Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×

Submission + - SourceForge grabs GIMP for Windows' account, wraps installer in bundle-pushing (arstechnica.com) 1

Submitted by shanehiltonward
shanehiltonward writes: SourceForge, the code repository site owned by Slashdot Media, has apparently seized control of the account hosting GIMP for Windows on the service, according to e-mails and discussions amongst members of the GIMP community—locking out GIMP's lead Windows developer. And now anyone downloading the Windows version of the open source image editing tool from SourceForge gets the software wrapped in an installer replete with advertisements.

Update: In a blog post issued shortly after this story posted, an unidentified member of SourceForge's community team wrote that, in fact, "this project was actually abandoned over 18 months ago, and SourceForge has stepped-in to keep this project current." That runs counter to claims by members of the GIMP development community.

The GIMP project is not officially distributed through SourceForge—approved releases are only posted on the GIMP project's own Web page. But Jernej Simoni, the developer who has been responsible for building Windows versions of GIMP for some time, has maintained an account on SourceForge to act as a distribution mirror. That is, he had until today, when he discovered he was locked out of the Gimp-Win account, and the project's ownership "byline" had been changed to "sf-editor1"—a SourceForge staff account. Additionally, the site now provided Gimp in an executable installer that has in-installer advertising enabled. Ars tested the downloader and found that it offered during the installation to bundle Norton anti-virus and myPCBackup.com remote backup services with GIMP—before downloading the installer authored by Simoni (his name still appears on the installer's splash screen).

Submission + - SourceForge hijacks Win-Gimp, wraps installer in adware (arstechnica.com) 1

Submitted by slashdice
slashdice writes: Ars Technica (and, well, everybody other than slashdot) is reporting on the reprehensible behavior by SourceForge, Slashdot sister sister site. "SourceForge, the code repository site owned by Slashdot Media, has apparently seized control of the account hosting GIMP for Windows on the service, according to e-mails and discussions amongst members of the GIMP community—locking out GIMP's lead Windows developer. And now anyone downloading the Windows version of the open source image editing tool from SourceForge gets the software wrapped in an installer replete with advertisements."

Submission + - SourceForge MITM Projects (github.io) 2

Submitted by lister king of smeg
lister king of smeg writes: What happened?

SourceForge, once a trustworthy source code hosting site, started to place misleading ads (like fake download buttons) a few years ago. They are also bundling third-party adware/malware directly with their Windows installer.

Some project managers decided to leave SourceForge – partly because of this, partly just because there are better options today. SF staff hijacked some of these abandoned accounts, partly to bundle the crapware with their installers. It has become just another sleazy garbage site with downloads of fake antivirus programs and such.

How can I help?

If you agree that SourceForge is in fact distributing malicious software under the guise of open source projects, report them to google. Ideally this will help remove them from search results, prevent others from suffering their malware and provide them with incentive to change their behavior.

As this story has been submitted several times in the past several days, by various submitter and is going around various other tech forums( https://news.ycombinator.com/i... , https://soylentnews.org/articl... , https://www.reddit.com/r/progr... ,) this submitter wonders has our shared "glorious Dice Corporate overloads" been shooting this story down?

Submission + - Google Photos Launches With Unlimited Storage, Completely Separate From Google+ 1

Submitted by Anonymous Coward
An anonymous reader writes: At its I/O 2015 developer conference today, Google launched Google Photos for Android, iOS, and the Web. The new service is completely separate from Google+, something Google users have been requesting for eons. Google is declaring that Google Photos lets you backup and store “unlimited, high-quality photos and videos, for free.” All of Google’s various photo offerings had storage limits based on your Google account (Gmail, Google Drive, and Google+).

Submission + - UK Goes Full Orwell: Snooper's Charter, Encryption Backdoors, Speech Suppression (techdirt.com)

Submitted by Anonymous Coward
An anonymous reader writes: The old joke goes "George Orwell's 1984 was a warning, not a 'how to' manual." But that joke is increasingly less funny as the UK really seems to be doing everything it can to put in place Orwell's fictitious vision — just a few decades later. Right after the election a few weeks ago, we noted the government's plan to push forward with its "extremist disruption orders" (as had been promised). The basic idea is that if the government doesn't like what you're saying, it can define your statements as "extremist" and make them criminal. Prime Minister David Cameron did his best Orwell in flat out stating that the idea was to use these to go after people who were obeying the law and then arguing that the UK needed to suppress free speech... in the name of protecting free speech. Really.

Submission + - Journalist fools media into publishing chocolate weight loss story (io9.com)

Submitted by dinfinity
dinfinity writes: "“Slim by Chocolate!” the headlines blared. A team of German researchers had found that people on a low-carb diet lost weight 10 percent faster if they ate a chocolate bar every day. [...] It was discussed on television news shows. [...] My colleagues and I recruited actual human subjects in Germany. We ran an actual clinical trial, with subjects randomly assigned to different diet regimes. And the statistically significant benefits of chocolate that we reported are based on the actual data. It was, in fact, a fairly typical study for the field of diet research. Which is to say: It was terrible science. The results are meaningless, and the health claims that the media blasted out to millions of people around the world are utterly unfounded."

Submission + - The Tricky Road Ahead for Andriod Gets Even Trickier 1

Submitted by HughPickens.com
HughPickens.com writes: Farhad Manjoo writes in the NYT that with over one billion devices sold in 2014 Android is the most popular operating system in the world by far, but that doesn't mean it's a financial success for Google. Apple vacuumed up nearly 90 percent of the profits in the smartphone business which prompts a troubling question for Android and for Google: How will the search company — or anyone else, for that matter — ever make much money from Android. First the good news: The fact that Google does not charge for Android, and that few phone manufacturers are extracting much of a profit from Android devices, means that much of the globe now enjoys decent smartphones and online services for low prices. But while Google makes most of its revenue from advertising, Android has so far been an ad dud compared with Apple’s iOS, whose users tend to have more money and spend a lot more time on their phones (and are, thus, more valuable to advertisers). Because Google pays billions to Apple to make its search engine the default search provider for iOS devices, the company collects much more from ads placed on Apple devices than from ads on Android devices.

The final threat for Google’s Android may be the most pernicious: What if a significant number of the people who adopted Android as their first smartphone move on to something else as they become power users? In Apple’s last two earnings calls, Tim Cook reported that the "majority" of those who switched to iPhone had owned a smartphone running Android. Apple has not specified the rate of switching, but a survey found that 16 percent of people who bought the latest iPhones previously owned Android devices; in China, that rate was 29 percent. For Google, this may not be terrible news in the short run. If Google already makes more from ads on iOS than Android, growth in iOS might actually be good for Google’s bottom line. Still, in the long run, the rise of Android switching sets up a terrible path for Google — losing the high-end of the smartphone market to the iPhone, while the low end is under greater threat from noncooperative Android players like Cyanogen which has a chance to snag as many as 1 billion handsets. Android has always been a tricky strategy concludes Manjoo; now, after finding huge success, it seems only to be getting even trickier.

Submission + - Judge Classifies as Class Action An Email Scanning Lawsuit Against Yahoo (itworld.com)

Submitted by itwbennett
itwbennett writes: A lawsuit that alleges Yahoo’s email scanning practices are illegal can proceed as a class action complaint, a development that will shine the spotlight on the Yahoo Mail use of messages’ content for advertising purposes. Plaintiffs allege that emails sent to Yahoo Mail users by people who do not have Yahoo Mail accounts are scanned by Yahoo in violation of federal and California wiretapping laws.

Submission + - New Technique to Develop Single Molecule Diode

Submitted by William Robinson
William Robinson writes: Under the direction of Latha Venkataraman, associate professor of applied physics at Columbia Engineering, researchers have designed a new technique to create a single-molecule diode, that has rectification ratio as high as 250, and 'ON' current as high as 0.1 microamps. The idea of creating a single-molecule diode was suggested by Arieh Aviram and Mark Ratner who theorized in 1974, which has been the 'holy grail' of molecular electronics ever since its inception to achieve further miniaturization, because single molecule represent the limit of miniaturization.

Submission + - How to know if Iran breaks its word: Financial monitoring (thebulletin.org)

Submitted by Lasrick
Lasrick writes: This is a fascinating read from Aaron Arnold of the Project on Managing the Atom at Harvard's Kennedy School. Arnold points out that the Iran Nuclear Framework Agreement specifies not only that international inspectors will have access to all of Iran’s nuclear facilities, but will also gain access to Iran’s nuclear supply chain, in order to verify that components and materials are not diverted to a covert facility. 'To insure additional transparency, the preliminary framework calls for a dedicated procurement channel to approve the supply, sale, and transfer of certain nuclear-related and dual-use parts, technologies, and materials on a case-by-case basis.' Arnold points out that this is a tricky area, because Iran has shown extraordinary skill at getting around financial sanctions, and it's unclear what international body will monitor Iran's financial transactions. The article then details steps that could be taken to ensure that Iran's financial transactions are transparent and cannot be used to obtain dual-use materials, including the requirement that Iran join the international Financial Action Task Force. Great read..

Submission + - Insurer denies healthcare breach claim citing lack of minimum required practices (securityledger.com)

Submitted by chicksdaddy
chicksdaddy writes: In what may become a trend, an insurance company is denying a claim from a California healthcare provider following the leak of data on more than 32,000 patients. The insurer, Columbia Casualty, charges that Cottage Health System did an inadequate job of protecting patient data.

In a complaint filed in U.S. District Court in California, Columbia alleges that the breach occurred because Cottage and a third party vendor, INSYNC Computer Solution, Inc. failed to follow “minimum required practices,” as spelled out in the policy. Among other things, Cottage “stored medical records on a system that was fully accessible to the internet but failed to install encryption or take other security measures to protect patient information from becoming available to anyone who ‘surfed’ the Internet,” the complaint alleges.

Disputes like this may become more common, as insurers anxious to get into a cyber insurance market that's growing by about 40% annually use liberally written exclusions to hedge against 'known unknowns' like lax IT practices, pre-existing conditions (like compromises) and so on. (http://www.itworld.com/article/2839393/cyber-insurance-only-fools-rush-in.html)

Submission + - The Scientific Method and the Art of Troubleshooting

Submitted by HughPickens.com
HughPickens.com writes: Karl Popper came up with the idea in the 1930's that scientists should attempt to falsify their hypotheses rather than to verify them. The basic reasoning is that while you cannot prove a hypothesis to be true by finding a number of different confirming instances (though confirming instances do make you more confident in the truth), you can prove a hypothesis to be false by finding one valid counter-example. Now Orin Thomas writes at WindowsITPro that you’ve probably diagnosed hundreds, if not thousands, of technical problems in your career and Popper's insights can serve as a valuable guide to avoid a couple of hours chasing solutions that turn out to be an incorrect answer. According to Thomas when troubleshooting a technical problem many of us “race ahead” and use our intuition to reach a hypothesis as to a possible cause before we’ve had time to assess the available body of evidence. "When we use our intuition to solve a problem, we look for things that confirm the conclusion. If we find something that confirms that conclusion, we become even more certain of that conclusion. Most people also unconsciously ignore obvious data that would disprove their incorrect hypothesis because the first reaction to a conclusion reached at through intuition is to try and confirm it rather than refute it."

Thomas says that the idea behind using a falsificationist method is to treat your initial conclusions about a complex troubleshooting problem as untrustworthy and rather than look for something to confirm what you think might have happened, try to figure out what evidence would disprove that conclusion. "Trying to disprove your conclusions may not give you the correct answer right away, but at least you won’t spend a couple of hours chasing what turns out to be an incorrect answer."

Submission + - Amazon Germany pays 0.1% tax rate in 2014, funnels sales through low-tax haven (thestack.com)

Submitted by Anonymous Coward
An anonymous reader writes: E-retail giant Amazon.com’s German branch paid just 11.9 million euros (approx. $16 million) in tax last year, equivalent to a 0.1% tax rate considering the company reported $11.9 billion in gross sales in Germany in 2014. German corporate income tax stood at 29.58% last year which would mean Amazon Germany would have been expected to pay $3.5 billion in tax in 2014. Amazon.de is the group’s largest and most successful market outside of the U.S., according to its annual sales records. However following investigation it has been revealed that almost all of the company’s German sales and profits were reported from businesses in Luxembourg, a low-tax haven. Amazon said last week that it had implemented a number of changes across Europe, including in the United Kingdom, Germany, Spain and Italy from May 1st, in order to ensure that future sales would be managed in the countries themselves.

Submission + - How Employers Get Out of Paying Their Workers

Submitted by HughPickens.com
HughPickens.com writes: We love to talk about crime in America and usually the rhetoric is focused on the acts we can see: bank heists, stolen bicycles and cars, alleyway robberies. But Zachary Crockett writes at Pricenomics that wage theft one of the more widespread crimes in our country today — the non-payment of overtime hours, the failure to give workers a final check upon leaving a job, paying a worker less than minimum wage, or, most flagrantly, just flat out not paying a worker at all. Most commonly, wage theft comes in the form of overtime violations. In a 2008 study, the Center for Urban Economic Development surveyed 4,387 workers in low-wage industries and found that some 76% of full-time workers were not paid the legally required overtime rate by their employers and the average worker with a violation had put in 11 hours of overtime—hours that were either underpaid or not paid at all. Nearly a quarter of the workers in the sample came in early and/or stayed late after their shift during the previous work week. Of these workers, 70 percent did not receive any pay at all for the work they performed outside of their regular shift. In total, unfairly withheld wages in these three cities topped $3 billion. Generalizing this for the rest of the U.S.’s low-wage workforce (some 30 million people), researchers estimate that wage theft could be costing Americans upwards of $50 billion per year.

Last year, the Economic Policy Institute made what is, to date, the most ambitious attempt to quantify the extent of reported wage theft in the U.S.and determined that “the total amount of money recovered for the victims of wage theft who retained private lawyers or complained to federal or state agencies was at least $933 million.” Obviously, the nearly $1 billion collected is only the tip of the wage-theft iceberg, since most victims never sue and never complain to the government. Commissioner Su of California says wage theft has harmed not just low-wage workers. “My agency has found more wages being stolen from workers in California than any time in history,” says Su. “This has spread to multiple industries across many sectors. It’s affected not just minimum-wage workers, but also middle-class workers.”

Submission + - Researchers devise a system that looks secure (but is it easy to use?). (readwrite.com)

Submitted by Anonymous Coward
An anonymous reader writes: The article in readwrite says that a team of British and American researchers have developed a hacker resistant process for online voting (http://www.cs.bham.ac.uk/~mdr/research/papers/pdf/15-Du-Vote.pdf) called Du-Vote. It uses a credit card sized device that helps to divide the security sensitive tasks between your computer and the device in a way that neither your computer nor the device learns how you voted. If a hacker managed to control the computer and the Du-Vote token, he still can't change the votes without being detected.

Slashdot Top Deals

I'm always looking for a new idea that will be more productive than its cost. -- David Rockefeller

Close