Feed aggregator

First Phase of TrueCrypt Audit Turns Up No Backdoors

Slashdot - Mon, 14/04/2014 - 23:51
msm1267 (2804139) writes "A initial audit of the popular open source encryption software TrueCrypt turned up fewer than a dozen vulnerabilities, none of which so far point toward a backdoor surreptitiously inserted into the codebase. A report on the first phase of the audit was released today (PDF) by iSEC Partners, which was contracted by the Open Crypto Audit Project (OCAP), a grassroots effort that not only conducted a successful fundraising effort to initiate the audit, but raised important questions about the integrity of the software. The first phase of the audit focused on the TrueCrypt bootloader and Windows kernel driver; architecture and code reviews were performed, as well as penetration tests including fuzzing interfaces, said Kenneth White, senior security engineer at Social & Scientific Systems. The second phase of the audit will look at whether the various encryption cipher suites, random number generators and critical key algorithms have been implemented correctly."

Read more of this story at Slashdot.








Heartbleed Disclosure Timeline Revealed

Slashdot - Mon, 14/04/2014 - 23:10
bennyboy64 (1437419) writes "Ever since the Heartbleed flaw in OpenSSL was made public there have been various questions about who knew what and when. The Sydney Morning Herald has done some analysis of public mailing lists and talked to those involved with disclosing the bug to get the bottom of it. The newspaper finds that Google discovered Heartbleed on or before March 21 and notified OpenSSL on April 1. Other key dates include Finnish security testing firm Codenomicon discovering the flaw independently of Google at 23:30 PDT, April 3. SuSE, Debian, FreeBSD and AltLinux all got a heads up from Red Hat about the flaw in the early hours of April 7 — a few hours before it was made public. Ubuntu, Gentoo and Chromium attempted to get a heads up by responding to an email with few details about it but didn't, as the guy at Red Hat sending the disclosure messages out in India went to bed. By the time he woke up, Codenomicon had reported the bug to OpenSSL."

Read more of this story at Slashdot.








Google Buys Drone Maker Titan Aerospace

Slashdot - Mon, 14/04/2014 - 21:00
garymortimer (1882326) writes "Google has acquired drone maker Titan Aerospace. Titan is a New Mexico-based company that makes high-flying solar powered drones. There's no word on the price Google paid, but Facebook had been in talks to acquire the company earlier this year for a reported $60 million. Presumably, Google paid more than that to keep it away from Facebook. 'Google had just recently demonstrated how its Loon prototype balloons could traverse the globe in a remarkably short period of time, but the use of drones could conceivably make a network of Internet-providing automotons even better at globe-trotting, with a higher degree of control and ability to react to changing conditions. Some kind of hybrid system might also be in the pipeline that marries both technologies.'"

Read more of this story at Slashdot.








Will This Flying Car Get Crowdfunded?

Slashdot - Mon, 14/04/2014 - 20:18
cartechboy (2660665) writes "We all just have too much money on our hands, and we really want a flying car, right? Well that's what Skylys thinks, as it's trying to crowdfund a flying car. According to its website, 'In detail we aim to create an urban dual-mode, hybrid flight and electric drive motorized vehicle that fits into sustainable mobility.' How much money does it need? Oh about $3,111,075. Apparently the company has run out of money and needs more to 'start construction on our two prototypes to confirm our technical specifications; pay the chaps in the legal department; industrial engineers and take up occupancy of our future offices in Silicon Valley, where our backers can of course pay us a visit.'"

Read more of this story at Slashdot.








Reviving a Commodore 64 Computer Using a Raspberry Pi

Slashdot - Mon, 14/04/2014 - 19:35
concertina226 (2447056) writes "A group of Commodore fans are working on a new emulator with the ability to turn the Raspberry Pi £30 computer into a fully functioning Commodore 64 fresh from the 1980s. Scott Hutter, creator of the Commodore Pi project, together with a team of developers on Github, are seeking to build a native Commodore 64 operating system that can run on Raspberry Pi. 'The goal will be to include all of the expected emulation features such as SID sound, sprites, joystick connectivity, REU access, etc. In time, even the emulation speed could be changed, as well as additional modern graphics modes,' he writes on his website."

Read more of this story at Slashdot.








Inside the Stolen Smartphone Black Market In London

Slashdot - Mon, 14/04/2014 - 18:53
First time accepted submitter WebAgeCaveman (3615807) writes in with news about just how big the stolen smartphone black market is. "A black market of shops and traders willing to deal in stolen smartphones has been exposed by a BBC London undercover investigation. Intelligence was received that some shops across a swathe of east London were happy to buy phones from thieves. Two traders were filmed buying Samsung S3 and iPhone 4 devices from a researcher posing as a thief - despite him making it clear they were stolen. The shops involved have declined to comment."

Read more of this story at Slashdot.








Jenny McCarthy: "I Am Not Anti-Vaccine'"

Slashdot - Mon, 14/04/2014 - 13:04
Hugh Pickens DOT Com (2995471) writes "Jenny McCarthy is claiming she has been misunderstood and is not anti-vaccine. In an op-ed in the Chicago Sun-Times, McCarthy tries to ignore everything she's been saying about vaccines for years and wipe the record clean. 'People have the misconception that we want to eliminate vaccines,' McCarthy told Time magazine science editor Jeffrey Kluger in 2009. 'Please understand that we are not an anti-vaccine group. We are demanding safe vaccines. We want to reduce the schedule and reduce the toxins.' But Kluger points out that McCarthy left the last line out of that quotation: 'If you ask a parent of an autistic child if they want the measles or the autism, we will stand in line for the f--king measles.' That missing line rather changes the tone of her position considerably, writes Phil Plait and is a difficult stance to square with someone who is not anti-vaccine. As Kluger points out, her entire premise is false; since vaccines don't cause autism, no one has to make the choice between measles (and other preventable, dangerous diseases) and autism. Something else McCarthy omitted from her interview with Kluger: 'I do believe sadly it's going to take some diseases coming back to realize that we need to change and develop vaccines that are safe,' said McCarthy. 'If the vaccine companies are not listening to us, it's their f*cking fault that the diseases are coming back. They're making a product that's sh*t. If you give us a safe vaccine, we'll use it. It shouldn't be polio versus autism.' Kluger finishes with this: 'Jenny, as outbreaks of measles, mumps and whooping cough continue to appear in the U.S.—most the result of parents refusing to vaccinate their children because of the scare stories passed around by anti-vaxxers like you—it's just too late to play cute with the things you've said.' For many years McCarthy has gone on and on and on and on and on and on about vaccines and autism. 'She can claim all she wants that she's not anti-vax,' concludes Plait, 'but her own words show her to be wrong.'"

Read more of this story at Slashdot.








44% of Twitter Users Have Never Tweeted

Slashdot - Mon, 14/04/2014 - 10:03
First time accepted submitter RileyWalz (3614865) writes "Twopcharts (a third party website that records and monitors activity on Twitter) is reporting that about 44 percent of all 947 million accounts on Twitter have never posted a single tweet. Of the 550 million users who have tweeted before, 43 percent posted their last tweet over a year ago. And only about 13.3 percent have tweeted in the last 30 days. This could be a sign of many users just signing up and forgetting about their account, or they just prefer reading other's posts. Twitter is not commenting on this data, saying that they do not talk about third-party information related to its service."

Read more of this story at Slashdot.








First Glow-In-the-Dark Road Debuts In Netherlands

Slashdot - Mon, 14/04/2014 - 07:02
An anonymous reader writes "A 500 meter (0.3 mile) stretch of road in the Netherlands has opened without the standard crop of streetlights lining its perimeter. The streetlights are believed to be unnecessary since the road markings were painted on with a mix of photo-luminescent powder, which absorbs sunlight during the day and radiates a portion of that energy back at night. Whether the modified road paint can withstand harsh weather or even provide sufficient lighting given insufficient exposure to sunlight during the day remains to be seen. The project was orchestrated by Studio Roosegaarde, which in the future plans to implement weather-sensitive road markings that would inform drivers when outside temperatures drop or rise above certain levels."

Read more of this story at Slashdot.








Seattle Bookstores Embrace Amazon.com

Slashdot - Mon, 14/04/2014 - 03:55
An anonymous reader writes "Even though many independent bookstores around the country blame their closing on competition from Amazon.com, bookstores in Seattle are booming thanks to Amazon's growth. It turns out many of the thousands of new workers at their downtown headquarters are avid readers who prefer shopping at the local stores. '"A lot of our customers work at Amazon," said Tracy Taylor, the general manager at the Elliott Bay Book Company, one of the city's largest independent booksellers. The store, about a mile from Amazon headquarters, last year earned what Ms. Taylor called the "first substantial profit" in almost 20 years, enough to even pay employee bonuses.'"

Read more of this story at Slashdot.








Pluto May Have Deep Seas and Ancient Tectonic Faults

Slashdot - Mon, 14/04/2014 - 01:50
astroengine (1577233) writes "In July 2015 we get our first close look at the dwarf planet Pluto and its moon, Charon — a fact that has scientists hypothesizing more than ever about what we might see there. One of the latest ideas put forward is that perhaps the collision that likely formed Pluto and Charon heated the interior of Pluto enough to give it an internal liquid water ocean, which also gave the small world a short-lived plate tectonics system, like that of Earth."

Read more of this story at Slashdot.








Is Germany Raising a Generation of Illiterates?

Slashdot - Sun, 13/04/2014 - 20:00
StartsWithABang (3485481) writes "Over at Starts With A Bang, the weekly question comes in from Germany, where we're informed: 'In Germany, many teachers have adopted a new way of teaching children to write properly. The way is called "Writing by Reading" and essentially says: Write as you wish, you're not bound by any rules. Recently, this way of teaching has been heavily criticized [link in German], but not before it has been "tested" on several years of school children.' The reading wars have been going on in the US, too, but will this wind up having a negative outcome? Or, as this piece argues, is it likely to be a wash?"

Read more of this story at Slashdot.








Private Keys Stolen Within Hours From Heartbleed OpenSSL Site

Slashdot - Sun, 13/04/2014 - 18:56
Billly Gates (198444) writes "It was reported when heartbleed was discovered that only passwords would be at risk and private keys were still safe. Not anymore. Cloudfare launched the heartbleed challenge on a new server with the openSSL vulnerability and offered a prize to whoever could gain the private keys. Within hours several researchers and a hacker got in and got the private signing keys. Expect many forged certificates and other login attempts to banks and other popular websites in the coming weeks unless the browser makers and CA's revoke all the old keys and certificates."

Read more of this story at Slashdot.








Anyone Can Buy Google Glass April 15

Slashdot - Sun, 13/04/2014 - 17:45
An anonymous reader writes "Starting at 9 a.m. ET on April 15 anyone in the US will be able to buy Google Glass for one day. From the article: 'This is the first time the device has been available to the general public. So far, the face-mounted computers have been sold only to Google "Explorers," the company's name for early adopters. At first only developers could buy Glass, but Google slowly expanded the program to include regular people. Some were hand-picked, others applied to be Explorers through Google contests by sharing what cool projects they would do if they had Glass.'"

Read more of this story at Slashdot.








The GNOME Foundation Is Running Out of Money

Slashdot - Sun, 13/04/2014 - 16:40
An anonymous reader writes "The GNOME Foundation is running out of money. The foundation no longer has any cash reserves so they have voted to freeze non-essential funding for running the foundation. They are also hunting down sponsors and unpaid invoices to regain some delayed revenue. Those wishing to support the GNOME Foundation can become a friend of GNOME."

Read more of this story at Slashdot.








Apple's Spotty Record of Giving Back To the Tech Industry

Slashdot - Sun, 13/04/2014 - 15:34
chicksdaddy (814965) writes "Given Apple's status as the world's most valuable company and its enormous cash hoard, the refusal to offer even meager support to open source and industry groups is puzzling. From the article: 'Apple bundles software from the Apache Software Foundation with its OS X operating system, but does not financially support the Apache Software Foundation (ASF) in any way. That is in contrast to Google and Microsoft, Apple's two chief competitors, which are both Platinum sponsors of ASF — signifying a contribution of $100,000 annually to the Foundation. Sponsorships range as low as $5,000 a year (Bronze), said Sally Khudairi, ASF's Director of Marketing and Public Relations. The ASF is vendor-neutral and all code contributions to the Foundation are done on an individual basis. Apple employees are frequent, individual contributors to Apache. However, their employer is not, Khudairi noted. The company has been a sponsor of ApacheCon, a for-profit conference that runs separately from the Foundation — but not in the last 10 years. "We were told they didn't have the budget," she said of efforts to get Apple's support for ApacheCon in 2004, a year in which the company reported net income of $276 million on revenue of $8.28 billion.'"

Read more of this story at Slashdot.








The Case For a Safer Smartphone

Slashdot - Sun, 13/04/2014 - 04:12
itwbennett writes: "According to the Virginia Tech Transportation Institute, people who text and drive increase their chances of 'safety-critical events' by a multiple of 23.2. And new research is constantly rolling out, showing the same thing: 'We can't handle the visual, manual, and cognitive commitment of using a phone while driving,' writes blogger Kevin Purdy. What's needed, Purdy suggests, isn't more laws that will go ignored, but phones that know enough to stop giving us the distractions we ask them for: 'I think the next good phone, the next phone that makes some variant of the claim that it "Fits the way you live," needs to know that we don't know what is good for us when it comes to driving. We want to be entertained and shown new things while doing the often mundane or stressful task of driving. More specifically, those phones should know when we are driving, quiet or otherwise obscure updates from most apps, and be able to offer their most basic functions without needing to turn on a screen or type a single letter.'"

Read more of this story at Slashdot.








PC Gaming Alive and Dominant

Slashdot - Sun, 13/04/2014 - 01:01
An anonymous reader writes "Ars reports on a panel at PAX East which delved into the strength of the PC as a platform for games, and what its future looks like. The outlook is positive: 'Even as major computer OEMs produce numbers showing falling sales, the PC as a platform (and especially a gaming platform) actually shows strong aggregate growth.' The panelists said that while consoles get a lot of the headlines, the PC platform remains the only and/or best option for a lot of developers and gamers. They briefly addressed piracy, as well: 'Piracy, [Matt Higby] said, is an availability and distribution problem. The more games are crowdfunded and digitally delivered and the less a "store" figures into buying games, the less of a problem piracy becomes. [Chris Roberts] was quick to agree, and he noted that the shift to digital distribution also helps the developers make more money — they ostensibly don't have everyone along the way from retailers to publishers to distributors taking their cut from the sale.'"

Read more of this story at Slashdot.








Ask Slashdot: Are You Apocalypse-Useful?

Slashdot - Sat, 12/04/2014 - 23:58
An anonymous reader writes: "Young people, when choosing a profession, are often told to 'do what you love.' That's why we have experts in such abstruse fields as medieval gymel. But let's talk hypotheticals: if there's a worldwide catastrophe in which civilization is interrupted, somebody specializing in gymel wouldn't provide much use to fellow survivors. In a post-apocalypse world, medical doctors would be useful, as would most scientists and engineers. The bad news for Slashdotters is that decades without computers would render computer science and related professions useless. What do you consider to be the most useful and mostly useless post-apocalypse professions? How long would it take for society to rebuild enough for your profession to be useful?"

Read more of this story at Slashdot.








The Comcast/TWC Merger Is About Controlling Information

Slashdot - Sat, 12/04/2014 - 22:51
An anonymous reader sends this excerpt from The Consumerist: "Comcast and proposed merger partner Time Warner Cable claim they don't compete because their service areas don't overlap, and that a combined company would happily divest itself of a few million customers to keeps its pay-TV market share below 30%, allowing other companies that don't currently compete with Comcast to keep not competing with Comcast. This narrow, shortsighted view fails to take into account the full breadth of what's involved in this merger — broadcast TV, cable TV, network technology, in-home technology, access to the Internet, and much more. In addition to asking whether or not regulators should permit Comcast to add 10-12 million customers, there is a more important question at the core of this deal: Should Comcast be allowed to control both what content you consume and how you get to consume it?"

Read more of this story at Slashdot.








Pages