ranjix - Slashdot User

Submission + - NSA data center front and center in debate over liberty, security and privacy (foxnews.com)

Submitted by chamilto0516 on Sunday April 14, 2013 @08:21AM

chamilto0516 writes: Twenty-five miles due south of Salt Lake City, a massive construction project is nearing completion. The heavily secured site belongs to the National Security Agency.
"The spy center" — that's what some of the locals like Jasmine Widmer, who works at Bluffdale's sandwich shop, told our Fox News team as part of an eight month investigation into data collection and privacy rights that will be broadcast Sunday at 9 p.m. ET called "Fox News Reporting: Your Secrets Out.”
The NSA says the Utah Data Center is a facility for the intelligence community that will have a major focus on cyber security. The agency will neither confirm nor deny specifics. Some published reports suggest it could hold 5 zettabytes of data. (Just one zettabyte is the equivalent of about 62 billion stacked iPhones 5's-- that stretches past the moon.

Submission + - What happens to your digital inheritance?

Submitted by ron-l-j on Sunday April 14, 2013 @05:44AM

ron-l-j writes: The last few months a digital inheritance idea has been floating around in my head, and I am sure the thought has crossed your mind as well.With Google talking about the inactive account program it made me wonder, will my children get my iTunes, and amazon movies? I have plenty of mp4 movies on my server that will just set itself to admin with no password after I do not log in within a 6 month time frame.

But what about the millions of dollars spent on digital content?
We all know your favorite DVD will become scratched, and will be worthless after a few years. But the possibility of your purchases lasting a long time is more relevant today with more reliable storage. Will it be the case of my boring 2D movies being laughed at by my kids and their 3D holographic displays? I do have a collection of written material, photos, home video, and a database I would like my descendants to have access to.

I can see the lawyers now grabbing for a fee, and the government digging in to tax your digital life in an inheritance tax.

Submission + - Corruption Allegations Rock Australia's CSIRO (theage.com.au)

Submitted by Anonymous Coward on Sunday April 14, 2013 @03:46AM

An anonymous reader writes: Australia's premiere government research organisation the CSIRO has been rocked by allegations of corruption including fraud against drug giant Novartis, dishonesty with 60 top-class scientists bullied or fired, illegally using intellectual property, faking documents and unreliable testimony to judicial officers, but CSIRO Boss Megan Clark has refused to discipline the staff responsible and the federal police don't want to get involved. Victims are unimpressed and former CSIRO scientists are calling for an inquiry.

Submission + - Aurora Borealis likely to be visible in southern NY and PA tonight

Submitted by chromaexcursion on Saturday April 13, 2013 @06:53PM

chromaexcursion writes: Several news source are reporting the likelihood of an impressive show of the Aurora Borealis visible as far south as even Washington DC this evening. NPR and AccuWeather http://www.accuweather.com/en/weather-news/dazzling-northern-lights-antic-1/10107004 both have the story. Check the map, if you're in a fair to good zone head out after sunset to see the show.

Submission + - Popular Wordpress Plug-in Caught Spamming Is Put On Double-Secret Probation (securityledger.com)

Submitted by chicksdaddy on Saturday April 13, 2013 @03:58PM

chicksdaddy writes: Social Media Widget, a free plug-in for the WordPress blogging platform with more than a million downloads, was restored WordPress's official plugin directory on Thursday, days after it was found injecting WordPress websites with spam links to web sites offering Pay Day Loans.

In a post on a support forum for Social Media Widget (SMW), Samuel Wood, a WordPress administrator, said that WordPress was willing to give SMW and its owner a second chance after he claimed to have been the victim of a contract developer gone rogue.

“Naturally we do take a very hard line on spam, and obviously an author putting malicious code into a plugin is enough grounds for us to bring down the ban hammer,” Wood wrote on Friday. “But there are natural circumstances where an author may not be at fault.”

Social Media Widget (SMW) appears to be such a case. It is one of the 20 most popular WordPress add-ons and allows WordPress web site operators to include links to their other social media accounts. In an e-mail interview with The Security Ledger and in comments on the SMW support forum, Brendan Sheehan, the owner of SMW and co-founder of the online marketing firm Media Compass, said that changes that inserted links to Pay Day Loan scam sites were “a mistake that we will not let happen again.”

“We trusted the wrong people with our plugin code and take full responsibility. We are a marketing company at heart and are not actually developers, so in order to provide major updates and improvements, we had to seek outside help. Some of these people deceived us and abused our trust and naivety...We will not make this mistake again.”

Wood said the folks at Wordpress decided to accept that story — but that they're watching SMW closely. "Basically, the current maintainer is not a professional programmer, and put his trust in the wrong freelancers to do the coding work for him...We’ll be watching the plugin for changes,” he said. “The plugin is back up for now, and as long as it stays clean, it’s fine.”"

Submission + - Scientists Are Cracking the Primordial Soup Mystery (vice.com) 1

Submitted by derekmead on Saturday April 13, 2013 @01:13PM

derekmead writes: Scientists have had a basic understanding of how life first popped up on Earth for a while. The so-called "primordial soup" was sitting around, stagnant but containing the basic building blocks of life. Then magic happened and we ended up with life. It's that "magic" that has been the sticking point for scientists, but new research from a team of scientists at the University of Leeds has started to shed light on the mystery, explaining just how objects from space might have kindled the reaction that sparked life on Earth.

It's generally accepted that space rocks played an important role in life's genesis on Earth. Meteorites bombarding the planet early in its history delivered some of the necessary materials for life but none brought life as we know it. How inanimate rocks transformed into the building blocks of life has been a mystery.

But this latest research suggests an answer. If meteorites containing phosphorus landed in the hot, acidic pools that surrounded young volcanoes on the early Earth, there could have been a reaction that produced a chemical similar one that's found in all living cells and is vital in producing the energy that makes something alive.

Submission + - The new digital divide: Mobile-friendly jobs vs. being confined to the office (citeworld.com)

Submitted by rjupstate on Friday April 12, 2013 @04:52PM

rjupstate writes: For all the press around BYOD programs and working remotely, many jobs aren't a match for either trend. Understanding that and what you value in the workplace can be a key asset in your career plan or job search.

Submission + - Google Fiber: Why Traditional ISPs Are Officially On Notice (hothardware.com)

Submitted by MojoKid on Friday April 12, 2013 @04:45PM

MojoKid writes: A few years ago, when Google was determining which city to launch its pilot Google Fiber program, cities all over the country went all-out trying to persuade the search giant to bring all that fantastical bandwidth to their neck of the woods. And with good reason: Google Fiber offers gigabit Internet speeds and even TV service, all at prices that meet or beat the competition. In fact, the lowest tier of Google Fiber service (5Mbps down, 1Mbps up) is free, once users pay a $300 construction fee. If ISPs were concerned before, they should really start sweating it now. Although Google Fiber looked like it would whip traditional ISPs in every regard, with Time Warner Cable cutting prices and boosting speeds for users in Kansas City in a desperate attempt to keep them, surely other ISPs were hoping the pilot program would flame out. Now that Austin is happening, it’s clear that it’s only a matter of time before Google rolls out its service in many more cities. Further, this jump from legacy Internet speeds to gigabit-class service is not just about people wanting to download movies faster; it’s a sea change in what the Internet is really capable of.

Submission + - How can I talk to IOS with my embedded USB design?

Submitted by Anonymous Coward on Friday April 12, 2013 @04:21PM

An anonymous reader writes: This is an Ask Slashdot topic.

We have developed a portable battery powered device that uses USB for configuration, telemetry, and support. We have a companion pc utility that works fine but our marketing brethren would prefer an ios solution.

The technical challenges include the electrical interface and software. How have slashdotters solved these challenges? (Besides Android...)

Thanks in advance!

Submission + - Brute Force Attacks Against WordPress And Joomla Sites Have Tripled

Submitted by Anonymous Coward on Friday April 12, 2013 @03:59PM

An anonymous reader writes: Hosting providers around the world are seeing a massive increase in brute force attacks against WordPress and Joomla sites. Attackers are looking to gain access to and compromise accounts, but failing that, they are slowing down their targets or even rendering them unavailable as they exhaust the sites' resources.

Melbourne Server Hosting is reporting that it has seen signs over the past 48 hours of increased attempts, while Immotion Hosting has noted they are coming from a large amount of IP addresses spread across the world. This would suggest the attackers are using a botnet to break in; HostGator has said at least 90,000 computers are involved while CloudFlare has noted it "more than tens of thousands of unique IP addresses" are being used.

Submission + - Wordpress sites under wide-scale brute force attack (siliconrepublic.com)

Submitted by NitzJaaron on Friday April 12, 2013 @03:01PM

NitzJaaron writes: Some of us have been experiencing these attacks for the last few days, but it's now beginning to be widely reported that there's a fairly large brute force attack happening on Wordpress users on multiple hosts, including HostGator and LiquidWeb. CloudFlare has announced that they're giving all users (free and paid) protection from said attacks with their services.

Submission + - Solar electric spacecraft propulsion could get NASA to an asteroid, beyond (networkworld.com)

Submitted by coondoggie on Friday April 12, 2013 @01:57PM

coondoggie writes: In the process of detailing its $17.7 billion 2014 budget this week, NASA highlighted a mission to snag a 500 ton asteroid, bring it back, stash it near the moon and study it. It also took the time to put in a plug for an ongoing research project it has gong called Solar Electric Propulsion (SEP) that NASA says could be the key technology it needs to pull off the asteroid plan.

Submission + - Hackers Aren't Going to Hijack Planes with a Smartphone (vice.com)

Submitted by derekmead on Friday April 12, 2013 @01:53PM

derekmead writes: A talk given by a security consultant at the Hack In The Box conference in Amsterdam has been making waves for a couple days now, largely because it made bold claims: Hugo Teso, whos also a trained commercial pilot, said hed developed a way to hijack airplanes (as in take over their flight controls) by attacking the planes systems wirelessly using an Android app he developed.

Teso set up a framework to gain access to two aircraft systems that broadcast wirelessly: the Automatic Dependent Surveillance-Broadcast(ADS-B), which communicates flight, traffic, and weather data back and forth with air traffic controllers; and the Aircraft Communications Addressing and Reporting System (ACARS), which essentially sends standardized messages back and forth between pilots and the ground, in some cases automatically so that pilots dont have to spend their time sending in standard reports.

Now, its true that both systems are insecure, and it does have some worrisome implications–for one, perhaps someone could spoof a plane via the ADS-B to warn pilots of a mid-air collision, which would likely cause some chaos on the flight deck. Regardless, that airline systems so susceptible to attacks is certainly is certainly something that needs to be fixed. But the claim that a plane could be remotely controlled–which Teso did simulate in his talk, although the doom hype blame also lies with some media outlets–is pretty much false, for a number of reasons. For one, it's highly unlikely that a wireless attack could even access autopilot systems, which are physically isolated, and even then pilots would have no trouble taking over manual control.

Its unfortunate that the discussion has revolved around "Were all gonna die!" style headlines of hackers crashing planes with cell phones, because the exploits Teso demonstrated are worth examining on their own. Fooling around with ADS-B in particular seems like an area ripe for trouble. But no, turning a plane into a drone with a smartphone won't happen.

Submission + - Gigabyte's Brix mini PC could rival the Raspberry Pi (theinquirer.net)

Submitted by llebeel on Friday April 12, 2013 @12:39PM

llebeel writes: Gigabyte previewed a mini PC called Brix at a "tech tour" event in London last night, which could see the firm take on the Raspberry Pi.

Boasting what the firm claims is "the same power as a tower PC", the mini computer boasts a choice of Intel Celeron or Core processors as powerful as the Core i7 chip for "low to high power".

However, as yet specs are thin on the ground, but we do know it should launch in the UK within the next month or so..

Submission + - Ask Slashdot: Which PHP framework is quickest start and most HIPAA-compliant?

Submitted by edjubenville on Friday April 12, 2013 @12:27PM

edjubenville writes: I have been approached by a medical equipment delivery company to develop an online system to manage customer data, delivery schedules and inventory. I am a solo developer with some LAMP stack experience, but no experience with any particular PHP framework.
First question: Which PHP framework (e.g., CakePHP, CodeIgniter, Zend) would you recommend for a job like this if my focus is on showing them a bare bones prototype as soon as possible? There are implications of security related to HIPAA that I fully don't appreciate yet. The customer requirements are fuzzy because they are replacing an off-the-shelf system that was never a good fit for their business model. I anticipate needing to make a few iterations on the prototype, so I'd like to hit the ground running, and minimize the time per iteration.
Second question: How afraid should I be of liabilities under HIPAA? The database would hold patient contact information and identify medical supplies associated with those patients. I am wondering if a PHP application with conventional logins, session management, session timeouts and user access restrictions would be considered "best practice". Perhaps the liabilities wouldn't fall on me at all, but onto the client if this job is done as a work for hire.

Slashdot Top Deals