Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - Malaysian Police: VX nerve gas killed N Korea leader's brother in airport attack (reuters.com)

An anonymous reader writes: Malaysian police have announced their finding that Kim Jong Nam, half-brother of North Korean leader Kim Jon Un, was killed by assassins using VX nerve gas in an attack in the busy Kuala Lumpur airport. Malaysian authorities plan to decontaminate the airport and other sites visited by the attackers. Police are holding the two female attackers, one of whom was affected by the chemical agent, as well as two other men. They are seeking seven more North Koreans connected to the case. VX is the most toxic of the nerve gasses and the UN has declared it a weapon of mass destruction. The manufacture and stockpiling of more than 100 grams of VX per year is prohibited by the Chemical Weapons Convention of 1993. It has no commercial uses. The Malaysian police are trying to discover if it was smuggled into their country, or manufactured there. The Malaysian government has recalled its ambassador to North Korea for consultation. North Korea is blaming the death of Kim Jong Nam on Malaysia. North Korea is believed to have major stockpiles of chemical weapons, and is alleged to conduct experiments on prisoners and social undesirables.

Submission + - Software Vendor Who Hid Supply Chain Breach Outed (krebsonsecurity.com)

tsu doh nimh writes: Researchers at RSA released a startling report last week that detailed a so-called "supply chain" malware campaign that piggybacked on a popular piece of software used by system administrators at some of the nation's largest companies. This intrusion would probably not be that notable if the software vendor didn't have a long list of Fortune 500 customers, and if the attackers hadn't also compromised the company's update servers — essentially guaranteeing that customers who downloaded the software prior to the breach were infected as well. Incredibly, the report did not name the affected software, and the vendor in question has apparently chosen to bury its breach disclosure as a page inside of its site — not linking to it anywhere. Brian Krebs went and digged it up.

Submission + - Mozilla will deprecate XUL add-ons before the end of 2017 2

Artem Tashkinov writes: Mozilla has published a plan of add-ons deprecation in future Firefox releases. Firefox 53 will run in multi process mode by default for all users with some exceptions. Most add ons will continue to function, however certain add ons have already ceased to function because they don't expect multi user mode under the hood. Firefox 54-56 will introduce even more changes which will ultimately break even more addons. Firefox 57, which will be preliminarily released on the 28th of Novermber, 2017, will only run WebExtensions: which means no XUL (overlay) add ons, no bootstrapped extensions, no SDK extensions and no Embedded WebExtensions. In other words by this date the chromification of Firefox will have been completed. If you depend on XUL add ons your only choice past this date will be Pale Moon.

Submission + - India's Rocket Launcher PSLV Launches 104 satellites in one go ... (indiatimes.com)

pmadhan writes: Indian Space Research Organisation or ISRO today created a world record in the space arena by sending 104 satellites in a single rocket.

The space agency's trusted workhorse Polar Satellite Launch Vehicle PSLV-C37, on its 39th mission, took off in the morning, at 9.28 am, today, from Sriharikota space centre with the 104 satellites, of which 101 belongs to international customers.

Read more at:
http://economictimes.indiatime...

Submission + - Its time to have a talk about Slashdot technology 3

hackwrench writes: On top of not fixing the problems that Slashdot has. the new owners have added an annoying ad that persistently blocks actual usage on every load.
Slashdot also frequently launches users some distance into comments for no explicable reason.
It doesn't do Unicode.
The new interface is horrendous. Fortunately it can be switched off.
Features that used to be free are now subscription-only items.
Let's all hash it out. Not just technological issues but editorial grievances as well. And how many of us are on a moderation ban list for some long forgotten stupid reason?

Submission + - Report Finds PFAS Chemicals In One-Third Of Fast Food Packaging (cnn.com)

dryriver writes: Most of the time, when you order fast food, you know exactly what you're getting: an inexpensive meal that tastes great but is probably loaded with fat, cholesterol and sodium. But it turns out that the packaging your food comes in could also have a negative impact on your health, according to a report published Wednesday in the journal Environmental Science & Technology Letters. The report found fluorinated chemicals in one-third of the fast food packaging researchers tested. These chemicals are favored for their grease-repellent properties. Along with their use in the fast food industry, fluorinated chemicals — sometimes called PFASs — are used "to give water-repellant, stain-resistant, and non-stick properties to consumer products such as furniture, carpets, outdoor gear, clothing, cosmetics (and) cookware," according to a news release that accompanied the report. "The most studied of these substances (PFOSs and PFOAs) has been linked to kidney and testicular cancer, elevated cholesterol, decreased fertility, thyroid problems and changes in hormone functioning, as well as adverse developmental effects and decreased immune response in children."

Submission + - LibreOffice 5.3 Officially Released

prisoninmate writes: The Document Foundation, a non-profit organization established to promote and advance the development of the open-source LibreOffice office suite, announced the general availability of LibreOffice 5.3. Probably the most important feature of LibreOffice 5.3 is its new user-friendly and flexible user interface concept called MUFFIN (My User Friendly & Flexible INterface), which many reported last year as a Microsoft Office-like Ribbon UI. In fact, the tasty new UI concept is a "personal" user interface capable of adapting to your needs and the device's screen you're currently using for editing LibreOffice documents.

While still experimental, MUFFIN is the big LibreOffice interface change that users requested for so long, providing a total of four different UI styles that will change depending on whether you're deploying the office suite on a laptop or desktop computer. These include the default look with toolbars, the Single Toolbar UI, the Sidebar UI with a Single Toolbar, and a new Notebook Bar UI. The LibreOffice Writer received a new "Go to Page" dialog so you can easily jump to another page of a lengthy document. Table Styles have been implemented as well with support for importing and exporting ODF table styles. New Arrows toolbox provides a bunch of drawing tools that were previously available only for LibreOffice Draw and Impress, borderless padding is now displayed by default, and you can now set the small capitals character property.

Submission + - 16 Years Of GPS Space Weather Data Made Publicly Available

An anonymous reader writes: Over 16 years of GPS space weather data has been released to the public for the first time, in a bid to help boost understanding around radiation threats to Earth’s satellites, communications networks, and aircraft. The ‘unprecedented’ collection of data, released by the Los Alamos National Laboratory, comes from space weather sensors onboard Global Positioning System (GPS) satellites, which measure charged particles in Earth’s magnetic field. The detailed measurements are expected to provide an invaluable resource for space weather research and for understanding how best to protect our critical infrastructure. Prior to the public release, GPS data has long remained a U.S. military asset, with a “general hesitancy to broadcast even fairly innocuous things out to the broad community.”

Submission + - Ransomware Locks Guests Out of Their Rooms at Austrian Hotel (bleepingcomputer.com)

An anonymous reader writes: A ransomware infection has locked guests out of their rooms at Romantik Seehotel Jägerwirt, a four-star hotel in the Austrian Alps, on the lip of the Turracher Höhe mountain lake. The incident took place earlier this month and hit the computer managing the hotel's electronic key lock system, reservation system and the cash desk system. As a result, hotel guests were locked out of their rooms, as the key lock system wouldn't open doors, new keys couldn't be issued, and new arrivals couldn't be confirmed as guests.

Despite other English media reports, hotel guests **were not locked in their rooms** since fire code regulations dictate that all electronic locks open manually from the inside. According to the hotel manager, all the hotel's 180 guests were on the ski slopes and were locked out of their rooms when they returned (local Austrian media reports 1, 2). The hotel opted to pay the €1500 ransom to unlock their computers.

Submission + - SPAM: Trump executive order prompts Google to recall staff

AmiMoJo writes: Google has recalled travelling staff members to the US after an executive order from President Donald Trump restricting entry for nationals of seven Muslim-majority countries. Google has told the BBC it is concerned about the order and any measures which could block great talent from the US. There have already been reports of "green card" holders, who are allowed to work in the US, being prevented from getting on flights.
Link to Original Source

Submission + - Trump Wasn't Wrong To Secure @POTUS with a Gmail Account (securityledger.com)

chicksdaddy writes: The world is having a collective freak out about the serial (https://www.nytimes.com/2017/01/25/technology/donald-trump-phone-social-media-security.html?_r=0) security lapses (https://www.rt.com/usa/375109-trump-administration-private-server-rnc/) of the newly enshrined Trump administration. That includes the revelation, this week, that the Leader of the Free World is using a lowly Google Gmail account to secure @POTUS, the official Twitter account of the U.S.’s Chief Executive. (https://theintercept.com/2017/01/26/donald-trump-is-using-a-private-gmail-account-to-secure-the-most-powerful-twitter-account-in-the-world/)

For a President and Administration as unconventional as Mr. Trump, the news about how The Most Powerful Twitter Account in the World was being secured was just another data point in a raucous and singularly unprofessional first week in office – the online equivalent of trash talking the United States’ second largest trading partner. (https://www.nytimes.com/2017/01/26/us/politics/mexico-wall-tax-trump.html)

But is having the Chief Executive’s Twitter account secured by a Google Gmail account really a security lapse? Not necessarily, according to security experts. In fact, Gmail may offer superior security to government-run platforms, The Security Ledger argues. (https://securityledger.com/2017/01/trump-securing-potus-with-gmail-is-reasonable-heres-why/)

“Companies like Google and Microsoft have invested billions of dollars in securing their infrastructure,” said John Ackerly, the CEO at the firm Virtru, a secure email provider. “If want your data to be secure, it’s tough to beat Google, Microsoft or Amazon’s cloud,” he said.

Indeed, Gmail offers a wide range back-end and front end security features that make it among the most difficult platforms to compromise – providing users take advantage of those features. Among them: detection of nation-state attacks, protection against account takeovers, strong encryption for all Gmail data both at rest and in transit, and the availability of strong second-factor authentication options such token based authentication and soft second factors like SMS codes and Google Authenticator.

In contrast, the U.S. government has struggled to secure its own IT assets. In fact, a report by GAO in 2015 listed “personal identity verification” (http://www.gao.gov/assets/680/670936.pdf) as a top cyber security challenge for government agencies. By GAO’s accounting, only 41 percent of user accounts at 23 civilian agencies had required these credentials for accessing agency systems.

Submission + - Customer Feedback Surveys Considered Harmful (easydns.org)

Stunt Pope writes: Customer Feedback surveys are now near-ubiquitous, subjecting us all to near-Black Mirror-esque pursuit to "rate your experience" for everything from going to the bank to ordering a pizza.

Thanks to The Curse of Goodhart's Law, all of these surveys are beyond useless and even damaging.

Comment Slashdot editing (Score 4, Insightful) 147

Yet again, up to the readers to do the job of the editors for them. How fast exactly is Ultra-Fast? Here is an extract from the New Zealand UFB page which also makes it clear that it is a replacement of existing ADSL with FTTH.

In particular UFB upload speeds are typically at between 10-50 times faster than ADSL’s average 1MB/s upload.

The most popular offerings (utilising GPON technology) are currently:

– 30Mb/s download, 10Mb/s upload
– 100Mb/s download, 50Mb/s upload

Businesses and other organisations are able to purchase P2P (Point-to-Point) UFB fibre connections of up to 1Gigabit/s (1000Mb/s).

Editors - get a clue.When you take news articles from all sorts of publications and present them to a largely homogenous readership, you can put in a little bit of additional effort to account for any assumptions the original sources may have made about their readers. Do not teach the slashdot crowd what JavaScript is. Do not assume everybody reading this story on Slashdot is from New Zealand and knows details of what UFB is.

Submission + - Over a third of Android VPN apps available on Google Play found to be malicious (ibtimes.co.uk)

drunkdrone writes: In a study of 283 Android VPN apps by Australia's Commonwealth Scientific and Industrial Research Organisation (CSIRO), alongside researchers from the University of South Wales and UC Berkeley in the US, more than a third (38%) contained malware or malvertising designed to harm users' smartphones or track their activity. At the same time, approximately one in five apps did not even encrypt internet traffic – the basic function of a VPN – while over eight in 10 were found be leaking user data.

The researchers were able to analyse the security – or lack thereof – of each VPN by downloading tools that enabled them to reverse-engineer Android application package (APK) used in each app. This allowed them to analyse each app's source code and Android Manifest file, which identifies core information about an app including the access permissions they require from users.

Each VPN was then given an anti-virus (AV) rank based on the findings, with a lower number being better. While some of the security flaws were identified as being caused by lack of support from Android or poor design, a number of apps "deliberately sought to collect personal user information that could then be sold on to external partners", according to CSIRO.

Slashdot Top Deals

I just need enough to tide me over until I need more. -- Bill Hoest

Working...