mask.of.sanity writes "A researcher has found flaws in the way major Australian banks handle customer login credentials which could allow the details to be siphoned off by malware. He built proof of concept malware to pull unencrypted passwords, account numbers and access credentials from volatile memory of popular web browsers every two hours."
Please create an account to participate in the Slashdot moderation system
First time accepted submitter Emmanuel Cecchet writes "Researchers of the BenchLab project at UMass Amherst have discovered a bug in the browser of the Samsung S3. If you browse a Web page that has multiple versions of the same image (for mobile, tablet, desktop, etc...) like most Wikipedia pages for example, instead of downloading one image at the right resolution, the phone will download all versions of it. A page that should be less than 100K becomes multiple MB! It looks like a bug in the implementation of the srcset HTML tag, but all the details are in the paper to be presented at the IWQoS conference next week. So far Samsung didn't acknowledge the problem though it seems to affect all S3 phones. You'd better have an unlimited data plan if you browse Wikipedia on an S3!"
dsinc writes "The Transportation Security Administration announced it has finished removing from all airports the X-ray technology that produced graphic and controversial images of passengers passing through security screening checkpoints. The machines, which the TSA first deployed in 2008, provoked public outrage as the technology, better able than traditional X-rays to detect hidden contraband, also created images that appeared as if they were 'virtual nudes.' Critics called this an invasion of privacy and questioned whether the scanning devices truly lacked the ability to save the images, as the TSA claimed."
First time accepted submitter jay age writes "When TV makers started pushing 4K screens on unsuspecting public, that just recently upgraded to 1080p, many had doubted what value will they bring consumers. Fair thought — 1080p is, at screen sizes and viewing distances commonly found in homes, good enough. However, PC users such as me have looked at this development with great hope. TV screens must have something to do with market being littered with monitors having puny 1080p resolution. What if 4K TVs will push PC makers to offer 4K screens too, wouldn't that be great? Well, they are coming. ASUS has just announced one!" You could hook a computer up to one of the available 4K displays, but will generally be paying a lot more for the privilege; this one is "only" about $5,000, according to ExtremeTech.
Zothecula writes "Imagine if there was a voice in your head that regularly threatened to harm you or your loved ones, or that even ordered you to do so yourself. Awful as that would be, such auditory hallucinations are one of the most common symptoms of schizophrenia, with approximately one in four sufferers continuing to experience them even after taking anti-psychotic drugs. Fortunately, scientists have recently helped some schizophrenics gain control of their condition, by turning those voices into interactive avatars."
Presto Vivace writes "In a blog post, danps explains how the music industry initially thought that the Internet meant that people wanted their music for free. In 2003 Apple persuaded the industry to use an online music store with DRM. But DRM just does not work for consumers, so by 2011 online music stores were DRM-free. Sadly, the book industry has not learned these lessons. And there are larger lessons for the gadget industry: 'The tech industry right now is churning out lots of different devices, operating systems and form factors in an attempt to get the One True Gadget — the thing you'll take with you everywhere and use for everything. That's a lovely aspiration, but I don't see it happening. What I see instead is people wanting to only carry around one thing at a time, and rotating through several: Smart phone for everyday use, tablet for the beach, laptop for the road, etc. If you can't get the book you paid for on each of those devices, it's a pain. As a reader I want to be able to put a book on everything as soon as I buy it so I always have a local (non-Internet dependent) copy — no matter which thing I run out of the house with.'"
Rambo Tribble writes "As reported by the BBC, astronomers are hoping to reap a black-hole-hunting windfall when a giant gas cloud passes through an area within our galaxy thought to contain numerous small black holes (abstract). When the cloud interacts with the black holes, the resultant emission of X-rays should allow scientists to finally confirm their existence. 'The idea is that as the cloud speeds past these small black holes — some slightly more massive than our Sun but just a few tens of km across — gas will spiral around them faster and faster, heating up to millions of degrees and emitting X-ray light. It is a bit like allowing a giant sink to empty through thousands of tiny drains and looking for any evidence of swirling water.'"
thecarchik writes "In an exhaustive 6,500-word article on the financial website Seeking Alpha, analyst Nathan Weiss lays out a case that the latest Tesla Model S actually has higher effective emissions than most large SUVs of both the greenhouse gas carbon dioxide and smog-producing pollutants like sulfur dioxide. This is absolutely false. Virtually all electric car advocates agree that when toting up the environmental pros and cons of electric cars, it's only fair to include powerplant emissions. When this has been done previously, the numbers have still favored electric cars. The Union of Concerned Scientists, for example, concluded in a 2012 report (PDF), 'Electric vehicles charged on the power grid have lower global warming emissions than the average gasoline-based vehicle sold today.' Working through every one of Weiss' conclusions may show a higher emissions rate than Tesla's published numbers, but in no way does a Model S pollute the amounts even close to an SUV."
Trailrunner7 writes "Bug bounty programs have been a boon for both researchers and the vendors who sponsor them. From the researcher's perspective, having a lucrative outlet for the work they put in finding vulnerabilities is an obvious win. Many researchers do this work on their own time, outside of their day jobs and with no promise of financial reward. The willingness of vendors such as Google, Facebook, PayPal, Barracuda, Mozilla and others to pay significant amounts of money to researchers who report vulnerabilities to them privately has given researchers both an incentive to find more vulnerabilities and a motivation to not go the full disclosure route. This set of circumstances could be an opportunity for the federal government to step in and create its own separate bug reward program to take up the slack. Certain government agencies already are buying vulnerabilities and exploits for offensive operations. But the opportunity here is for an organization such as US-CERT, a unit of the Department of Homeland Security, to offer reasonably significant rewards for vulnerability information to be used for defensive purposes. There are a large number of software vendors who don't pay for vulnerabilities, and many of them produce applications that are critical to the operation of utilities, financial systems and government networks. DHS has a massive budget–a $39 billion request for fiscal 2014–and a tiny portion of that allocated to buy bugs from researchers could have a significant effect on the security of the nation's networks. Once the government buys the vulnerability information, it could then work with the affected vendors on fixes, mitigations and notifications for customers before details are released."
itwbennett writes "If you've ever worked on a team you can probably recall a time when, as a group, you produced work that was not as good as any one of you could have done on your own. Sarah Mei had this sort of sub-par teamwork experience, which she shared in her session at the O'Reilly Fluent Conference this week. Mei 'spoke about a time she worked on a team with really expert developers. Every one of them was someone whom you'd admire, who had previous written code that you and I would boast to have created. Yet, these smart people created modules that didn't talk to each other. And its quality was, to be kind, on the rotten side.' It's not an uncommon story, but why and how does it happen? The answer, says Mei, is that code quality 'is defined by its patterns of dependencies,' not all of which have equal weight. And, as it turns out, team communication is the heaviest dependency of all."
McGruber writes "The NY Times reports, 'New York City has spent $95 million over the past few years to bring its election process into the 21st century, replacing its hulking lever voting machines with electronic scanners. But now, less than three years after the new machines were deployed, election officials say the counting process with the machines is too cumbersome to use them for the mayoral primary this year, and then for the runoff that seems increasingly likely to follow as soon as two weeks later. In a last-ditch effort to avoid an electoral embarrassment, New York City is poised to go back in time: it is seeking to redeploy lever machines, a technology first developed in the 1890s, for use this September at polling places across the five boroughs. The city's fleet of lever machines was acquired in the 1960s and has been preserved in two warehouses in Brooklyn, shielded from dust by plastic covers."
An anonymous reader writes "Asteroid 1998 QE2 has an estimated diameter of 2.7 km. This asteroid will have a close approach with Earth at about 15.2 LD (Lunar Distances = ~384,000 kilometers) or 0.0392 AU (1 AU = ~150 million kilometers) at 2059 UT on 2013 May 31 and it will reach the peak magnitude ~10.8 on May 31 around 2300 UT." Radar images of the asteroid taken Wednesday show that 1998 QE2 has its own tiny moon, about 600 meters wide. Phil Plait explained how the images were taken, and what further information we gleaned from them. 'The very presence of the moon is a good thing. By measuring how long it takes to go around the primary, the mass of the primary can be found using math known for centuries (the more massive the big asteroid, the faster the moon will go around it at a given distance). We also know the size of the primary, so that means we can find its density, and therefore what it’s made of (probably mostly rock).'
phantomfive writes "Some countries are worried about the privacy implications of Google Maps, but Lithuania is using them to find tax cheats. 'After Google's car-borne cameras were driven through the Vilnius area last year, the tax men in this small Baltic nation got busy. They have spent months combing through footage looking for unreported taxable wealth. ... Two recent cases netted $130,000 in taxes and penalties after investigators found houses photographed by Google that weren't on official maps. ... "We were very impressed," said Modestas Kaseliauskas, head of the State Tax Authority. "We realized that we could do more with less and in shorter time."' The people of Lithuania don't seem to mind. 'Authorities have been aided by the local populace. "We received even more support than we expected," said Mr. Kaseliauskas.'"
An anonymous reader writes "CNet reports that a U.S. District Court Judge has rejected Google's attempt to fight 19 National Security Letters, which are used by the FBI to gather information on users without a warrant. Quoting: 'The litigation taking place behind closed doors in Illston's courtroom — a closed-to-the-public hearing was held on May 10 — could set new ground rules curbing the FBI's warrantless access to information that Internet and other companies hold on behalf of their users. The FBI issued 192,499 of the demands from 2003 to 2006, and 97 percent of NSLs include a mandatory gag order. It wasn't a complete win for the Justice Department, however: Illston all but invited Google to try again, stressing that the company has only raised broad arguments, not ones "specific to the 19 NSLs at issue." She also reserved judgment on two of the 19 NSLs, saying she wanted the government to "provide further information" prior to making a decision.' This does not affect the Electronic Frontier Foundation's challenge to the constitutionality of the letters in the Ninth Circuit Court of Appeals."
AvailableNickname writes "I am currently pursuing a bachelor's in CompSci and I just spent three hours working on a few differential equations for homework. It is very frustrating because I just don't grok advanced math. I can sort of understand a little bit, but I really don't grok anything beyond long division. But I love computers, and am very good at them. However, nobody in the workforce is even going to glance at my direction without a BSc. And to punish me for going into a field originally developed by mathematicians I need to learn all this crap. If I had understood what I was doing, maybe I wouldn't mind so much. But the double frustration of not understanding it and not understanding why the heck I need to do it is too much. So, how important is it?"