Slashdot

Subscribe to Slashdot feed Slashdot
News for nerds, stuff that matters
Updated: 20 hours 55 min ago

Project Zero Exploits 'Unexploitable' Glibc Bug

Wed, 27/08/2014 - 00:29
NotInHere (3654617) writes with news that Google's Project Zero has been busy at work. A month ago they reported an off-by-one error in glibc that would overwrite a word on the heap with NUL and were met with skepticism at its ability to be used in an attack. Google's 'Project Zero' devised an exploit of the out-of-bounds NUL write in glibc to gain root access using the setuid binary pkexec in order to convince skeptical glibc developers. 44 days after being reported, the bug has been fixed. They even managed to defeat address space randomization on 32-bit platforms by tweaking ulimits. 64-bit systems should remain safe if they are using address space randomization.

Read more of this story at Slashdot.








Project Zero Explots 'Unexploitable' Glibc Bug

Wed, 27/08/2014 - 00:29
NotInHere (3654617) writes with news that Google's Project Zero has been busy at work. A month ago they reported an off-by-one error in glibc that would overwrite a word on the heap with NUL and were met with skepticism at its ability to be used in an attack. Google's 'Project Zero' devised an exploit of the out-of-bounds NUL write in glibc to gain root access using the setuid binary pkexec in order to convince skeptical glibc developers. 44 days after being reported, the bug has been fixed. They even managed to defeat address space randomization on 32-bit platforms by tweaking ulimits. 64-bit systems should remain safe if they are using address space randomization.

Read more of this story at Slashdot.








California DMV Told Google Cars Still Need Steering Wheels

Tue, 26/08/2014 - 18:12
cartechboy writes Google showed us what it feels is the car of the future. It drives itself, it doesn't have a gas or brake pedal, and there's no steering wheel. But that last one might be an issue. Back in May California's Department of Motor Vehicles published safety guidelines aimed at manufacturers of self-driving vehicles. After seeing Google's self-driving car vision, the California DMV has told the company it needs to add all those things back to their traditional locations so that occupants can take "immediate physical control" of the vehicle if necessary. Don't for a second think this is a major setback for Google, as the prototypes unveiled weren't even close to production ready. While the DMV may loosen some of these restrictions in the future as well all become more comfortable with the idea of self-driving vehicles, there's no question when it comes down to the safety of those on the road.

Read more of this story at Slashdot.








TechCentral Scams Call Center Scammers

Tue, 26/08/2014 - 17:31
An anonymous reader writes "At TechCentral, we get on average called at least once a week — sometimes far more often — by a friendly sounding Indian national warning us that our Windows computer is infected with a virus. The call, which originates from a call centre, follows exactly the same script every time. Usually we shrug them off and put the phone down, but this week we thought we'd humour them to find out how they operate. As this week's call came in, the first thing the "operator" at the other end of the line tried to establish was who was owner of the Windows computer in the household. I'd taken the call. It was time to have some fun. I told the scammer that I was the PC owner. He proceeded to introduce himself as "John Connor." I laughed quietly as I imagined Arnold Schwarzenegger's Terminator hunting down this scamster in the streets of Calcutta. Perhaps he should have come up with a more convincing name."

Read more of this story at Slashdot.








IBM Gearing Up Mega Power 8 Servers For October Launch

Tue, 26/08/2014 - 16:49
darthcamaro (735685) writes "Now that IBM has sold off its x86 server business to Lenovo, it's full steam ahead for IBM's Power business. While Intel is ramping up its next generation of server silicon for a September launch, IBM has its next lineup of Power 8 servers set to be announced in October. "There is a larger than 4U, 2 socket system coming out," Doug Balog, General Manager of Power Systems within IBM's System and Technology Group said. Can IBM Power 8 actually take on x86? Or has that ship already sailed?" At last weekend's Linux Con in Chicago, IBM talked up the availability of the Power systems, and that they are working with several Linux vendors, including recently-added Ubuntu; watch for a video interview with Balog on how he's helping spend the billion dollars that IBM pledged last year on open source development.

Read more of this story at Slashdot.








A Horrifying Interactive Map of Global Internet Censorship

Tue, 26/08/2014 - 16:03
An anonymous reader writes "Imagine a world where the book burners had won. A world where information is filtered and must be approved by governments before it can be accessed by their citizens. A world where people are held down and kept in line by oppressive regimes that restrict the free flow of information and bombard citizens with government-approved messages. Now stop imagining, because this horrifying world already exists..."

Read more of this story at Slashdot.








New Windows Coming In Late September -- But Which One?

Tue, 26/08/2014 - 15:07
snydeq (1272828) writes "Nobody seems to know for sure whether 'Threshold' and 'Windows 9' will be one and the same or separate operating systems, reports Woody Leonhard in his roundup of insights on Microsoft's forthcoming OS plans, expected September 30. 'Many people think the terms are synonymous, but longtime Chinese leaker Faikee continues to maintain that they are two separate products, possibly headed in different directions. Neowin Senior Editor and Columnist Brad Sams appears to have access to the most recent test builds, possibly on a daily basis. He doesn't talk about details, but the items he's let drop on the Neowin forum leave an interesting trail of crumbs.' Either way, the next iteration of Windows will have a lot to say about the kind of Microsoft to expect as Satya Nadella cements his leadership over the flagship OS."

Read more of this story at Slashdot.








Early Bitcoin User Interviewed By Federal Officers

Tue, 26/08/2014 - 08:18
MrBingoBoingo (3481277) writes Recently a Bitcoin user reports being interviewed over their past use of a now defuct exchange service by agents from the FBI and Treasury Department. This encounter raises concerns that earlier Bitcoin users who entered the space inocuously and without ties to Dark Markets or The Silk Road might need to prepare for Law Enforcement questioning about their early Bitcoin related activities.

Read more of this story at Slashdot.








Predictive Modeling To Increase Responsivity of Streamed Games

Tue, 26/08/2014 - 04:54
jones_supa (887896) writes Streaming game services always bump up against a hard latency limit based on the total round-trip time it takes to send user input to a remote server and receive a frame of game data from that server. To alleviate the situation, Microsoft Research has been developing a system called DeLorean (whitepaper) using predictive modeling to improve the experienced responsiveness of a game. By analyzing previous inputs in a Markov chain, DeLorean tries to predict the most likely choices for the user's next input and then generates speculative frames that fit those inputs and sends them back to the user. The caveat is that sending those extra predictive frames and information does add a bandwidth overhead of anywhere from 1.5 to 4 times that of a normal streaming game client. During testing the benefits were apparent, though. Even when the actual round-trip time between input and server response was 256 ms, double-blind testers reported both the gameplay responsiveness and graphical quality of the DeLorean system were comparable to a locally played version of the game.

Read more of this story at Slashdot.








Why Do Humans Grow Up So Slowly? Blame the Brain

Tue, 26/08/2014 - 03:03
sciencehabit (1205606) writes Humans are late bloomers when compared with other primates — they spend almost twice as long in childhood and adolescence as chimps, gibbons, or macaques do. But why? One widely accepted but hard-to-test theory is that children's brains consume so much energy that they divert glucose from the rest of the body, slowing growth. Now, a clever study of glucose uptake and body growth in children confirms this 'expensive tissue' hypothesis.

Read more of this story at Slashdot.








Linux 3.17-rc2 Release Marks 23 Years of the Linux Kernel

Tue, 26/08/2014 - 01:01
An anonymous reader writes Linus Torvalds released Linux 3.17-rc2 today in commemoration of the 23rd anniversary of the original kernel announcement. It was on 25 August 1991 that he announced his new OS project to the Minix users list.

Read more of this story at Slashdot.








Whole Organ Grown In Animal For First Time

Mon, 25/08/2014 - 21:20
An anonymous reader writes British scientists have produced the first working organ grown from scratch in a living animal. Reprogrammed cells created in a lab were used in a mouse to produce a thymus. The organ was created using connective tissue cells from a mouse embryo and were converted into a different cell strain by changing a genetic switch in their DNA. The resulting cells grew into the whole organ after being injected. It has only been tested on mice so far, but researchers at Edinburgh University say that within a decade the procedure could be effective and safe enough for humans. The findings were published in Nature Cell Biology.

Read more of this story at Slashdot.








Is Dong Nguyen Trolling Gamers With "Swing Copters"?

Mon, 25/08/2014 - 20:37
Nerval's Lobster writes Given its extreme difficulty, it's tempting to think that the new Swing Copters is Dong Nguyen's attempt at a joke (You thought 'Flappy Bird' was hard? Check this out!), or maybe even a meta-comment on the emerging "masocore" gaming category. Or maybe he just wanted to make another game, and the idea of an ultra-difficult one appealed. Whatever the case, Nguyen can rely on the enduring popularity of Flappy Bird to propel Swing Copters to the top of the Google and iOS charts. But his games' popularity illuminates a rough issue for developers of popular (or even just semi-popular) apps everywhere: how do you deal with all the copycats flooding the world's app stores? Although Google and Apple boast that their respective app stores feature hundreds of thousands of apps, sometimes it seems as if most of those apps are crude imitations of other apps. The perpetual fear among app developers is that they'll score a modest hit—only to see their years of hard work undermined by someone who cobbles together a clone in a matter of weeks or days. If Apple and Google want to make things friendlier out there for developers, they might consider stricter enforcement policies for the blatant rip-offs filling their digital storefronts.

Read more of this story at Slashdot.








Choose Your Side On the Linux Divide

Mon, 25/08/2014 - 19:54
snydeq writes The battle over systemd exposes a fundamental gap between the old Unix guard and a new guard of Linux developers and admins, writes Deep End's Paul Venezia. "Last week I posted about the schism brewing over systemd and the curiously fast adoption of this massive change to many Linux distributions. If there's one thing that systemd does extremely well, it is to spark heated discussions that devolve into wild, teeth-gnashing rants from both sides. Clearly, systemd is a polarizing subject. If nothing else, that very fact should give one pause. Fundamental changes in the structure of most Linux distributions should not be met with such fervent opposition. It indicates that no matter how reasonable a change may seem, if enough established and learned folks disagree with the change, then perhaps it bears further inspection before going to production. Clearly, that hasn't happened with systemd."

Read more of this story at Slashdot.








Princeton Nuclear Fusion Reactor Will Run Again

Mon, 25/08/2014 - 13:48
mdsolar writes with good news for the National Spherical Torus Experiment. Tucked away from major roadways and nestled amid more than 80 acres of forest sits a massive warehouse-like building where inside, a device that can produce temperatures hotter than the sun has sat cold and quiet for more than two years. But the wait is almost over for the nuclear fusion reactor to get back up and running at the Princeton Plasma Physics Laboratory. "We're very excited and we're all anxious to turn that machine back on," said Adam Cohen, deputy director for operations at PPPL. The National Spherical Torus Experiment (NSTX) has been shut down since 2012 as it underwent a $94 million upgrade that will make it what officials say will be the most powerful fusion facility of its kind in the world. It is expected to be ready for operations in late winter or early spring, Cohen said.

Read more of this story at Slashdot.








Dropbox Caught Between Warring Giants Amazon and Google

Mon, 25/08/2014 - 03:05
An anonymous reader writes: Google and Amazon are both aggressively pursuing the cloud storage market, constantly increasing available storage space and constantly dropping prices. On its face, this looks great for the consumer — competition is a wonderful thing. Unfortunately, many smaller companies like Box, Dropbox, and Hightail simply aren't able to run their services at a loss like the giants can. Dropbox's Aaron Levie said, "These guys will drive prices to zero. You do not want to wait for Google or Amazon to keep cutting prices on you. 'Free' is not a business model." The result is that the smaller companies are pivoting to win market share, relying on specific submarkets or stronger feature sets rather than available space or price. "Box is trying to cater to special data storage needs, like digital versions of X-rays for health care companies and other tasks specific to different kinds of customers. Hightail is trying to do something similar for customers like law firms. And Dropbox? It is trying to make sure that its consumer-minded service stays easier to use than what the big guys provide." It's going to be tough for them to hold out, and even tougher for new storage startups to break in. But that might be the only thing keeping us from choosing between the Wal-Mart-A and Wal-Mart-B of online storage.

Read more of this story at Slashdot.








Ross Ulbricht Faces New Drug Charges

Mon, 25/08/2014 - 00:00
Alleged Silk Road mastermind Ross Ulbricht now faces additional drug-related charges. Ars Technica gives a run-down on the run-down, and shows an array of driver's licenses that can't look good to a jury: According to a 17-page amended indictment filed late Thursday night, the government introduced one count of “narcotics trafficking,” of “distribution of narcotics by means of the Internet,” and of "conspiracy to traffic in fraudulent identification documents." Previously, Ulbricht was indicted in February 2014 on four formal criminal offenses: narcotics trafficking conspiracy, continuing criminal enterprise, computer hacking conspiracy, and money laundering conspiracy. Ulbricht pleaded not guilty to the previous charges, and he seems likely to plead not guilty to the new ones as well.

Read more of this story at Slashdot.








Hackers Claim PlayStation Network Take-Down

Sun, 24/08/2014 - 23:02
This morning, Sony's PlayStation network was knocked offline for North American users. According to ShackNews, Several tweets have gone up throughout Saturday evening, in which Lizard Squad has taken responsibility for the attacks. The group started with Blizzard's servers that include Hearthstone, Diablo 3, World of Warcraft and others. The group quickly spread to League of Legends and Path of Exile before deciding to spread their terror to PlayStation Network. Sony apparently had some trouble admitting that the network wasn't behaving as it should be, but came around with acknowledgment on twitter.

Read more of this story at Slashdot.








Slashdot Asks: How Prepared Are You For an Earthquake?

Sun, 24/08/2014 - 21:06
With three earthquakes of some significance in the news this weekend (Chile, California, and Iceland), it seems a good time to ask: If you live in an area of seismic danger, how are you prepared for an earthquake (or tsunami, mudslide, or other associated danger) and how prepared are you? Do you have a stash of emergency supplies, and if so, how did you formulate it? In the U.S. alone, it's surprising how many areas there are with some reasonable chance of earthquakes, though only a few of them are actually famous for it — and those areas are the ones where everything from building codes to cultural awareness helps mitigate the risks. I'm not sure I'd want to be in a skyscraper in Memphis or St. Louis during a replay of the New Madrid quakes of 1811-1812, which is probably worth worrying about for those in the region. Beyond personal safety, do you have a plan for your electronics and data if the earth starts shaking?

Read more of this story at Slashdot.








Among Gamers, Adult Women Vastly Outnumber Teenage Boys

Sun, 24/08/2014 - 12:01
MojoKid writes: The Entertainment Software Association has just released its 2014 report on the state of the video game industry (PDF), and as the title of this post suggests, there have been some significant shifts since the last report. Let's tackle the most interesting one first: Females have become the dominant gamer, claiming 52% of the pie. That's impressive, but perhaps more so is the fact that women over the age of 18 represent 36% of the game-playing population, whereas boys aged 18 and under claim a mere 17%. Statistics like these challenge the definition of "gamer." Some might say that it's a stretch to call someone who only plays mobile games a "gamer" (Candy Crush anyone?). Mental hurdle aside, the reality is that anyone who plays games, regardless of the platform, is a gamer.

Read more of this story at Slashdot.








Pages