Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Sony

Sony Hack Reveals MPAA's Big '$80 Million' Settlement With Hotfile Was a Lie 24

Posted by timothy
from the 4-80-whattsa-difference? dept.
An anonymous reader writes with this excerpt from Tech Dirt: For years, we've pointed out that the giant 'settlements' that the MPAA likes to announce with companies it declares illegal are little more than Hollywood-style fabrications. Cases are closed with big press releases throwing around huge settlement numbers, knowing full well that the sites in question don't have anywhere near that kind of money available. At the end of 2013, it got two of these, with IsoHunt agreeing to 'pay' $110 million and Hotfile agreeing to 'pay' $80 million. In both cases, we noted that there was no chance that those sums would ever get paid. And now, thanks to the Sony hack, we at least know the details of the Hotfile settlement. TorrentFreak has been combing through the emails and found that the Hotfile settlement was really just for $4 million, and the $80 million was just a bogus number agreed to for the sake of a press release that the MPAA could use to intimidate others.
Christmas Cheer

School Defied Google and US Government, Let Boys Program White House Xmas Trees 73

Posted by timothy
from the sexist-not-to-select-by-sex dept.
theodp writes This holiday season, Google and the National Parks partnered to let girls program the White House Christmas tree lights. While the initiative earned kudos in Fast Company's 9 Giant Leaps For Women In Science and Technology In 2014, it also prompted an act of civil disobedience of sorts from St. Augustine of Canterbury School, which decided Google and the U.S. government wouldn't determine which of their kids would be allowed to participate in the coding event. "We decided to open it up to all our students, both boys and girls so that they could be a part of such an historic event, and have it be the kickoff to our Hour of Code week," explained Debra Knox, a technology teacher at St. Augustine.
Security

Chaos Computer Club Claims It Can Reproduce Fingerprints From People's Photos 32

Posted by timothy
from the fonzie's-were-particularly-easy dept.
An anonymous reader writes Chaos Computer Club, Europe's largest association of hackers, claims it can reproduce your fingerprints from a couple of photos that show your fingers. At the 31st annual Chaos Computer Club convention in Hamburg, Germany, Jan Krissler, also known by his alias "Starbug," explained how he copied the thumbprint of German Defense Minister Ursula von der Leyen. Because these fingerprints can be used for biometric authentication, Starbug believes that after his talk, "politicians will presumably wear gloves when talking in public." Even better than gummi bears.
Government

Snowden Documents Show How Well NSA Codebreakers Can Pry 126

Posted by timothy
from the keeping-you-well-under-surveillance dept.
Der Spiegel has published today an excellent summary of what some of Edward Snowden's revelations show about the difficulty (or, generally, ease) with which the NSA and collaborating intelligence services can track, decrypt, and correlate different means of online communication. An interesting slice: The NSA and its allies routinely intercept [HTTPS] connections -- by the millions. According to an NSA document, the agency intended to crack 10 million intercepted https connections a day by late 2012. The intelligence services are particularly interested in the moment when a user types his or her password. By the end of 2012, the system was supposed to be able to "detect the presence of at least 100 password based encryption applications" in each instance some 20,000 times a month. For its part, Britain's GCHQ collects information about encryption using the TLS and SSL protocols -- the protocols https connections are encrypted with -- in a database called "FLYING PIG." The British spies produce weekly "trends reports" to catalog which services use the most SSL connections and save details about those connections. Sites like Facebook, Twitter, Hotmail, Yahoo and Apple's iCloud service top the charts, and the number of catalogued SSL connections for one week is in the many billions -- for the top 40 sites alone. ... The NSA also has a program with which it claims it can sometimes decrypt the Secure Shell protocol (SSH). This is typically used by systems administrators to log into employees' computers remotely, largely for use in the infrastructure of businesses, core Internet routers and other similarly important systems. The NSA combines the data collected in this manner with other information to leverage access to important systems of interest.
Mars

New Proposed Path for Manned Trips to Mars: Let Mars' Gravity Capture Spacecraft 49

Posted by timothy
from the very-sun-tzu dept.
As illustrated in this article at io9.com, the conventional method considered for launching a manned craft to Mars might make less sense, even if it takes less time, than a more complicated but more efficient means akin to a method that's been already been successfully used to minimize the amount of fuel used in exploring both within and beyond the solar system. Known as the "Hohmann Transfer" method, this type of maneuver is known to be effective. But it is also quite expensive and relies very heavily on timing. Hence why a new idea is being proposed which would involve sending the spacecraft out ahead of Mars' orbital path and then waiting for Mars to come on by and scoop it up. This is what is known as "Ballistic Capture", a new technique proposed by Professor Francesco Topputo of the Polytechnic Institute of Milan and Edward Belbruno, a visiting associated researcher at Princeton University and former member of NASA's Jet Propulsion Laboratory. In their research paper, which was published in arXiv Astrophysics in late October, they outlined the benefits of this method versus traditional ones. In addition to cutting fuel costs, ballistic capture would also provide some flexibility when it comes to launch windows.
Security

Ask Slashdot: Dealing With Companies With Poor SSL Practices? 78

Posted by timothy
from the stochastic-protection dept.
An anonymous reader writes Despite recent highly-publicized hacking incidents making the news, companies continue to practice poor cyber-security. I signed-up to buy something from [an online vendor] and upon completing signup through HTTPS, was sent my username and password in plain-text through e-mail. This company has done everything in its power to avoid being contacted for its poor technical practices, including using GoDaddy's Domains By Proxy to avoid having even WHOIS information for their webmaster's technical contact from being found. Given such egregious behavior, what do you do when you're left vulnerable by companies flagrantly violating good security practice?
Sony

Sony PlayStation Network Back Up Now, Supposedly 53

Posted by timothy
from the nothing's-perfect dept.
jfruh (300774) writes Sony's PlayStation Network, brought down in a Christmas Day hacking attack, now seems to be back online. Of course, Sony also said the same thing on Saturday, but outages and problems lingered. From the article: At around 1 a.m. U.S. Eastern Time on Sunday, Sony declared its online gaming platform fixed and, as it had done the day before, blamed the problems on a distributed denial of service (DDoS) attack. ... The company jumped the gun early Saturday when it trumpeted that the PlayStation Network was gradually getting back to normal, announcing the good news at around 4 a.m. via its Ask PlayStation Twitter account and triumphantly changing the PlayStation Network status to “online” in the support website a few hours later.
Security

Finn Linked To Lizard Squad Christmas Attack 43

Posted by timothy
from the little-griefers dept.
An anonymous reader writes Security researcher Mikko Hyppönen from F-Secure told the newspaper Helsingin Sanomat and Finland's MTV news that rumours have been circulating for several months about the Lizard Squad group of hackers who say they disrupted the two computer games console networks on Christmas Day. He confirmed that at least one of them is a Finn. One of the hackers, in a Skype interview from Finland by Britain's Sky News, said that the attack was carried out for amusement and to expose security flaws in the networks. Hyppönen told Helsingin Sanomat and MTV that his company has been aware of the hacker group for several months. 'According to our information, the group has members in the United States, Canada, England and at least one member in Finland,' he told MTV. The nationalities of other members that participated in the Christmas attack have not been confirmed. Hyppönen noted that these kinds of groups come and go, and that their members are usually young.
Businesses

Sony Accused of Pirating Music In "The Interview" 156

Posted by timothy
from the such-a-loaded-term dept.
the simurgh writes As the controversy surrounding Sony's handling of it's hack, the movie The Interview and it's aftermath continues, a singer is claiming that after failing to reach terms with Sony, the company put her music in the movie anyway. Yoon Mi-rae (real name Natasha Shanta Reid) is a US-born hip hop and R&B singer who currently releases music on the Feel Ghood Music label. she and her label claim that her track we learned that the track 'Pay Day' has been used without permission, legal procedure, or contracts.
Space

5,200 Days Aboard ISS, and the Surprising Reason the Mission Is Still Worthwhile 183

Posted by timothy
from the it's-only-tax-money dept.
HughPickens.com writes Spaceflight has faded from American consciousness even as our performance in space has reached a new level of accomplishment. In the past decade, America has become a truly, permanently spacefaring nation. All day, every day, half a dozen men and women, including two Americans, are living and working in orbit, and have been since November 2000. Charles Fishman has a long, detailed article about life aboard the ISS in The Atlantic that is well worth the read; you are sure to learn something you didn't already know about earth's permanent outpost in space. Some excerpts:

"Life in space is so complicated that a lot of logistics have to be off-loaded to the ground if astronauts are to actually do anything substantive. Just building the schedule for the astronauts in orbit on the U.S. side of the station requires a full-time team of 50 staffers.

Almost anyone you talk with about the value of the Space Station eventually starts talking about Mars. When they do, it's clear that we don't yet have a very grown-up space program. The folks we send to space still don't have any real autonomy, because no one was imagining having to "practice" autonomy when the station was designed and built. On a trip to Mars, the distances are so great that a single voice or email exchange would involve a 30-minute round-trip. That one change, among the thousand others that going to Mars would require, would alter the whole dynamic of life in space. The astronauts would have to handle things themselves.

That could be the real value of the Space Station—to shift NASA's human exploration program from entirely Earth-controlled to more astronaut-directed, more autonomous. This is not a high priority now; it would be inconvenient, inefficient. But the station's value could be magnified greatly were NASA to develop a real ethic, and a real plan, for letting the people on the mission assume more responsibility for shaping and controlling it. If we have any greater ambitions for human exploration in space, that's as important as the technical challenges. Problems of fitness and food supply are solvable. The real question is what autonomy for space travelers would look like—and how Houston can best support it. Autonomy will not only shape the psychology and planning of the mission; it will shape the design of the spacecraft itself."
Input Devices

Know Your Type: Five Mechanical Keyboards Compared 154

Posted by timothy
from the ok-but-nothing-beats-my-omnikey-or-model-ms dept.
MojoKid writes As a power user, you notice certain things that the average person might not. One of those is the difference between typing on a sweet mechanical keyboard with luxurious key action, versus pounding away on a run-of-the-mill squishy plank that relies on membrane switches to register your keystrokes. The difference may seem subtle to the uninitiated, though even casual typists can recognize that there's something inherently superior about a mechanical keyboard. Of course, it's the mechanical key switches that are responsible for elevating the typing experience. These are better than the rubber domes found in membrane keyboards in a number of ways, including feel, responsiveness, and durability. Mechanical keyboards are growing in popularity, as word is spreading about how good they are. In turn, keyboard manufacturers have responded by feeding more mechanical models into what was once a niche market. If you go out in search of a mechanical keyboard, you'll now find a mountain of options. This roundup further reinforced something we've known for a long time, which is that mechanical keyboards are the superior choice for both gaming and daily typing chores. That doesn't mean they're all created equal — there are different key switches to choose from, and features vary from one plank to the next. The choice of key switch type is highly subjective but we can say that Cherry MX key switches are indeed of higher quality than knock-offs like the Kailh switch. That's not to say Kailh switches are bad, just that you can discern a difference when going from one to the other.
Transportation

AirAsia Flight Goes Missing Between Indonesia and SIngapore 232

Posted by timothy
from the hard-loss dept.
iONiUM (530420) writes As reported by many news sources, yet another plane has lost contact during a trip. This comes on the heels of Malaysia Airlines Flight 370 which is still missing, and Malaysia Airlines Flight 17, which was shot down. From ABC's coverage: Sixteen children and one infant were among the passengers. At a press conference this morning, Indonesian officials said the plane was several hours past the time when its fuel would have been exhausted. The six-year-old aircraft was on the submitted flight plan but requested a deviation because of enroute weather before communication with the aircraft was lost. The plane was under the control of the Indonesian Air Traffic Control and had been in the air for about 42 minutes when contact was lost, AirAsia said.
Transportation

Drunk Drivers in California May Get Mandated Interlock Devices 285

Posted by timothy
from the as-punishments-go dept.
Convicted drunk drivers all over California may soon be required to install and pay for the use of ignition interlock devices, at a cost of $50-100 per month, plus installation. Says the article: "State Sen. Jerry Hill, D-San Mateo, wants to expand a program already in place in four California counties, including Alameda, and 24 other states. Under the proposed state law Hill will introduce Monday, anyone convicted of driving under the influence would be required to install an ignition interlock device in their car for six months on a first offense and a year on a second conviction." Though interlock devices could be fitted to check for other conditions as well, the usual case (as described on this Wikipedia page) is that they base the ability to operate a car on blood alcohol content. Already in California, interlock devices are mandatory for those re-arrested for DUI while "driving on a suspended license due to a DUI conviction."
Facebook

Facebook Apologizes For 'Year In Review' Photos 202

Posted by timothy
from the how-was-the-parade-otherwise? dept.
Facebook this year showed users a compilation of photos drawn from their own gallery of uploaded images, but the automatic nature of the collation and display of those photos inspired the need for an apology on Facebook's part to at least one reader who was upset by the compiled pictures. That may sound silly, but even innocent data-mashing can touch real nerves. "Eric Meyer, a web design consultant and writer, is one of those people. Earlier this year, he lost his daughter to brain cancer on her sixth birthday. For that reason, Meyer wrote in a blog post, he had actively avoided looking at previews of his own automatically generated summary post. But Facebook put a personalized prompt advertising the feature in his newsfeed, he wrote, prominently featuring the face of his dead daughter -- surrounded by what appears to be clip art figures having a party."
AMD

Phoronix Lauds AMD's Open Source Radeon Driver Progress For 2014 42

Posted by timothy
from the parity-looms dept.
Phoronix has taken an in-depth look at progress on AMD's open source Radeon driver, and declares 2014 to have been a good year. There are several pages with detailed benchmarks, but the upshot is overwhelmingly positive: Across the board there's huge performance improvements to find out of the open-source AMD Linux graphics driver when comparing the state at the end of 2013 to the current code at the end of this year. The performance improvements and new features presented (among them are OpenMAX / AMD video encode, UVD for older AMD GPUs, various new OpenGL extensions, continued work on OpenCL, power management improvements, and the start of open-source HSA) has been nothing short of incredible. Most of the new work benefits the Radeon HD 7000 series and newer (GCN) GPUs the most but these tests showed the Radeon HD 6000 series still improving too. ... Coming up before the end of the year will be a fresh comparison of these open-source Radeon driver results compared to the newest proprietary AMD Catalyst Linux graphics driver.

panic: can't find /

Working...