS is required to run this hot new IDE from Adobe? Or is this one of these things that'll run in Chrome OS maybe, and be cross platform that way?

about three weeks ago
top

London Unveils New Driverless Subway Trains

operator_error Re:Well... (127 comments)

Have you any idea what percentage of the Tube's budget is allocated just to keep the underground from flooding; a rather large unseen yet vital issue? Have you any idea what percentage of the UK's GDP might be affected by such a breach in the underground transport system?

I believe at least 1/3 of the budget is used for flood control, although I welcome fact checkers' efforts.

Last I heard, 16% of the UK's GDP was the financial sector of London.

about three weeks ago
top

London Unveils New Driverless Subway Trains

operator_error Re:Well... (127 comments)

I RTFA, and London isn't getting them until 2020. And that does *not* include the Northern (i.e. Misery) Line. Progressive? More like, its about %$#@! time.

about three weeks ago
top

NASA Finds a Delaware-Sized Methane "Hot Spot" In the Southwest

operator_error Re:Relative sizes (213 comments)

Can you possibly even imagine how many Libraries of Congress this newly discovered methane hotspot equates to?

about three weeks ago
top

US Copyright Czar Cozied Up To Content Industry

operator_error Re:This is Fucked (162 comments)

America has the best government money can buy.

about 3 years ago

Submissions

top

OwnCloud Developer requests removal from Ubuntu repos: multiple vulnerabilities

operator_error operator_error writes  |  5 days ago

operator_error (1363139) writes "ownCloud developer Lukas Reschke has sent an email to the Ubuntu Devel mailing list, requesting that ownCloud (server) is removed from the Ubuntu repositories because the package is old and there are multiple critical security bugs for which no fixes have been backported. He adds that:

        "Those security bugs allows an unauthenticated attacker to gain complete control about the web server process".

However, packages can't be removed from the Ubuntu repositories for an Ubuntu version that was already released, that's why the package was removed from Ubuntu 14.10 (2 days before its release) but it's still available in the Ubuntu 14.04 and 12.04 repositories (ownCloud 6.0.1 for Ubuntu 14.04 and ownCloud 5.0.4 for Ubuntu 12.04, while the latest ownCloud version is 7.0.2).

Furthermore, the ownCloud package is in the universe repository and software in this repository "WILL NOT receive any review or updates from the Ubuntu security team" (you should see this if you take a look at your /etc/apt/sources.list file) so it's up to someone from the Ubuntu community to step up and fix it. "If nobody does that, then it unfortunately stays the way it is", says Marc Deslauriers, Security Tech Lead at Canonical.

You can follow the discussion @ Ubuntu Devel mailing list.

So, until (if) someone fixes this, if you're using ownCloud from the Ubuntu repositories, you should either remove it or upgrade to the latest ownCloud from its official repository, hosted by the openSUSE Build Service"

Link to Original Source
top

Studies Conclude Hands-free-calling & Apple Siri Distract Drivers

operator_error operator_error writes  |  about three weeks ago

operator_error (1363139) writes "In many cars, making a hands-free phone call can be more distracting than picking up your phone, according to a new study from AAA and the University of Utah.

In-dash phone systems are overly complicated and prone to errors, the study found, and the same is true for voice-activated functions for music and navigation.

A companion study also found that trying to use Siri — the voice control system on Apple phones — while driving was dangerously distracting. Two participants in the study had virtual crashes in an automotive simulator while attempting to use Siri, the study's authors reported.

In response, Toyota said the study did not show a link between cognitive distraction and car crashes.

"The results actually tell us very little about the relative benefits of in-vehicle versus hand-held systems; or about the relationship between cognitive load and crash risks," said Mike Michels, a Toyota spokesman."

Link to Original Source
top

"Shellshock" may be partially patched, but it's still highly dangerous

operator_error operator_error writes  |  about a month ago

operator_error (1363139) writes "David A. Wheeler, a computer scientist who is an acknowledged expert in developing secure open-source code, posted a message to the Open Source Software Security (oss-sec) list this evening urging more changes to the bash code. And other developers have found that the current patch still has vulnerabilities similar to the original one, where an attacker could store malicious data in a variable named the same thing as frequently run commands. Norihiro Tanaka, a Japanese open-source developer, noted the problem in an e-mail to the bug-bash list today. By using an environmental variable called cat—the same name as a Unix utility that can concatenate files—he was able to bypass the fixes in the latest bash patch and pass through executable commands. Wheeler noted this vulnerability as well, in an email to both oss-sec and the bug bash list:

I appreciate the effort made in patch bash43-026, but this patch doesn't even BEGIN to solve the underlying shellshock problem. This patch just continues the "whack-a-mole" job of fixing parsing errors that began with the first patch. Bash's parser is certain have many many many other vulnerabilities; it was never designed to be security-relevant. John Haxby recently posted that "A friend of mine said this could be a vulnerability gift that keeps on giving.” Bash will be a continuous rich source of system vulnerabilities until it STOPS automatically parsing normal environment variables; all other shells just pass them through! I've turned off several websites I control because I have *no* confidence that the current official bash patches actually stop anyone, and I am deliberately *not* buying products online today for the same reason. I suspect others have done the same. I think it's important that bash change its semantics so that it "obviously has absolutely no problems of this kind".

In other words, “Shellshock” may be partially patched, but it’s still highly dangerous on systems that might use bash to pass information to the operating system or to launch other software. And it may take a significant change to fix the code."
Link to Original Source

top

Nokia announces MeeGo 1.2 for Developers w/ N900

operator_error operator_error writes  |  more than 3 years ago

operator_error (1363139) writes "Jukka Eklund at Nokia writes to the Meego Dev list: "I am thrilled to announce a little thing we started at Nokia. Basically we want to have MeeGo running in N900 device, so that it's really usable as your daily development device. Basic Handset UX should work, phone calls, SMS, web browsing. So we are concentrating on a few selected features and polish those to be "perfect". It might mean that we leave out some things in MeeGo 1.2 trunk for this edition, but that is not the default intention.

We are doing this fully on the open, and I hope this is an interesting project where we all in the community work towards the same goal: have a great MeeGo edition in the N900. This work is naturally based on the great work done already by N900 adaptation team lead by Harri and Carsten.

The wiki is up here: http://wiki.meego.com/ARM/N900/DeveloperEdition. It will populated with more information as we go, thanks for the patience.

Br,
Jukka
Developer Edition product manager" ...Also folks, be sure to stay tuned for the new Nokia N950 meant only as a (likely) unsubsidized Developer's hardware refresh of the N900. Only rumor has it that it will not arrive with a slide-out keyboard. How important is having a N900-style keyboard to you, along with the new Meego Love Nokia software continues to offer?"

Link to Original Source

Journals

operator_error has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?