Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Submission + - Critical Git security vulnerability announced

Submitted by Anonymous Coward
An anonymous reader writes: Github has announced a security vulnerability and has encourage users to update their Git clients as soon as possible. The blog post reads in part: "A critical Git security vulnerability has been announced today, affecting all versions of the official Git client and all related software that interacts with Git repositories, including GitHub for Windows and GitHub for Mac. Because this is a client-side only vulnerability, github.com and GitHub Enterprise are not directly affected. The vulnerability concerns Git and Git-compatible clients that access Git repositories in a case-insensitive or case-normalizing filesystem. An attacker can craft a malicious Git tree that will cause Git to overwrite its own .git/config file when cloning or checking out a repository, leading to arbitrary command execution in the client machine. Git clients running on OS X (HFS+) or any version of Microsoft Windows (NTFS, FAT) are exploitable through this vulnerability. Linux clients are not affected if they run in a case-sensitive filesystem....Updated versions of GitHub for Windows and GitHub for Mac are available for immediate download, and both contain the security fix on the Desktop application itself and on the bundled version of the Git command-line client."

Submission + - Extracting Data from the Microsoft Data (jeffhuang.com)

Submitted by Anonymous Coward
An anonymous reader writes: The Microsoft Band introduced last month hosts a slew of amazing sensors, but like so many wearable computing devices, users are unable to access their own data. A Brown University professor decompiles the app, finds that the data is transmitted to the Microsoft "cloud", and explains how to intercept the traffic to retrieve the raw minute-by-minute data captured by the Band.

Submission + - Cause And Effect: How a Revolutionary New Statistical Test Can Tease Them Apart

Submitted by KentuckyFC
KentuckyFC writes: Statisticians have long thought it impossible to tell cause and effect apart using observational data. The problem is to take two sets of measurements that are correlated, say X and Y, and to find out if X caused Y or Y caused X. That's straightforward with a controlled experiment in which one variable can be held constant to see how this influences the other. Take for example, a correlation between wind speed and the rotation speed of a wind turbine. Observational data gives no clue about cause and effect but an experiment that holds the wind speed constant while measuring the speed of the turbine, and vice versa, would soon give an answer. But in the last couple of years, statisticians have developed a technique that can tease apart cause and effect from the observational data alone. It is based on the idea that any set of measurements always contain noise. However, the noise in the cause variable can influence the effect but not the other way round. So the noise in the effect dataset is always more complex than the noise in the cause dataset. The new statistical test, known as the additive noise model, is designed to find this asymmetry. Now statisticians have tested the model on 88 sets of cause-and-effect data, ranging from altitude and temperature measurements at German weather stations to the correlation between rent and apartment size in student accommodation.The results suggest that the additive noise model can tease apart cause and effect correctly in up to 80 per cent of the cases (provided there are no confounding factors or selection effects). That's a useful new trick in a statistician's armoury, particularly in areas of science where controlled experiments are expensive, unethical or practically impossible.

Submission + - After 40 Years As A Shoulder-Level Double Amputee, Man Gains Two Bionic Arms (hothardware.com)

Submitted by MojoKid
MojoKid writes: Les Baugh, a Colorado man who lost both arms in an electrical accident 40 years ago, is looking forward to being able to insert change into a soda machine and retrieving the beverage himself. But thanks to the wonders of science and technology — and Johns Hopkins University Applied Physics Laboratory (APL) — he'll regain some of those functions while making history as the first bilateral shoulder-level amputee to wear and simultaneously control two Modular Prosthetic Limbs (MPLs). "It's a relatively new surgical procedure that reassigns nerves that once controlled the arm and the hand," explained Johns Hopkins Trauma Surgeon Albert Chi, M.D. "By reassigning existing nerves, we can make it possible for people who have had upper-arm amputations to control their prosthetic devices by merely thinking about the action they want to perform."

Submission + - Will Ripple eclipse Bitcoin?

Submitted by groggy.android
groggy.android writes: This year's biggest news about Bitcoin may well turn out not to be the repeat of its surge in value last year against the dollar and other state currencies but its impending eclipse by another independent but corporate-backed digital currency. Popularly known as Ripple, XRP shot up in value last year along with other cryptocurrencies that took advantage of the hype around Bitcoin. However, among the top cryptocurrencies listed in Coinmarketcap.com, a site that monitors trading across different cryptocurrency exchanges, Ripple is the only one that not only regained its value after the collapse in the price of Bitcoin but has more than doubled from its peak last year. In September it displaced Litecoin to become the second most valuable cryptocurrency. Even more surpising, a Ripple fork, Stellar, is one of the two other cryptocurrencies in the Coinmarketcap top ten that have risen sharply in value during the last few weeks.

What makes Ripple different from Bitcoin? Strictly speaking, Ripple isn't the name of the digital currency but of the decentralized payment network and protocol created and maintained by the eponymous Ripple Labs. Users of the Ripple system are able to transact in both cryptocurrency and regular fiat currency like the dollar without passing through a central exchange. XRP is the name of the native unit of exchange used in the Ripple network to facilitate conversion between different currency types.

Submission + - Hackers Compromise ICANN, Access Zone File Data System 2

Submitted by Trailrunner7
Trailrunner7 writes: Unknown hackers were able to compromise vital systems belonging to ICANN, the organization that manages the global top-level domain system, and had access to the system that manages the files with data on resolving specific domain names.

The attack apparently took place in November and ICANN officials discovered it earlier this month. The intrusion started with a spear phishing campaign that targeted ICANN staffers and the email credentials of several staff members were compromised. The attackers then were able to gain access to the Centralized Zone Data System, the system that allows people to manage zone files. The zone files contain quite bit of valuable information, including domain names, the name server names associated with those domains and the IP addresses for the name servers.

ICANN officials said they are notifying any users whose zone data might have been compromised.

Comment Re:"Could", (Score 1) 401

by haruchai (#48600149) Attached to: The Shale Boom Won't Stop Climate Change; It Could Make It Worse

"No, funny guy, that's not, how it works. You put forth an argument, you put forth supporting citations. If you don't, the argument is baseless"

I don't think Slashdot qualifies as "peer-reviewed" even if there's always someone willing to disagree. And long experience shows that providing citations off the bat doesn't mean that they'll be read. If the other person is unfamiliar to me and won't even try to look for what I'm referencing, that has been a very reliable indicator of what I can expect in 15+ yrs of browsing /. It's not like you have to run out in a hurricane to the local library.

So bye, bye and happy holidays.

Comment Re:"Could", (Score 1) 401

by haruchai (#48596855) Attached to: The Shale Boom Won't Stop Climate Change; It Could Make It Worse

There are more than just scientists, partisans & deniers. I certainly can't claim to be a scientist but neither are nearly all of the most vehement deniers.
I've spent 20 years listening to the actual scientists on BOTH sides and have decided who to trust.
At some point, every rational person has to decide which side of the fence to come down on or forever have the post stuck up his ass.

It doesn't require every last uncertainty to be resolved with perfect accuracy and every measure I've personally taken to lower my carbon footprint has saved me money.

Comment Re:"Could", (Score 1) 401

by haruchai (#48595843) Attached to: The Shale Boom Won't Stop Climate Change; It Could Make It Worse

We need more permanent temperature monitoring stations, in the oceans & the poles, as much or more than we need better models.

If we can't accurately measure the real world changes, we won't know for certain how good or bad the models are.

The much-ballyhooed "pause / hiatus / slowdown" gave deniers something to crow about - so much so that none stopped to think why the melt rate of Arctic sea ice, Greenland, Antarctic ice shelves and the vast majority of the planets glaciers sped up enormously.
I would have thought that at least a few of them are aware of just how much heat is needed to melt ice - it's a LOT.

Better coverage of those regions would have exposed the illusion of the "slowdown".

Comment Re:"Could", (Score 1) 401

by haruchai (#48595425) Attached to: The Shale Boom Won't Stop Climate Change; It Could Make It Worse

That number is a lot closer to 1 than to zero.
Imperfect models aren't useless and I'd rather they hit a bit high than low when there are still forcings & feedbacks of uncertain magnitude.
By definition, all models are imperfect.

Given what he had to work with in the '80s , it's a wonder he got anywhere near the results he did.

Comment Re:"Could", (Score 1) 401

by haruchai (#48595153) Attached to: The Shale Boom Won't Stop Climate Change; It Could Make It Worse

See below for one analysis of Hansen's predictions vs real-world observations. The main issue is that the value he used for climate sensitivity was on the high side; adjusting that value downwards and making no other changes gives a pretty good agreement with observations.

http://www.skepticalscience.co...

There are other comparisons but this is the most layman-friendly yet thorough I've yet found.
Keep in mind that the polar regions, especially the Arctic, have been warming the quickest (one of Hansen's longstanding predictions) but are not well-represented in any dataset, especially the HadCRUT ones which is what your linked paper is using for their reconstructions, although HadCRUT4 is significantly better in this regard than HadCRUT3.

Comment Re:"Could", (Score 1) 401

by haruchai (#48594659) Attached to: The Shale Boom Won't Stop Climate Change; It Could Make It Worse

"depend heavily on one's belief in global warming" - when re-insurers are worried, the general public should sit up and pay attention.
If you think, global warming is a belief system, ask yourself when & why Rex Tillerson, CEO of oil giant ExxonMobil got religion.
He's firmly on the side of those who think that we can adapt or geoengineer out of the worst of it but that's a long way from the "belief" that's it's all some commie hoax.

Slashdot Top Deals

As far as the laws of mathematics refer to reality, they are not certain, and as far as they are certain, they do not refer to reality. -- Albert Einstein

Close