twoheadedboy writes "A Chinese hacker group is the chief suspect of spear phishing attacks against the Falun Dafa spiritual group and military organizations in the Philippines. Data handed to TechWeek by AlienVault Labs showed how zero-day malware, designed to pilfer Outlook email account logins, was just one strand of the attacks, which are ongoing. Other malware sought to steal passwords for other accounts, dodging many commercial AV products, whilst remote access tools indicate this is a serious surveillance operation. Chinese authorities have neither confirmed nor denied the claims. But it marks another case of Internet-led surveillance with China's name attached to it, following numerous reports of mass Chinese hacking, which has already allegedly hit massive firms like Facebook and Google."
Please create an account to participate in the Slashdot moderation system
coolnumbr12 writes "A 2009 study (PDF) by the McAfee estimated that hacking costs the global economy $1 trillion. It turns out that number was a massive exaggeration by McAfee, a software security branch of Intel that works closely with the U.S. government at the local, state and federal level. A new estimate by the Center for Strategic and International Studies (and underwritten by McAfee) suggests the number is closer to closer to $300 billion (PDF), but even that much is uncertain. One of McAfee's clients, the Department of Defense, has used the $1 trillion estimate to argue for an expansion of cybersecurity, including 13 new teams dedicated to cyberwarfare. Despite the new data, Reuters said McAfee is still trying to exaggerate the numbers." The $1 trillion study has seen other criticism as well, so the new data is a step in the right direction.
An anonymous reader writes "Atari declared bankruptcy earlier this year, and part of that process involves selling off its property in order to pay as many entities holding its debt as possible. The latest round includes a $30 million claim from Atari's parent company in France, and a $261 million claim from another subsidiary of that parent company. The $30 million debt is secured (in other words, they get priority on whatever's left in the U.S. Atari's coffers), but the $261 million debt is not, so they'll have to wait in line with everybody else." The article also lists some interesting sell-offs. The old Accolade brand got sold for $50,000, the Battlezone Franchise was sold to Rebellion Interactive for $566,500, and Wargaming World Limited purchased the Total Annihilation and Masters of Orion franchises. Stardock Systems, creators of Sins of a Solar Empire, picked up the rights to the Star Control franchise, which they intend to reboot. (Those who played it will recall that StarCon2 was the Best Game Ever. And it's been remade after the creators released the source code.)
cold fjord writes "I wish it was always this easy. Business Insider reports, 'Iodized salt is so ubiquitous that we barely notice it. Few people know why it even exists. Iodine deficiency remains the world's leading cause of preventable mental retardation. According to a new study (abstract), its introduction in America in 1924 had an effect so profound that it raised the country's IQ. A new NBER working paper from James Feyrer, Dimitra Politi, and David N. Weil finds that the population in iodine-deficient areas saw IQs rise by a full standard deviation, which is 15 points, after iodized salt was introduced.... The mental impacts were unknown, the program was started to fight goiter, so these effects were an extremely fortunate, unintended side effect.'"
An anonymous reader writes "The hacking group known as the Syrian Electronic Army have hacked into Viber, defacing its support website, and posting what they claim is evidence of surveillance by the free phone-messaging app. The Syrian Electronic Army posted a message claiming the 'Israeli-based Viber is spying and tracking you' alongside what appeared to be a screenshot of an internal Viber database containing users' phone numbers, device UDIDs, IP address, operating system, and Viber version information." Viber is saying the attack was minor: "...the hack only allowed access to two minor systems, a customer support panel and a support administration system. According to the company's official response, 'no sensitive user data was exposed and Viber's databases were not "hacked."' Apparently, an employee simply fell victim to a phishing attack.
MojoKid writes "Intel unveiled a number of new data center initiatives this week as part of its broad product strategy to redefine some of its market goals. Santa Clara has begun focusing on finding ways to expand the utility of its low power Atom servers, including the upcoming Avoton Atom products, which are based on the 22nm Bay Trail architecture. Intel isn't just pushing Avoton as as low-power solution that'll compete with products from ARM and AMD, but as the linchpin of a system for software defined networking and software defined storage capabilities. In a typical network, a switch is programmed to send arriving traffic to a particular location. Both the control plane (where traffic goes) and the data plane (the hardware responsible for actually moving the bits) are implemented in hardware and duplicated in every switch. Software defined networking replaces this by using software to manage traffic and monitoring it from a central controller. Intel is moving towards such a model and talking it up as an option because it moves control away from specialized hardware baked into expensive routers made by people that aren't Intel, and towards centralized technology Intel can bake into the CPU itself."
New submitter Ajay Anand writes with news that Eolas's web patents are really dead (the infamous browser plugin patent that forced Internet Explorer to change how it activated plugins). After Eolas sued a number of companies, last fall a jury found the patents invalid; Eolas naturally mounted an appeal. But a panel of judges simply affirmed the jury decision (PDF). A quiet ending to a decade of patent trolling.
New submitter rogue_archivist writes "I'm an archivist at a mid-sized university archives, trying to develop a policy for archiving computer files ('born-digital records' in archival parlance). Currently old floppy disks, CDs, and the occasional hard drive are added to our network storage. Then the physical media is separated from archival paper documents and placed into storage. My question for all you slashdotters out there is: should these disks be imaged and then the physical copies discarded? Is there any benefit for keeping around physical copies of storage media long since rendered obsolete?"
New submitter Jah-Wren Ryel writes "It's been just over a month since the NSA's dragnet surveillance program was leaked to the public. Tomorrow, Congress is voting on an amendment that would block funding for NSA programs that collect the call records of innocent Americans. A win tomorrow may start a chain reaction — but it won't happen unless we speak up. We have one day to convince Congress to act." The EFF is urging U.S. citizens to call their representatives, noting that there is no time for email to be effective (find your representative). You can read the amendment on the EFF site, quoting the EFF: "Reps. Justin Amash, John Conyers, Jr., Thomas Massie, Mick Mulvaney, and Jared Polis are proposing an amendment that would curtail funding for the implementation of orders under Section 215 of the PATRIOT Act unless the order is explicitly limited in scope. ... Even as the Amash/Conyers Amendment is gaining momentum, some are rallying around a decoy amendment that would do nothing to rein in domestic surveillance. That amendment, championed by Rep. Nugent, would not alter in any way the government's use of Section 215 to obtain bulk communications records on millions of Americans. EFF is urging Representatives to oppose the Nugent Amendment."
Via Ars comes news that the OpenGL 4.4 and OpenCL 2.0 were released yesterday. OpenGL 4.4 features a few new extensions, perhaps most importantly a few to ease porting applications from Direct3D. New bindless shaders have access to the entire virtual address space of the card, and new sparse textures allow streaming tiles of textures too large for the graphics card memory. Finally, the ARB has announced the first set of conformance tests since OpenGL 2.0, so going forward anything calling itself OpenGL must pass certification. The OpenCL 2.0 spec is still provisional, but now features a memory model that is a subset of C11, allowing sharing of complex data between the host and GPU and avoiding the overhead of copying data to and from the GPU (which can often make using OpenCL a losing proposition). There is also a new spec for an intermediate language: "'SPIR' stands for Standard Portable Intermediate Representation and is a portable non-source representation for OpenCL 1.2 device programs. It enables application developers to avoid shipping kernel source and to manage the proliferation of devices and drivers from multiple vendors. OpenCL SPIR will enable consumption of code from third party compiler front-ends for alternative languages, such as C++, and is based on LLVM 3.2. Khronos has contributed open source patches for Clang 3.2 to enable SPIR code generation." For full details see Khronos's OpenGL 4.4 announcement, and their OpenCL 2.0 announcement. Update: 07/23 20:17 GMT by U L : edxwelch notes that Anandtech published notes and slides from the SIGGRAPH announcement.
hypnosec writes "Adapteva has started shipping its $99 Parallella parallel processing single-board supercomputer to initial Kickstarter backers. Parallella is powered by Adapteva's 16-core and 64-core Epiphany multicore processors that are meant for parallel computing unlike other commercial off-the-shelf (COTS) devices like Raspberry Pi that don't support parallel computing natively. The first model to be shipped has the following specifications: a Zynq-7020 dual-core ARM A9 CPU complemented with Epiphany Multicore Accelerator (16 or 64 cores), 1GB RAM, MicroSD Card, two USB 2.0 ports, optional four expansion connectors, Ethernet, and an HDMI port." They are also releasing documentation, examples, and an SDK (brief overview, it's Free Software too). And the device runs GNU/Linux for the non-parallel parts (Ubuntu is the suggested distribution).
garymortimer tips more news about the rise of our robotic overlords. DARPA is now investigating military drone submarines as launch platforms for UAVs. Quoting John Keller at Military & Aerospace Electronics: "The Hydra program will develop and demonstrate an unmanned undersea system with a new kind of unmanned-vehicle delivery system that inserts UAVs and UUVs stealthily into operational environments to respond quickly to situations around the world without putting U.S. military personnel at risk. The Hydra large UUV is to use modular payloads inside a standardized enclosure to deploy a mix of UAVs and UUVs, depending on the military situation. Hydra will integrate existing and emerging technologies in new ways to create an alternate means of delivering a variety of payloads close to where they're needed, DARPA officials say."
Imagine a short (audio) squawk, less than one second long, as a secure authentication method for cell phones or other mobile devices. A company called illiri has developed (and has a patent pending on) a method to do exactly that. The company is so new that its website has only been up for a month, and this interview is their first real public announcement of what they're up to. They envision data sent as sound as a way to facilitate social media, mobile payments (initially with Bitcoin), gaming, and secure logins. Couldn't it also be used for "rebel" communications, possibly by a group of insurgents who want to overthrow the Iranian theocracy? Or even by dissidents in Russia, the country our interviewee, illiri co-founder Vadim Sokolovsky, escaped from? (And yes, "escaped" is his word.) And, considering the way illiri hopes to profit from their work, should they think about open sourcing their work and making their money with services based on their software, along with selling private servers that run it, much the way Sourcefire does in its industry niche? Their APIs are already open, so moving entirely to open source is not a great mental leap for illiri's management. In any case: Is their idea worthwhile? Are there already ways to achieve the same results? Is illliri's way enough better than existing mobile device security systems that it's worth exploring? And would it be better, not just for the world in general, but as a way to help illiri's founders make a living if their software was open source? (Transcript included)
An anonymous reader writes "Still the most popular open source office suite, Apache OpenOffice 4 has been released, with many new enhancements and a new sidebar, based on IBM Symphony's implementation but with many improvements. The code still has comments in German but as long as real new features keep coming and can be shared with other office suites no one is complaining." The sidebar mentioned brings frequently used controls down and beside the actual area of a word-processing doc, say, which makes some sense given how wide many displays have become. This release comes with some major improvements to graphics handling, too; anti-aliasing makes for smoother bitmaps. In conjunction with this release, SourceForge (also under the Slashdot Media umbrella) has announced the launch of an extensions collection for OO. Extensions mean that Open Office can gain capabilities from outside contributors, rather than being wrapped up in large, all-or-nothing updates. You can download the latest version of Apache OpenOffice here.
Nerval's Lobster writes "Last week, Microsoft announced that it would take a $900 million write-off on its Surface RT tablets. Although launched with high hopes in the fall of 2012, the sleek devices—which run Windows RT, a version of Windows 8 designed for hardware powered by the mobile-friendly ARM architecture—have suffered from middling sales and fading buzz. But if Microsoft decides to continue with Surface, there's one surefire way to restart its (metaphorical) heart: make it the ultimate bargain. The company's already halfway there, having knocked $150 off the sticker price, but that's not enough. Imagine Microsoft pricing the Surface at a mere pittance, say $50 or $75 — even in this era of cheaper tablets, the devices would fly off the shelves so fast, the sales rate would make the iPad look like the Zune. There's a historical precedent for such a maneuver. In 2011, Hewlett-Packard decided to terminate its TouchPad tablet after a few weeks of poor sales. In a bid to clear its inventory, the company dropped the TouchPad's starting price to $99, which sent people rushing into stores in a way they hadn't when the device was priced at $499. Demand for the suddenly ultra-cheap tablet reached the point that HP needed weeks to fulfill backorders. (Despite that sales spike, HP decided to kill the TouchPad; the margins on $99 obviously didn't work out to everyone's satisfaction.) In the wake of Microsoft announcing that it would take that $900 million write-down on Surface RT, reports surfaced that the company could have as many as six million units sitting around, gathering dust. Whether that figure is accurate—it seems more based on back-of-napkin calculations than anything else—it's almost certainly the case that Microsoft has a lot of unsold Surface RTs in a bunch of warehouses all around the world. Why not clear them out by knocking a couple hundred dollars off the price? It's not as if they're going anywhere, anyway."
An anonymous reader writes "Late last night, MulticoreWare released an early alpha build of the x265 library. x265 is intended to be the open source counterpart to the recently released HEVC/H.265 standard which was approved back in January, much in the same way that x264 is used for H.264 today. Tom's Hardware put x265 through a series of CPU benchmarks and then compared x265 to x264. While x265 is more taxing in terms of CPU utilization, it affords higher quality at any given bit rate, or the same quality at a lower bit rate than x264." (Reader Dputiger writes points out a comparison at ExtremeTech, too.)
curtwoodward writes "The United States of America: The greatest country in the world, the last superpower, born of divine providence. Unless you're trying to connect to the Internet. The latest State of the Internet Report from network optimization company Akamai shows that the US has slipped in the global rankings of average connection speed, despite nearly 30 percent of yearly growth. That puts ol' Uncle Sam behind such economic powerhouses as Latvia and the Czech Republic. Oh, and we pay more, too. Is it finally time to shake up the ISP market and make Internet connections a public utility, on par with electricity and water? Or will edge projects like Google Fiber make a dent soon?" For those who favor the idea of Internet service as a government-run utility, what do you see as the best-case scenario for such a system?
An anonymous reader writes "My neighbor recently complained about my outdoor floodlight shining in her window. While trying to address this problem, I read an essay about the tragedy of light pollution, and started to think that this is a much broader issue. With all the new lighting technologies out there, this may be the right time to rethink lighting — both indoor and outdoor; public and private. I solved my problem by replacing the floodlight with a spotlight, but I also considered installing a colored light. What are some strategies for illuminating what we need to without casting excess light everywhere and inadvertently blinding our neighbors or keeping them awake?"
GigaOM notes that (excerpting) "Gary Becker, a Nobel-prize winning professor at the University of Chicago, stated this week that the U.S. patent system is ”too broad, too loose, and too expensive” and called for the end of software patents: 'Disputes over software patents are among the most common, expensive, and counterproductive. Their exclusion from the patent system would discourage some software innovations, but the saving from litigation costs over disputed patent rights would more than compensate the economy for that cost.'" Here are Becker's comments, from the always-fun Becker-Posner Blog.
davide-nature writes "The freakish event has been blamed on a company that was drilling for natural gas nearby. But scientists have found a rock formation deep below the surface and shaped like a parabolic antenna. It could have focused seismic waves from an earthquake that occurred shortly before the eruption, and onto a clay layer. The clay then liquefied and somehow found its way to the surface."
dcblogs writes "Software employment is rising at 4 to 5% a year, and may be the only tech occupation to have recovered to full employment since the recession. Other tech occupations aren't doing as well. In 2001, there were more than 200,000 people working in the semi-conductor industry. That number was less than 100,000 by 2010, according to a recent study by the Economic Policy Institute. Darin Wedel, who was laid off from Texas Instruments, and gained national attention when his wife, Jennifer, challenged President Obama on H-1B use, said that for electrical engineers, 'unless you are in the actual design of circuits, then you're not in demand.' He said that much of the job loss in the field is due to the closing of fabrication facilities. Wedel has since found new work as a quality engineer."
Orome1 writes "Cisco will acquire Sourcefire, a provider of intelligent cybersecurity solutions. Under the terms of the agreement, Cisco will pay $76 per share in cash in exchange for each share of Sourcefire and assume outstanding equity awards for an aggregate purchase price of approximately $2.7 billion, including retention-based incentives. The acquisition has been approved by the board of directors of each company. Once the transaction closes, Cisco will include Sourcefire into its guidance going forward. Prior to the close, Cisco and Sourcefire will continue to operate as separate companies."
Thornburg contributes news of a story spotted on Techmeme, writing: "[Joel Spolsky of] Joel On Software has a story about how he found and submitted prior art for a Microsoft patent listed on Ask Patents in 15 minutes. The patent was rejected based largely on the document he submitted." Spolsky gives a very readable introduction to the patent system, and software patents in particular; I especially like this part: "Software patent applications are of uniformly poor quality. They are remarkably easy to find prior art for. Ask Patents can be used to block them with very little work. And this kind of individual destruction of one software patent application at a time might start to make a dent in the mountain of bad patents getting granted. ... How cool would it be if Apple, Samsung, Oracle and Google got into a Mexican Standoff on Ask Patents? If each of those companies had three or four engineers dedicating a few hours every day to picking off their competitors’ applications, the number of granted patents to those companies would grind to a halt."
Sparrowvsrevolution writes "At the Def Con hacker conference in Las Vegas early next month, security researchers Justin Engler and Paul Vines plan to show off the R2B2, or Robotic Reconfigurable Button Basher, a piece of hardware they built for around $200 that can automatically punch PIN numbers at a rate of about one four-digit guess per second, fast enough to crack a typical Android phone's lock screen in 20 hours or less. Engler and Vines built their bot, shown briefly in a preview video, from three $10 servomotors, a plastic stylus, an open-source Arduino microcontroller, a collection of plastic parts 3D-printed on their local hackerspace's Makerbot 3D printer, and a five dollar webcam that watches the phone's screen to detect if it's successfully guessed the password. The device can be controlled via USB, connecting to a Mac or Windows PC that runs a simple code-cracking program. The researchers plan to release both the free software and the blueprints for their 3D-printable parts at the time of their Def Con talk."
First time accepted submitter Koookiemonster writes "The Finnish citizens' initiative site (Finnish/Swedish only) has fulfilled the required amount of signatures for the third initiative since its founding. This means that the Parliament of Finland is required to take the Common Sense in Copyright initiative into processing. The initiative calls for removal of copyright infringement as a crime, reducing violations by private individuals to a misdemeanor." Torrent Freak notes "This makes Finland the first country in the world in which legislators will vote on a copyright law that was drafted by citizens."
Karrde712 writes "Fedora Cloud Architect Matthew Miller announced a proposal on a plan to redesign the way that the Fedora Project builds its GNU/Linux distribution. Fedora has often been described as a 'bag of bits,' with thousands of packages and only minimal integration. Miller's proposal for 'Fedora.Next' describes reorganizing the packages and upstream projects that comprise Fedora into a series of 'rings,' each level of which would have its own set of release and packaging requirements. The lowest levels of the distribution may be renamed to 'Fedora Core.' Much discussion is ongoing on the Fedora Devel mailing list. If any Slashdot readers have good advice to add to the discussion, it would be most useful to respond to the ongoing thread there." A full presentation on the plan will be given at the Flock conference next month, and draft slides have been uploaded. A few more details about the discussion are below the fold.
sciencehabit writes "The next time your dog digs a hole in the backyard after watching you garden, don't punish him. He's just imitating you. A new study reveals that our canine pals are capable of copying our behavior as long as 10 minutes after it's happened. The ability is considered mentally demanding and, until this discovery, something that only humans and apes were known to do."
jfruh writes "Stratasys, one of the world's biggest 3D printer manufacturers, routinely uses 3D-printed objects as displays for its booths at trade shows. The problem: It's been using objects designed by popular designer Asher Nahmias, whose creations are licensed under a noncommercial Creative Commons license — and he says Stratasys's use violates the licensing terms. This is just one example of how the nascent 3D printing industry is having to grapple with the IP implications of creating physical objects out of downloadable designs. Another important problem: IP law distinguishes between purely decorative and useful objects, but how should the digital files that provide a design for those objects be treated?" The models are copyrighted and licensed NC, but what about the resulting object? Precedent seems to imply that the resulting object cannot be controlled (e.g. the output of a GPLed program is not GPLed, so why should executing a program on a 3D printer be any different?).