Slashdot

Subscribe to Slashdot feed Slashdot
News for nerds, stuff that matters
Updated: 2 hours 14 min ago

GNOME Project Seeks Donations For Trademark Battle With Groupon

Tue, 11/11/2014 - 13:53
Drinking Bleach writes Groupon has released a tablet-based point of sale system called Gnome, despite the well-known desktop environment's existence and trademark status. This is also not without Groupon's internal knowledge of the GNOME project; they were contacted about the infringement and flatly refused to change the name of their own product, in addition to filing many new trademark applications for theirs. The GNOME project is seeking donations to help them in a legal battle against these trademark applications, and to get Groupon to stop using their name. They are seeking at least $80,000 to challenge a first set of ten trademark applications from Groupon, out of 28 applications that have been filed.

Read more of this story at Slashdot.








Gridlock In Action: Retailers Demand New Regulations To Protect Consumers

Tue, 11/11/2014 - 13:12
chicksdaddy writes: How bad is the gridlock in Washington D.C.? So bad that the nation's retailers are calling for federal legislation on cyber security and data protection to protect consumer information — even though they would bear the brunt of whatever legislation is passed. The Security Ledger notes that groups representing many of the nation's retailers sent a letter (PDF) to Congressional leaders last week urging them to pass federal data protection legislation that sets clear rules for businesses serving consumers. "The recent spate of news stories about data security incidents raises concerns for all American consumers and for the businesses with which they frequently interact," the letter reads. "A single federal law applying to all breached entities would ensure clear, concise and consistent notices to all affected consumers regardless of where they live or where the breach occurs." Retailers would likely bear the brunt of a new federal data protection law. The motivation for pushing for one anyway may be simplicity. Currently, there are 47 different state-based security breach notification laws, as well as laws in the District of Columbia and Guam. There is broad, bi-partisan agreement on the need for a data breach and consumer protection law. However, small differences of opinion on its scope and provisions, exacerbated by political gridlock in Congress since 2010 have combined to stay the federal government's hand. Meanwhile, reader schwit1 points out that banks are now starting to demand that retailers pay for all the financial damage their security breaches cause.

Read more of this story at Slashdot.








How To End Online Harassment

Tue, 11/11/2014 - 10:15
Presto Vivace sends this excerpt from an article at the Kernel, titled 'With Gamergate, it's not enough to ignore the trolls.' Gendered bigotry against women is widely considered to be "in bounds" by Internet commenters (whether they openly acknowledge it or not), and subsequently a demographic that comprises half of the total human population has to worry about receiving rape threats, death threats, and the harassment of angry mobs simply for expressing their opinions. This needs to stop, and while it's impossible to prevent all forms of harassment from occurring online, we can start by creating a culture that shames individuals who cross the bounds of decency. We can start by stating the obvious: It is never appropriate to use slurs, metaphors, graphic negative imagery, or any other kind of language that plays on someone's gender, race/ethnicity, sexual orientation, or religion. Not only is such language inappropriate regardless of one's passion on a given subject, but any valid arguments that existed independently of such rhetoric should have been initially presented without it. Once a poster crosses this line, they should lose all credibility. Similarly, it is never acceptable to dox, harass, post nude pictures, or in any other way violate someone's privacy due to disagreement with their opinions. While most people would probably agree with this in theory, far too many are willing to access and distribute this humiliating (and often illegal) content. Instead of simply viewing stories of doxing, slut-shaming, and other forms of online intimidation as an unfortunate by-product of the digital age, we should boycott all sites that publish these materials.

Read more of this story at Slashdot.








German Spy Agency Seeks Millions To Monitor Social Networks

Tue, 11/11/2014 - 07:11
itwbennett writes: Germany's foreign intelligence agency reportedly wants to spend €300 million (about $375 million) in the next five years on technology that would let it spy in real time on social networks outside of Germany, and decrypt and monitor encrypted Internet traffic. The agency, which already spent €6.22 million in preparation for this online surveillance push, also wants to use the money to set up an early warning system for cyber attacks, the report said (Google translation of German original). A prototype is expected to be launched next June with the aim of monitoring publicly available data on Twitter and blogs.

Read more of this story at Slashdot.








Worrying Aspects of Linux Gaming

Tue, 11/11/2014 - 05:10
jones_supa writes: Former Valve engineer Rich Geldreich has written up a blog post about the state of Linux Gaming. It's an interesting read, that's for sure. When talking about recent bigger game ports, his take is that the developers doing these ports just aren't doing their best to optimize these releases for Linux and/or OpenGL. He points out how it took significant resources from Valve to properly optimize Source engine for Linux, but that other game studios are not walking the last mile. About drivers, he asks "Valve is still paying LunarG to find and fix silly perf bugs in Intel's slow open source driver. Surely this can't be a sustainable way of developing a working driver?" He ends his post by agreeing with a Slashdot comment where someone is basically saying that SteamOS is done, and that we will never get our hands on the Steam Controller.

Read more of this story at Slashdot.








Mozilla Updates Firefox With Forget Button, DuckDuckGo Search, and Ads

Tue, 11/11/2014 - 04:15
Krystalo writes: In addition to the debut of the Firefox Developer Edition, Mozilla today announced new features for its main Firefox browser. The company is launching a new Forget button in Firefox to help keep your browsing history private, adding DuckDuckGo as a search option, and rolling out its directory tiles advertising experiment.

Read more of this story at Slashdot.








Tor Project Mulls How Feds Took Down Hidden Websites

Tue, 11/11/2014 - 03:08
HughPickens.com writes: Jeremy Kirk writes at PC World that in the aftermath of U.S. and European law enforcement shutting down more than 400 websites (including Silk Road 2.0) which used technology that hides their true IP addresses, Tor users are asking: How did they locate the hidden services? "The first and most obvious explanation is that the operators of these hidden services failed to use adequate operational security," writes Andrew Lewman, the Tor project's executive director. For example, there are reports of one of the websites being infiltrated by undercover agents and one affidavit states various operational security errors." Another explanation is exploitation of common web bugs like SQL injections or RFIs (remote file inclusions). Many of those websites were likely quickly-coded e-shops with a big attack surface. Exploitable bugs in web applications are a common problem says Lewman adding that there are also ways to link transactions and deanonymize Bitcoin clients even if they use Tor. "Maybe the seized hidden services were running Bitcoin clients themselves and were victims of similar attacks." However the number of takedowns and the fact that Tor relays were seized could also mean that the Tor network was attacked to reveal the location of those hidden services. "Over the past few years, researchers have discovered various attacks on the Tor network. We've implemented some defenses against these attacks (PDF), but these defenses do not solve all known issues and there may even be attacks unknown to us." Another possible Tor attack vector could be the Guard Discovery attack. The guard node is the only node in the whole network that knows the actual IP address of the hidden service so if the attacker manages to compromise the guard node or somehow obtain access to it, she can launch a traffic confirmation attack to learn the identity of the hidden service. "We've been discussing various solutions to the guard discovery attack for the past many months but it's not an easy problem to fix properly. Help and feedback on the proposed designs is appreciated." According to Lewman, the task of hiding the location of low-latency web services is a very hard problem and we still don't know how to do it correctly. It seems that there are various issues that none of the current anonymous publishing designs have really solved. "In a way, it's even surprising that hidden services have survived so far. The attention they have received is minimal compared to their social value and compared to the size and determination of their adversaries."

Read more of this story at Slashdot.








The Strangeness of the Mars One Project

Tue, 11/11/2014 - 01:05
superboj sends an article written after its author investigated the Mars One Project for over a year. Even though 200,000 people have (supposedly) signed up as potential volunteers on a one-way trip to Mars, there are still frightfully few details about how the mission will be accomplished. From the article: [Astronaut Chris Hadfield] says that Mars One fails at even the most basic starting point of any manned space mission: If there are no specifications for the craft that will carry the crew, if you don’t know the very dimensions of the capsule they will be traveling in, you can’t begin to select the people who will be living and working inside of it. "I really counsel every single one of the people who is interested in Mars One, whenever they ask me about it, to start asking the hard questions now. I want to see the technical specifications of the vehicle that is orbiting Earth. I want to know: How does a space suit on Mars work? Show me how it is pressurized, and how it is cooled. What’s the glove design? None of that stuff can be bought off the rack. It does not exist. You can’t just go to SpaceMart and buy those things." The author concludes that the Mars One Project is "...at best, an amazingly hubristic fantasy: an absolute faith in the free market, in technology, in the media, in money, to be able to somehow, magically, do what thousands of highly qualified people in government agencies have so far not yet been able to do over decades of diligently trying, making slow headway through individually hard-won breakthroughs, working in relative anonymity pursuing their life’s work."

Read more of this story at Slashdot.








New Book Argues Automation Is Making Software Developers Less Capable

Tue, 11/11/2014 - 00:01
dcblogs writes: Nicholas Carr, who stirred up the tech world with his 2003 essay, IT Doesn't Matter in the Harvard Business Review, has published a new book, The Glass Cage, Automation and Us, that looks at the impact of automation of higher-level jobs. It examines the possibility that businesses are moving too quickly to automate white collar jobs. It also argues that the software profession's push to "to ease the strain of thinking is taking a toll on their own [developer] skills." In an interview, Carr was asked if software developers are becoming less capable. He said, "I think in many cases they are. Not in all cases. We see concerns — this is the kind of tricky balancing act that we always have to engage in when we automate — and the question is: Is the automation pushing people up to higher level of skills or is it turning them into machine operators or computer operators — people who end up de-skilled by the process and have less interesting work? I certainly think we see it in software programming itself. If you can look to integrated development environments, other automated tools, to automate tasks that you have already mastered, and that have thus become routine to you that can free up your time, [that] frees up your mental energy to think about harder problems. On the other hand, if we use automation to simply replace hard work, and therefore prevent you from fully mastering various levels of skills, it can actually have the opposite effect. Instead of lifting you up, it can establish a ceiling above which your mastery can't go because you're simply not practicing the fundamental skills that are required as kind of a baseline to jump to the next level."

Read more of this story at Slashdot.








Manslaughter Conviction Overturned For Scientists Who Didn't Predict Earthquake

Mon, 10/11/2014 - 23:55
Jason Koebler writes: Geologists who didn't warn a town about an impending earthquake are not murderers, an Italian appeals court ruled today. A 2012 decision that rocked the scientific world has been overturned, according to Italy's Repubblica newspapers and confirmed by other Italian outlets. In that decision, six prominent geologists and one government worker were convicted of manslaughter for failing to notify the town of L'Aquila of a 2009 earthquake that killed at least 309 people. The scientists were originally sentenced to six years in prison and were to pay more than $10 million in damages.

Read more of this story at Slashdot.








Pitivi Video Editor Surpasses 50% Crowdfunding Goal, Releases Version 0.94

Mon, 10/11/2014 - 23:13
kxra writes With the latest developments, Pitivi is proving to truly be a promising libre video editor for GNU distributions as well as a serious contender for bringing libre video production up to par with its proprietary counterparts. Since launching a beautifully well-organized crowdfunding campaign (as covered here previously), the team has raised over half of their 35,000 € goal to pay for full-time development and has entered "beta" status for version 1.0. They've released two versions, 0.94 (release notes) being the most recent, which have brought full MPEG-TS/AVCHD support, porting to Python 3, lots of UX improvements, and—of course—lots and lots of bug fixes. The next release (0.95) will run on top of Non Linear Engine, a refined and incredibly more robust backend Pitivi developers have produced to replace GNonLin and bring Pitivi closer to the rock-solid stability needed for the final 1.0 release.

Read more of this story at Slashdot.








The Disgruntled Guys Who Babysit Our Aging Nuclear Missiles

Mon, 10/11/2014 - 22:31
Lasrick writes This is a rather disturbing read about the troops who guard our nuclear weapons."'The Air Force has not kept its ICBMs manned or maintained properly,' says Bruce Blair, a former missileer and cofounder of the anti-nuclear group Global Zero. Nuclear bases that were once the military's crown jewels are now 'little orphanages that get scraps for dinner,' he says. And morale is abysmal. Blair's organization wants to eliminate nukes, but he argues that while we still have them, it's imperative that we invest in maintenance, training, and personnel to avoid catastrophe: An accident resulting from human error, he says, may be actually more likely today because the weapons are so unlikely to be used. Without the urgent sense of purpose the Cold War provided, the young men (and a handful of women) who work with the world's most dangerous weapons are left logging their 24-hour shifts under subpar conditions—with all the dangers that follow."

Read more of this story at Slashdot.








The Math Behind the Hipster Effect

Mon, 10/11/2014 - 22:10
rossgneumann writes If everyone always wants to look different than everybody else, everybody starts looking the same. At least, if you use a recently published mathematical model describing the phenomenon. "The hipster effect is this non-concerted emergent collective phenomenon of looking alike trying to look different," in the words of Jonathan Touboul, mathematical neuroscientist at the College de France in Paris.

Read more of this story at Slashdot.








US Postal Service Hacked, 500k+ Employees and Public Data Breached

Mon, 10/11/2014 - 21:48
An anonymous reader writes "The U.S. Postal Service has admitted that it has suffered a massive security breach, with the disclosure to hackers of the personal details of over 500,000 USPS workers, along with details supplied by members of the public when contacting Postal Service call centers between January and mid-August of 2014. The breach is a hard blow to the integrity and reputation of the USPS's internal security set-up, the Corporate Information Security Office (CISO). In 2012 CISO reports that it blocked 257 billion unauthorized attempts to access the USPS network, 66,734 attempts to distribute credit-card information, 1,278 attempts to reveal USPS-ordained credit-card transactions and 345,342 attempts to distribute social security numbers.

Read more of this story at Slashdot.








Book Review: Countdown To Zero Day

Mon, 10/11/2014 - 21:05
benrothke writes A word to describe the book Takedown: The Pursuit and Capture of Americas Most Wanted Computer Outlaw was hyperbole. While the general storyline from the 1996 book was accurate, filler was written that created the legend of Kevin Mitnick. This in turn makes the book a near work of historical fiction. Much has changed in nearly 20 years and Countdown to Zero Day: Stuxnet and the Launch of the Worlds First Digital Weapon has certainly upped the ante for accurate computer security journalism. The book is a fascinating read and author Kim Zetters attention to detail and accuracy is superb. In the inside cover of the book, Kevin Mitnick describes this as an ambitious, comprehensive and engrossing book. The irony is not lost in that Mitnick was dogged by misrepresentations in Markoff's book. Keep reading for the rest of Ben's review.

Read more of this story at Slashdot.








Pages