mask.of.sanity writes "A researcher has found flaws in the way major Australian banks handle customer login credentials which could allow the details to be siphoned off by malware. He built proof of concept malware to pull unencrypted passwords, account numbers and access credentials from volatile memory of popular web browsers every two hours."
Follow Slashdot stories on Twitter
First time accepted submitter Emmanuel Cecchet writes "Researchers of the BenchLab project at UMass Amherst have discovered a bug in the browser of the Samsung S3. If you browse a Web page that has multiple versions of the same image (for mobile, tablet, desktop, etc...) like most Wikipedia pages for example, instead of downloading one image at the right resolution, the phone will download all versions of it. A page that should be less than 100K becomes multiple MB! It looks like a bug in the implementation of the srcset HTML tag, but all the details are in the paper to be presented at the IWQoS conference next week. So far Samsung didn't acknowledge the problem though it seems to affect all S3 phones. You'd better have an unlimited data plan if you browse Wikipedia on an S3!"
dsinc writes "The Transportation Security Administration announced it has finished removing from all airports the X-ray technology that produced graphic and controversial images of passengers passing through security screening checkpoints. The machines, which the TSA first deployed in 2008, provoked public outrage as the technology, better able than traditional X-rays to detect hidden contraband, also created images that appeared as if they were 'virtual nudes.' Critics called this an invasion of privacy and questioned whether the scanning devices truly lacked the ability to save the images, as the TSA claimed."
First time accepted submitter jay age writes "When TV makers started pushing 4K screens on unsuspecting public, that just recently upgraded to 1080p, many had doubted what value will they bring consumers. Fair thought — 1080p is, at screen sizes and viewing distances commonly found in homes, good enough. However, PC users such as me have looked at this development with great hope. TV screens must have something to do with market being littered with monitors having puny 1080p resolution. What if 4K TVs will push PC makers to offer 4K screens too, wouldn't that be great? Well, they are coming. ASUS has just announced one!" You could hook a computer up to one of the available 4K displays, but will generally be paying a lot more for the privilege; this one is "only" about $5,000, according to ExtremeTech.
Zothecula writes "Imagine if there was a voice in your head that regularly threatened to harm you or your loved ones, or that even ordered you to do so yourself. Awful as that would be, such auditory hallucinations are one of the most common symptoms of schizophrenia, with approximately one in four sufferers continuing to experience them even after taking anti-psychotic drugs. Fortunately, scientists have recently helped some schizophrenics gain control of their condition, by turning those voices into interactive avatars."
Presto Vivace writes "In a blog post, danps explains how the music industry initially thought that the Internet meant that people wanted their music for free. In 2003 Apple persuaded the industry to use an online music store with DRM. But DRM just does not work for consumers, so by 2011 online music stores were DRM-free. Sadly, the book industry has not learned these lessons. And there are larger lessons for the gadget industry: 'The tech industry right now is churning out lots of different devices, operating systems and form factors in an attempt to get the One True Gadget — the thing you'll take with you everywhere and use for everything. That's a lovely aspiration, but I don't see it happening. What I see instead is people wanting to only carry around one thing at a time, and rotating through several: Smart phone for everyday use, tablet for the beach, laptop for the road, etc. If you can't get the book you paid for on each of those devices, it's a pain. As a reader I want to be able to put a book on everything as soon as I buy it so I always have a local (non-Internet dependent) copy — no matter which thing I run out of the house with.'"
Rambo Tribble writes "As reported by the BBC, astronomers are hoping to reap a black-hole-hunting windfall when a giant gas cloud passes through an area within our galaxy thought to contain numerous small black holes (abstract). When the cloud interacts with the black holes, the resultant emission of X-rays should allow scientists to finally confirm their existence. 'The idea is that as the cloud speeds past these small black holes — some slightly more massive than our Sun but just a few tens of km across — gas will spiral around them faster and faster, heating up to millions of degrees and emitting X-ray light. It is a bit like allowing a giant sink to empty through thousands of tiny drains and looking for any evidence of swirling water.'"
thecarchik writes "In an exhaustive 6,500-word article on the financial website Seeking Alpha, analyst Nathan Weiss lays out a case that the latest Tesla Model S actually has higher effective emissions than most large SUVs of both the greenhouse gas carbon dioxide and smog-producing pollutants like sulfur dioxide. This is absolutely false. Virtually all electric car advocates agree that when toting up the environmental pros and cons of electric cars, it's only fair to include powerplant emissions. When this has been done previously, the numbers have still favored electric cars. The Union of Concerned Scientists, for example, concluded in a 2012 report (PDF), 'Electric vehicles charged on the power grid have lower global warming emissions than the average gasoline-based vehicle sold today.' Working through every one of Weiss' conclusions may show a higher emissions rate than Tesla's published numbers, but in no way does a Model S pollute the amounts even close to an SUV."
Trailrunner7 writes "Bug bounty programs have been a boon for both researchers and the vendors who sponsor them. From the researcher's perspective, having a lucrative outlet for the work they put in finding vulnerabilities is an obvious win. Many researchers do this work on their own time, outside of their day jobs and with no promise of financial reward. The willingness of vendors such as Google, Facebook, PayPal, Barracuda, Mozilla and others to pay significant amounts of money to researchers who report vulnerabilities to them privately has given researchers both an incentive to find more vulnerabilities and a motivation to not go the full disclosure route. This set of circumstances could be an opportunity for the federal government to step in and create its own separate bug reward program to take up the slack. Certain government agencies already are buying vulnerabilities and exploits for offensive operations. But the opportunity here is for an organization such as US-CERT, a unit of the Department of Homeland Security, to offer reasonably significant rewards for vulnerability information to be used for defensive purposes. There are a large number of software vendors who don't pay for vulnerabilities, and many of them produce applications that are critical to the operation of utilities, financial systems and government networks. DHS has a massive budget–a $39 billion request for fiscal 2014–and a tiny portion of that allocated to buy bugs from researchers could have a significant effect on the security of the nation's networks. Once the government buys the vulnerability information, it could then work with the affected vendors on fixes, mitigations and notifications for customers before details are released."
itwbennett writes "If you've ever worked on a team you can probably recall a time when, as a group, you produced work that was not as good as any one of you could have done on your own. Sarah Mei had this sort of sub-par teamwork experience, which she shared in her session at the O'Reilly Fluent Conference this week. Mei 'spoke about a time she worked on a team with really expert developers. Every one of them was someone whom you'd admire, who had previous written code that you and I would boast to have created. Yet, these smart people created modules that didn't talk to each other. And its quality was, to be kind, on the rotten side.' It's not an uncommon story, but why and how does it happen? The answer, says Mei, is that code quality 'is defined by its patterns of dependencies,' not all of which have equal weight. And, as it turns out, team communication is the heaviest dependency of all."
McGruber writes "The NY Times reports, 'New York City has spent $95 million over the past few years to bring its election process into the 21st century, replacing its hulking lever voting machines with electronic scanners. But now, less than three years after the new machines were deployed, election officials say the counting process with the machines is too cumbersome to use them for the mayoral primary this year, and then for the runoff that seems increasingly likely to follow as soon as two weeks later. In a last-ditch effort to avoid an electoral embarrassment, New York City is poised to go back in time: it is seeking to redeploy lever machines, a technology first developed in the 1890s, for use this September at polling places across the five boroughs. The city's fleet of lever machines was acquired in the 1960s and has been preserved in two warehouses in Brooklyn, shielded from dust by plastic covers."
An anonymous reader writes "Asteroid 1998 QE2 has an estimated diameter of 2.7 km. This asteroid will have a close approach with Earth at about 15.2 LD (Lunar Distances = ~384,000 kilometers) or 0.0392 AU (1 AU = ~150 million kilometers) at 2059 UT on 2013 May 31 and it will reach the peak magnitude ~10.8 on May 31 around 2300 UT." Radar images of the asteroid taken Wednesday show that 1998 QE2 has its own tiny moon, about 600 meters wide. Phil Plait explained how the images were taken, and what further information we gleaned from them. 'The very presence of the moon is a good thing. By measuring how long it takes to go around the primary, the mass of the primary can be found using math known for centuries (the more massive the big asteroid, the faster the moon will go around it at a given distance). We also know the size of the primary, so that means we can find its density, and therefore what it’s made of (probably mostly rock).'
phantomfive writes "Some countries are worried about the privacy implications of Google Maps, but Lithuania is using them to find tax cheats. 'After Google's car-borne cameras were driven through the Vilnius area last year, the tax men in this small Baltic nation got busy. They have spent months combing through footage looking for unreported taxable wealth. ... Two recent cases netted $130,000 in taxes and penalties after investigators found houses photographed by Google that weren't on official maps. ... "We were very impressed," said Modestas Kaseliauskas, head of the State Tax Authority. "We realized that we could do more with less and in shorter time."' The people of Lithuania don't seem to mind. 'Authorities have been aided by the local populace. "We received even more support than we expected," said Mr. Kaseliauskas.'"
An anonymous reader writes "CNet reports that a U.S. District Court Judge has rejected Google's attempt to fight 19 National Security Letters, which are used by the FBI to gather information on users without a warrant. Quoting: 'The litigation taking place behind closed doors in Illston's courtroom — a closed-to-the-public hearing was held on May 10 — could set new ground rules curbing the FBI's warrantless access to information that Internet and other companies hold on behalf of their users. The FBI issued 192,499 of the demands from 2003 to 2006, and 97 percent of NSLs include a mandatory gag order. It wasn't a complete win for the Justice Department, however: Illston all but invited Google to try again, stressing that the company has only raised broad arguments, not ones "specific to the 19 NSLs at issue." She also reserved judgment on two of the 19 NSLs, saying she wanted the government to "provide further information" prior to making a decision.' This does not affect the Electronic Frontier Foundation's challenge to the constitutionality of the letters in the Ninth Circuit Court of Appeals."
AvailableNickname writes "I am currently pursuing a bachelor's in CompSci and I just spent three hours working on a few differential equations for homework. It is very frustrating because I just don't grok advanced math. I can sort of understand a little bit, but I really don't grok anything beyond long division. But I love computers, and am very good at them. However, nobody in the workforce is even going to glance at my direction without a BSc. And to punish me for going into a field originally developed by mathematicians I need to learn all this crap. If I had understood what I was doing, maybe I wouldn't mind so much. But the double frustration of not understanding it and not understanding why the heck I need to do it is too much. So, how important is it?"
twoheadedboy writes "When BT engineers set out to lay fiber broadband cables in remote areas in North Yorkshire, they didn't think they would have many issues. But they didn't see the badgers coming. They discovered badger setts along the planned route for a cable connecting 450 properties to the local exchange. As it is illegal to destroy or upset setts — badgers are considered an endangered species — BT has had to hold off putting down the fiber until it either gains permission from the National Trust or comes up with fresh plans."
An anonymous reader writes "A new study based on observations last September by the Curiosity rover on Mars has confirmed that pebble-containing slabs of rock found on the Martian surface were part of an ancient streambed. The work provides some of the most definitive evidence yet that water once flowed on Mars. '[The pebbles'] smooth appearance is identical to gravels found in rivers on Earth. Rock fragments that bounce along the bottom of a stream of water will have their edges knocked off, and when these pebbles finally come to rest they will often align in a characteristic overlapping fashion. ...It is confirmation that water has played its part in sculpting not only this huge equatorial bowl but by implication many of the other landforms seen on the planet.' According to NASA, 'The stream carried the gravels at least a few miles, or kilometers, the researchers estimated. The atmosphere of modern Mars is too thin to make a sustained stream flow of water possible, though the planet holds large quantities of water ice. Several types of evidence have indicated that ancient Mars had diverse environments with liquid water. However, none but these rocks found by Curiosity could provide the type of stream flow information published this week. Curiosity's images of conglomerate rocks indicate that atmospheric conditions at Gale Crater once enabled the flow of liquid water on the Martian surface.'"
redletterdave writes "In trying to solve the 'mechanical mismatch' between humans and electronics — particularly wearables — special projects chief Regina Dugan unveiled two new projects currently in development at Google's Motorola Mobility centered on rethinking authentication methodology, including electronic tattoos and ingestible pills. Of the pill, which Dugan called her 'first superpower,' she described it as an 'inside-out potato battery' that when swallowed, the acids in one's stomach serve as the electrolyte to power an 18-bit ECG-like signal that essentially turns one's body into an authentication token. 'It means my arms are like wires and my hands are like alligator clips [so] when I touch my phone, my computer, my door, I'm authenticated,' Dugan said. 'This is not science fiction.'"
Necroloth sends this quote from an article at Wired: "For the first time, scientists have visually captured a molecule at single-atom resolution in the act of rearranging its bonds. Until now, scientists were only able to infer molecular structures. Using atomic force microscopy (abstract), the individual atomic bonds that connect the carbon molecule's 26 carbon and 14 hydrogen atoms are clearly visible and look startlingly similar to the stick diagrams in chemistry textbooks."
An anonymous reader writes "A report at SF Gate notes that 'The United States has lifted portions of two-decades-old sanctions against Iran in an effort to bolster communication between the country's citizens — and potentially aid organization against a repressive Iranian government. Thursday afternoon the U.S. Treasury Department's Office of Foreign Assets Control authorized the sale of hardware and software that pertain to the Internet, instant messaging, chat, e-mail, social networking, sharing of media, and blogging — basically, all things digital. The Treasury Department wrote, 'As the Iranian government attempts to silence its people by cutting off their communication with each other and the rest of the world, the United States will continue to take action to help the Iranian people exercise their universal human rights, including the right to freedom of expression.'"
schwit1 writes "Parents in Polk County, Florida are outraged after learning that students in area schools had their irises scanned as part of a new security program without obtaining proper permission. Two days before their Memorial Day weekend break, kids from at least three different public schools — Bethune Academy (K–5), Davenport School of the Arts (K–5, middle, and high school), and Daniel Jenkins Academy (grades 6–12) — were subjected to iris scans without their parents' knowledge or consent. The scans are essentially optical fingerprints, which the school intended to collect to create a database of biometric information for school-bus security."
New submitter Mistakill writes "It seems the case against Kim Dotcom for the NZ Police isn't going well, with Kim Dotcom scoring another victory in his legal battles. Police have been told they must search everything they seized from Dotcom and hand back what is not relevant to the U.S. extradition claims. Justice Helen Winkelmann told police their complaints about the cost and time of the exercise were effectively their own fault for indiscriminately seizing material in the first place. She wrote, 'The warrants could not authorize the permanent seizure of hard drives and digital materials against the possibility that they might contain relevant material, with no obligation to check them for relevance. They could not authorize the shipping offshore of those hard drives with no check to see if they contained relevant material. Nor could they authorize keeping the plaintiffs out of their own information, including information irrelevant to the offenses.'"
An anonymous reader writes "NPR reports that an Oregon wheat farmer found a patch of wheat growing where he did not plant. After RoundUp failed to kill the plants, he sent them to a lab for testing. Turns out the wheat in question is a GMO strain created by Monsanto but never sent to market. Oregon field trials for the wheat ended in 2001. 'Nobody knows how this wheat got to this farm. ... After all such trials, the genetically engineered crops are supposed to be completely removed. Also, nobody knows how widely this genetically engineered wheat has spread, and whether it's been in fields of wheat that were harvested for food.' The USDA is currently investigating and says there is no health-risk. Meanwhile, Monsanto has released a statement and Japan has suspended some wheat imports from the U.S. 'The mystery could have implications on wheat trade. Many countries around the world will not accept imports of genetically modified foods, and the United States exports about half of its wheat crop.'"
plutoclacks writes "I will run a computer science club at my high school next semester with two other friends. The club was newly introduced this school year, and initially saw a massive success (40+ members showed up at the first meeting). Unfortunately, participation has decreased a lot since then, down to four active members. I feel that the main reason for this decline was the inability to maintain the students' interest at the beginning of the year, as well as general disorganization, which we hope to change next semester. The leaders of the club all have fairly strong Java backgrounds, in addition to enthusiasm about computer science and programming. We have a computer lab with ~30 computers, which, though old, are still functional and available for use. What are some ways we can make the club have an impacting interest to newcomers?"
An anonymous reader writes "India is equipping its longest range nuclear-capable missile, the Agni-V, with Multiple Independently Targetable Re-entry Vehicles (MIRVs), The Diplomat reports. A MIRVed Intercontinental Ballistic Missile (ICBM) carries multiple nuclear warheads on a single missile, which it dispenses towards numerous or a single target after the final stage of the ICBM boosts off. MIRVed missiles destabilized the Cold War nuclear balance and are likely to do so again: 'Because they give nations greater confidence in being able to destroy an adversary's hardened missile silo sites in a first strike by launching multiple, lower yield warheads at the sites.'"
Iddo Genuth writes "Think of a world where you could simply download the blueprints of your future home for free just like you download any open source software today. A team of British architects developed just that and they are hoping their project called WikiHouse will radically change the way we think about building homes."
DeviceGuru writes "DARPA announced a sensor reference system device based on a new Android-based sensor processing core called the ADAPTable Sensor System (a.k.a. ADAPT). The initial ADAPT reference device, called UGS (unattended ground sensor), is designed as the basis for a series of lower-cost, more upgradable sensor devices for military applications. The ADAPT program is part of larger effort by the U.S. military to reduce the costs and speed production schedules for military equipment, using an ODM process similar to that of the commercial smartphone industry. Potential applications for the technology include swarms of hive-mind UAVs or robots, or perimeter security sensors hidden at a deployed airfield or underground, all networked together and capable of transmitting video."
AmiMoJo writes "Japan's nuclear regulator has ordered the operator of the Monju fast-breeder reactor to suspend preparation for its restart until measures are put in place for its proper maintenance and management. The regulators acted after finding the operator had missed checkups on about 10,000 pieces of equipment. They ordered that sufficient manpower and funds be allocated for maintenance and management. The reactor in Tsuruga City, central Japan, is at the center of the nation's nuclear-fuel recycling policy. But its operator has been hampered by a series of problems."