sciencehabit writes The U.S. Senate's simmering debate over climate science has come to a full boil today, as lawmakers prepare to vote on measures offered by Democrats that affirm that climate change is real—with one also noting that global warming is not "a hoax." In an effort to highlight their differences with some Republicans on climate policy, several Democrats have filed largely symbolic amendments to a bill that would approve the Keystone XL pipeline. They are designed to put senators on the record on whether climate change is real and human-caused.

jones_supa writes A lot of development work is happening on systemd with just the recent couple of weeks seeing over 200 commits. With the most recent work that has landed, the networkd component has been improved with new features. Among the additions are IP forwarding and masquerading support (patch). This is the minimal support needed and these settings get turned on by default for container network interfaces. Also added was minimal firewall manipulation helpers for systemd's networkd. The firewall manipulation helpers (patch) are used for establishing NAT rules. This support in systemd is provided by libiptc, the library used for communicating with the Linux kernel's Netfilter and changing iptables firewall rulesets. Those wishing to follow systemd development on a daily basis and see what is actually happening under the hood, can keep tabs via the systemd Git viewer.

An anonymous reader writes The Finnish bank OP Pohjola Group has been a target of a dedicated DDoS attack for days. The attack, which investigators said was launched from both Finland and abroad, began on New Year's Eve. OP was forced to open a helpline for customers unable to confirm payments or transfer money because of jammed systems. On Saturday the firm said it would compensate people for any losses or late payment fees incurred as a result of attack. On Sunday morning the bank tweeted that its services were operating normally and even customers based outside Finland were able to access their accounts — and that it was still monitoring traffic carefully to try and ward off any renewed strikes. However, on Sunday afternoon further denial of service attacks took place delaying payments and preventing access to banking services for OP customers. A formal police complaint has been filed and OP says that KRP is looking into the case.

An anonymous reader writes A malfunction in electronic voting machines in Saline County, Kansas, left over 5,000 votes uncounted. That's roughly one-third of the votes cast. Counting those 5,207 votes didn't change any outcomes in this case however. “That’s a huge difference,” county Chairman Randy Duncan said when notified by the Journal of the error. “That’s scary. That makes me wonder about voting machines. Should we go back to paper ballots?”

Advocatus Diaboli writes The Regin malware, whose existence was first reported by the security firm Symantec on Sunday, is among the most sophisticated ever discovered by researchers. Symantec compared Regin to Stuxnet, a state-sponsored malware program developed by the U.S. and Israel to sabotage computers at an Iranian nuclear facility. Sources familiar with internal investigations at Belgacom and the European Union have confirmed to The Intercept that the Regin malware was found on their systems after they were compromised, linking the spy tool to the secret GCHQ and NSA operations.

itwbennett writes The WordPress development team on Thursday released critical security updates that address an XSS vulnerability in the comment boxes of WordPress posts and pages. An attacker could exploit this flaw to create comments with malicious JavaScript code embedded in them that would get executed by the browsers of users seeing those comments. 'In the most obvious scenario the attacker leaves a comment containing the JavaScript and some links in order to put the comment in the moderation queue,' said Jouko Pynnonen, the security researcher who found the flaw.

mpicpp writes with news that Yahoo will soon become the default search engine in Firefox. Google's 10-year run as Firefox's default search engine is over. Yahoo wants more search traffic, and a deal with Mozilla will bring it. In a major departure for both Mozilla and Yahoo, Firefox's default search engine is switching from Google to Yahoo in the United States. "I'm thrilled to announce that we've entered into a five-year partnership with Mozilla to make Yahoo the default search experience on Firefox across mobile and desktop," Yahoo Chief Executive Marissa Mayer said in a blog post Wednesday. "This is the most significant partnership for Yahoo in five years." The change will come to Firefox users in the US in December, and later Yahoo will bring that new "clean, modern and immersive search experience" to all Yahoo search users. In another part of the deal, Yahoo will support the Do Not Track technology for Firefox users, meaning that it will respect users' preferences not to be tracked for advertising purposes. With millions of users who perform about 100 billion searches a year, Firefox is a major source of the search traffic that's Google's bread and butter. Some of those searches produce search ads, and Mozilla has been funded primarily from a portion of that revenue that Google shares. In 2012, the most recent year for which figures are available, that search revenue brought in the lion's share of Mozilla's $311 million in revenue.

An anonymous reader writes: The folks at the USPS have responded to the recent breach that exposed data on 800K employees and another some 2.8 million customers. They have suspended telecommuting for all employees until further notice while they replace their VPN with a more secure version. "Additionally, the postal service will upgrade some of its equipment and systems in the coming weeks and months as part of a broad security overhaul in response to the breach."

trazom28 writes to seek answers to a problem faced by many businesses (and, as in this case, schools): "We are looking for a solution to a single sign on to coordinate Active Directory and Google. You can sync the passwords easily enough with Google Apps Password Sync, but ideally we would like the students and staff to be able to sign in once and be done. Additionally, the Google login requires the @domain.k12.wi.us so it would have to take the AD username, pass it along and tack on the domain to log into Google.

Has anyone seen any solution for this that actually works, or is this the Holy Grail of all IT? Please hold off on any Google haters, that's a different discussion for a different forum.

alphadogg writes It's been a bit over a month since Microsoft shuttered its Microsoft Research lab in Silicon Valley as part of the company's broader restructuring that will include 18,000 layoffs. This week, Harry Shum, Microsoft EVP of Technology & Research, posted what he termed an "open letter to the academic research community" on the company's research blog. In the post, Shum is suitably contrite about the painful job cut decisions that were made in closing the lab, which opened in 2001. He also stresses that Microsoft will continue to invest in and value "fundamental research".

Florian Mueller is a blogger, software developer and former consultant who writes about software patents and copyright issues on his FOSSPatents blog. In 2004 he founded the NoSoftwarePatents campaign, and has written about Microsoft's multi-billion-dollar Android patent licensing business and Google's appeal of Oracle's Android-Java copyright case to the Supreme Court. Florian has agreed to give us some of his time in order to answer your questions. As usual, ask as many as you'd like, but please, one per post.

New submitter jchevali writes: The BBC reports that mobile phone use on European flights is soon to be allowed. This follows official safety agency findings that their use on the aircraft really poses no risk. Details on the implementation and the timeline for changes will depend on each individual airline.

An anonymous reader writes: Debian will switch back to using GNOME as the default desktop environment for the upcoming Debian 8.0 Jessie release, due out in 2015. The decision is based on accessibility and systemd integration, along with a host of other reasons. Debian switched away from GNOME back in 2012 .