Forgot your password?
typodupeerror

Please create an account to participate in the Slashdot moderation system

+ - 163 Airbnb Partners With Cities For Disaster Preparedness->

Submitted by Anonymous Coward
An anonymous reader writes "Every time a city- or state-wide disaster strikes, services to help the victims slowly crop up over the following days and weeks. Sometimes they work well, sometimes they don't. Today, city officials in San Francisco and Portland announced a partnership with peer-to-peer lodging service Airbnb to work out some disaster-preparedness plans ahead of time. Airbnb will locate hosts in these cities who will commit to providing a place to stay for people who are displaced in a disaster, and then set up alerts and notifications to help people find these hosts during a crisis. The idea is that if, say, an earthquake or wildfires for thousands of people to evacuate their homes, they can easily be absorbed into an organized group of willing hosts, rather than being shunted to one area and forced to live in a school gymnasium or similar."
Link to Original Source

+ - 155 Jackson: Tech Diversity is Next Civil Rights Step

Submitted by theodp
theodp (442580) writes "Having seen this movie before, U.S. civil rights leader Rev. Jesse Jackson called on the Obama administration Monday to scrutinize the tech industry's lack of diversity. "There's no talent shortage. There's an opportunity shortage," Jackson said, calling Silicon Valley "far worse" than many others, such as car makers that have been pressured by unions. He said tech behemoths have largely escaped scrutiny by a public dazzled with their cutting-edge gadgets. Jackson spoke after meeting with Labor Secretary Tom Perez to press for a review of H-1B visas, arguing that data show Americans have the skills and should have first access to high-paying tech work. Jackson's Rainbow Push Coalition plans to file a freedom-of-information request next month with the EEOC to acquire employment data for companies that have not yet disclosed it publicly, which includes Amazon, Broadcom, Oracle, Qualcomm and Yelp. Unlike the DOL, Jackson isn't buying Silicon Valley's argument that minority hiring statistics are trade secrets. Five years after Google's HR Chief would only reassure Congress the company had "a very strong internal Black Googler Network" and its CEO brushed off similar questions about its diversity numbers by saying "we're pretty happy with the way our recruiting work," Google — under pressure from Jackson — fessed up to having a tech workforce that's only 1% Black, apparently par for the course in Silicon Valley."

+ - 150 Hackers Plundered Israeli Defense Firms that Built 'Iron Dome' Missile Defense ->

Submitted by Anonymous Coward
An anonymous reader writes "Krebs gets information from Columbia, Md.-based threat intelligence firm Cyber Engineering Services Inc. that attackers thought to be operating out of China hacked into the corporate networks of three top Israeli defense technology companies. This happened in 2011-12."
Link to Original Source

+ - 152 Is running mission-critical servers without a firewall a "thing"?

Submitted by Anonymous Coward
An anonymous reader writes "I do some contract work on the side (as many folks do), and am helping a client set up a new point of sale system. For the time being, it's pretty simple: selling products, keeping track of employee time, managing inventory and the like. However, it requires a small network because there are two clients, and one of the clients feeds off of a small SQL Express database from the first. During the setup the vendor disabled the local firewall, and in a number of emails back and forth since (with me getting more and more aggravated) they went from suggesting that there's no NEED for a firewall, to outright telling me that's just how they do it and the contract dictates that's how we need to run it. This isn't a tremendous deal today, but with how things are going odds are there will be e-Commerce worked into it, and probably credit card transactions.. which worries the bejesus out of me.

So my question to the Slashdot masses: is this common? In my admittedly limited networking experience, it's been drilled into my head fairly well that not running a firewall is lazy (if not simply negligent), and to open the appropriate ports and call it a day. However, I've seen forum posts here and there with people admitting they run their clients without firewalls, believing that the firewall on their incoming internet connection is good enough, and that their client security will pick up the pieces. I'm curious how many real professionals do this, or if the forum posts I'm seeing (along with the vendor in question) are just a bunch of clowns."

+ - 211 Ford, GM Sued Over Vehicles' CD-R Ability To Rip Music To Hard Drive->

Submitted by Lucas123
Lucas123 (935744) writes "The Alliance of Artists and Recording Companies is suing Ford and General Motors for millions of dollars over alleged copyrights infringement violations because their vehicles' CD-Rs can rip music to infotainment center hard drives. The AARC claims in its filing that the CD-R's ability to copy music violates the Audio Home Recording Act of 1992. The Act protects against distributing digital audio recording devices whose primary purpose is to rip copyrighted material. For example, Ford's owner's manual explains, "Your mobile media navigation system has a Jukebox which allows you to save desired tracks or CDs to the hard drive for later access. The hard drive can store up to 10GB (164 hours; approximately 2,472 tracks) of music." The AARC wants $2,500 for each digital audio recording device installed in a vehicle, the amount it says should have been paid in royalties."
Link to Original Source

+ - 205 University of Michigan solar car wins fifth straight national title->

Submitted by Anonymous Coward
An anonymous reader writes "For the fifth consecutive year, the solar car team from the University of Michigan has won the American Solar Car Challenge. The event is an eight-day, 1,700-mile race with a total of 23 participating teams. The Umich victory comes in spite of a 20-30 minute delay when they had problems with the motor at the very beginning of the race. "They made the time up when team strategists decided to push the car to the speed limit while the sun was shining bright, rather than hold back to conserve energy." Footage of the race and daily updates on the car's performance are available from the team's website, as are the specs of the car itself. Notably, the current iteration of the car weighs only 320 pounds, a full 200 pounds lighter than the previous version."
Link to Original Source

+ - 159 Man-made 'breathing' leaf is an oxygen factory->

Submitted by gardas
gardas (2599959) writes "Royal College of Art graduate Julian Melchiorri has created the first man-made, biologically functional leaf that takes in carbon dioxide, water, and light and releases oxygen. The leaf consists of chloroplasts — the part of a plant cell where photosynthesis happens — suspended in body made of silk protein."
Link to Original Source

+ - 181 Old Apache Code at Root of Android FakeID Mess->

Submitted by chicksdaddy
chicksdaddy (814965) writes "The Security Ledger reports that a four year-old vulnerability in an open source component that is a critical part of Android mobile OS leaves hundreds of millions of mobile devices susceptible silent malware infections. (https://securityledger.com/2014/07/old-apache-code-at-root-of-android-fakeid-mess/)

The vulnerability was disclosed on Tuesday (http://bluebox.com/news/). It affects devices running Android versions 2.1 to 4.4 (“KitKat”), according to a statement released by Bluebox. According to Bluebox, the vulnerability was found in a package installer in affected versions of Android. The installer doesn't attempt to determine the authenticity of certificate chains that are used to vouch for new digital identity certificates. In short, Bluebox writes “an identity can claim to be issued by another identity, and the Android cryptographic code will not verify the claim.”

The security implications of this are vast. Malicious actors could create a malicious mobile application with a digital identity certificate that claims to be issued by Adobe Systems. Once installed, vulnerable versions of Android will treat the application as if it was actually signed by Adobe and give it access to local resources, like the special webview plugin privilege, that can be used to sidestep security controls and virtual ‘sandbox’ environments that keep malicious programs from accessing sensitive data and other applications running on the Android device.

In a scenario that is becoming all too common: the flaw appears to have been introduced to Android through an open source component — this time from Apache Harmony (http://harmony.apache.org/), an open source alternative to Oracle’s Java. Google turned to Harmony as an alternative means of supporting Java in the absence of a deal with Oracle to license Java directly.

Work on Harmony was discontinued in November, 2011. However, Google has continued using native Android libraries that are based on Harmony code. The vulnerability concerning certificate validation in the package installer module persisted even as the two codebases diverged."

Link to Original Source

+ - 166 Chinese government probes Microsoft over anti-monopoly issues

Submitted by DroidJason1
DroidJason1 (3589319) writes "The Chinese government is investigating Microsoft for possible breaches of anti-monopoly laws, following a series of surprise visits to Redmond's offices in cities across China on Monday. These surprise visits were part of China's ongoing investigation, and were based on security complaints about Microsoft’s Windows operating system and Office productivity suite. Results from an earlier inspection apparently were not enough to clear Microsoft of suspicion of anti-competitive behavior. Microsoft's alleged anti-monopoly behavior is a criminal matter, so if found guilty, the software giant could face steep fines as well as other sanctions."

+ - 218 35% of (American) Adults Have Debt "In Collections" 1

Submitted by meeotch
meeotch (524339) writes "According to a new study by the Urban Institute, 35% of U.S. adults with a credit history (91% of the adult population of the U.S.) have debt "in collections" — a status generally not acquired until payments are at least 180 days past due. Debt problems seem to be worse in the South, with states hovering in the 40%+ range, while the Northeast has it better, at less than 30%. The study's authors claim their findings actually underrepresent low-income consumers, because "adults without a credit file are more likely to be financially disadvantaged."

Oddly, only 5% of adults have debt 30-180 days past due. This latter fact is partially accounted for by the fact that a broader range of debt can enter "in collections" status than "past due" status (e.g. parking tickets)... But also perhaps demonstrates that as one falls far enough along the debt spiral, escape becomes impossible. Particularly in the case of high-interest debt such as credit cards — the issuers of which cluster in states such as South Dakota, following a 1978 Supreme Court ruling that found that states' usury laws did not apply to banks headquartered in other states.

Even taking into account the folks to lost a parking ticket under their passenger seat, 35% is a pretty shocking number. Anyone have other theories why this number is so much higher than the 5% of people who are just "late"? How about some napkin math on the debt spiral? (And unfortunately, cue the inevitable geek snobbery about how people in debt must be "idiots".)"

+ - 172 Six Ways Big Telecom Tries to Kill Community Broadband

Submitted by Jason Koebler
Jason Koebler (3528235) writes "Beyond merely staying out of each other's way in many big cities, ISPs have managed to throw up legal, logistical, and financial roadblocks at every turn to prevent municipally owned fiber networks from taking hold in many parts of the country.
The lobbying money is well-documented, but some of the other strategies, such as threatening to cut off business with companies who help build municipal fiber networks, are less known. Catharine Rice of the Coalition for Local Internet Choice, says there are at least six distinct tactics national telecom companies have perfected to do this."

+ - 166 Huge waves measured for first time in Arctic Ocean->

Submitted by vinces99
vinces99 (2792707) writes "As the climate warms and sea ice retreats, the North is changing. An ice-covered expanse now has a season of increasingly open water that is predicted to extend across the whole Arctic Ocean before the middle of this century. Storms thus have the potential to create Arctic swell – huge waves that could add a new and unpredictable element to the region. A University of Washington researcher made the first study of waves in the middle of the Arctic Ocean and detected house-sized waves during a September 2012 storm. The results were recently published in Geophysical Research Letters.

“As the Arctic is melting, it’s a pretty simple prediction that the additional open water should make waves,” said lead author Jim Thomson, an oceanographer with the UW Applied Physics Laboratory. His data show that winds in mid-September 2012 created waves of 5 meters (16 feet) high during the peak of the storm. The research also traces the sources of those big waves: high winds, which have always howled through the Arctic, combined with the new reality of open water in summer."

Link to Original Source

+ - 155 Are you being tracked by your phone's wifi?

Submitted by toshikodo
toshikodo (2976757) writes "The authorities in the UK city of York are about to role out a system supplied by Purple Wifi that will, according to the BBC, track people as they move around the city using the mac address from the wifi pings received from their mobile phones. They claim that this tracking will be anonymous unless you sign up for their "free" wifi, but what if they have already obtained your mac address from some other source, say some hotel you stayed in two years ago? Will this really be anonymous, and is this something local government should ever be involved with?"

+ - 177 Which is better, Adblock or Adblock Plus?->

Submitted by Anonymous Coward
An anonymous reader writes "Wladimir Palant is the creator of the Adblock Plus browser extension, but he often gets asked how it compares to a similar extension for Chrome called Adblock. In the past, he's told people that they're achieve largely the same end in slightly different ways, but recent changes to the Adblock project have him worried. "AdBlock covertly moved from an open development model towards hiding changes from its users. Users were neither informed about that decision nor the reasons behind it." He goes through the changelog and highlights some changes that call into question the integrity of Adblock. For example, from an update on June 6th: "Calling home functionality has been extended. It now sends user’s locale in addition to the unique user ID, AdBlock version, operating system and whether Google Search ads are being allowed. Also, AdBlock will tell getadblock.com (or any other website if asked nicely) whether AdBlock has just been installed or has been used for a while — again, in addition to the unique user ID." Of course, Palant has skin in this game, and Adblock Plus has dealt with fallout from their "acceptable ads policy," but at least it's still developed in the open."
Link to Original Source

I'm all for computer dating, but I wouldn't want one to marry my sister.

Working...