Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×

Comment Re:Is this Google's fault? (Score 0) 434

by countSudoku() (#49625291) Attached to: Google Can't Ignore the Android Update Problem Any Longer

Thank you, good ser! You and the other "earliest adopters" are my heroes who barge into the latest releases and expose all the ugliness at your own sanity's expense! Thank you!^3

I think we can all glean from the mini-article that this is a problem with the many manufacturers out there just sitting on their last OS release/update like that's all they'll ever need to do... And it's so easy to pick on Android, Apple does all their own hardware so natch' there is going to be tight integration with their in-house OS, guy.

Also, there is no easy porting tool for Android/iOS apps to compile into WinX, er I mean Win10. What the HELL am I smoking?! They are just making the various native languages available to their OS API. There is NO magic tool to port the mobile OS apps to WinX. You'll be doing this by hand, good luck with your new friend DirectX or whichever graphics libs they offer now, as I will be doing with the counting of how many "ports" get ported to WinX10, bros! That's zero so far.

Submission + - Astronaut drink the first home-brewed coffee in space

Submitted by schwit1
schwit1 writes: In addition to drinking the first home-brewed coffee in space, the astronauts also used a 3-D printed mug, though the printing took place not in space but on Earth.

Italian astronaut Samantha Cristoforetti, dressed in a "Star Trek" captain's uniform, became the first person in space to sip from a freshly-made cup of coffee on Sunday (May 3), using the International Space Station's newly-installed espresso machine.

Submission + - Uber? It's not in Kansas anymore (cnn.com)

Submitted by mpicpp
mpicpp writes: Need a cab in Kansas? You'll have to hail one the old-fashioned way. Uber isn't in Kansas anymore.

It stopped operations there Tuesday after the state legislature approved a new law the company says makes it "impossible" to keep operating.

Kansas legislators voted to override Gov. Sam Brownback's veto of new, stricter regulations on companies like Uber, that allow people to hail a ride with an app on their smartphone.

The governor said the new rules are "premature."
"To over-regulate or improperly regulate an emerging industry before the marketplace actors make proper arrangements is to invite more, problems, not less," he said in April, when he vetoed the legislation.

Uber first launched in Kansas about a year ago.
The company was actually on board with the original draft of the new rules. It required Uber to disclose certain information to customers, including how fares are calculated and the driver's license plate number before they get in the car. Uber already does those things in its app.

But, the final bill also requires Uber drivers to carry a level of insurance that the company said is not required in any other state.

Submission + - Wells Fargo charged with opening accounts without customers' permission (cnn.com)

Submitted by mpicpp
mpicpp writes: Wells Fargo is accused of opening up accounts and credit cards in customers' names without their authorization.

The accounts are being opened by Wells Fargo employees under pressure to meet unrealistic sales goals and quotas, according to the civil complaint filed by the Los Angeles City Attorney.

The complaint charges that bank employees opened new accounts for existing customers without their authorization, in order to meet sales quotas. The employees also allegedly transferred money from customers' authorized accounts to pay fees on the unauthorized accounts.

When fees on unauthorized accounts went unpaid, some customers were placed into collection. Others had negative information placed on their credit reports as a result.

The complaint, filed in California Superior Court on Monday, seeks a $2,500 fine for every unauthorized account, and seeks to have all of the money taken from customers returned. It did not estimate how much those penalties could cost the bank.

Wells Fargo said it would "vigorously defend" itself from the suit. But the statement it issued did not deny or even address whether its employees opened unauthorized accounts as charged.

Submission + - The Ambitions And Challenges Of Mesh Networks and The Local Internet Movement (fastcompany.com)

Submitted by Lashdots
Lashdots writes: Recently, a pair of artists in New York put forward an unusual plan for teaching middle school students about the Internet: specifically, by teaching them how to get off it and build their own. With a private social network and a wireless "darknet," OurNet is part of a growing movement that aims to consider and build alternative digital networks. Using affordable, off-the-shelf hardware and open-source software, communities around the world are assembling small, independent, nonprofit wireless mesh networks... And yet, while the decentralized, ad hoc network architecture appeals philosophically to tech-savvy users fed up with monopolistic ISPs, nobody’s found a way to make mesh networks work easily and efficiently enough to replace many home Internet connections. Meanwhile, in spite of the challenges, hackers and artists have located a broader educational and philosophical element to these projects. Says Dan Phiffer, an artist and programmer: "We kind of realize that none of these systems that we use are inevitable."

Submission + - Cyberlock lawyers threaten security researcher over vulnerability disclosure

Submitted by qubezz
qubezz writes: Security researcher Phar (Mike Davis/IOActive) gave his 30 days of disclosure notice to Cyberlock (apparently a company that makes electronic lock cylinders) that he would release a public advisory on vulnerabilities he found with the company's security devices. On day 29, their lawyers responded with a request to refrain, feigning ignorance of the previous notice, and invoking mention of the DMCA (this is not actually a DMCA takedown notice, as the law firm is attempting to suppress initial disclosure through legal wrangling). Mike's blog states:


The previous DMCA threats are from a company called Cyberlock, I had planned to do a fun little blog post (cause i .. hate blog posts) on the fun of how I obtained one, extracted the firmware bypassing the code protection and figured out its "encryption" and did various other fun things a lock shouldn't do for what its marketed as.. But before I could write that post I needed to let them know what issues we have deemed weaknesses in their gear.. the below axe grinderery is the results.

What should researchers do when companies make baseless legal threats to maintain their security-through-obscurity?

Submission + - Google Can't Ignore The Android Update Problem Any Longer (tomshardware.com)

Submitted by Anonymous Coward
An anonymous reader writes: An editorial at Tom's Hardware makes the case that Google's Android fragmentation problem has gotten too big to ignore any longer. Android 5.0 Lollipop and its successor 5.1 have seen very low adoption rates — 9.0% and 0.7% respectively. Almost 40% of users are still on KitKat. 6% lag far behind on Gingerbread and Froyo. The article points out that even Microsoft is now making efforts to both streamline Windows upgrades and adapt Android (and iOS) apps to run on Windows. If Google doesn't adapt, "it risks having users (slowly but surely) switch to more secure platforms that do give them updates in a timely manner. And if users want those platforms, OEMs will have no choice but to switch to them too, leaving Google with less and less Android adoption." The author also says OEMs and carriers can no longer be trusted to handle operating system updates, because they've proven themselves quite incapable of doing so in a reasonable manner.

Submission + - Rombertik strikes! In 10 seconds, this computer will self-destruct (betanews.com)

Submitted by Mark Wilson
Mark Wilson writes: Viruses can be a serious problem and they take myriad forms. Viruses have become increasingly sophisticated over the years, particularly in the methods used to try to evade detection. Now Cisco's Talos security researchers have discovered the Rombertik which goes to extraordinary lengths to avoid analysis.

Researchers managed to reverse-engineer the virus and found "multiple layers of obfuscation and anti-analysis functionality". One sample was found to include code that would destroy the MBR of the host computer if analysis or debugging is attempted.

The effects of a Rombertik can be devastating. Left to its own devices, the malware will sit happily in the background gathering information about online activity, collecting user credentials and feed them back to a remote server. Writing on the Cisco blog, Ben Baker and Alex Chiu explain that while Rombertik's method of propagation — usually through emails and social networks — is nothing out of the ordinary, the way it operates is something from a different league.

Submission + - Why Was Linux The Kernel That Succeeded? (thevarguy.com) 2

Submitted by jones_supa
jones_supa writes: One of the most puzzling questions about the history of free and open source software is this: Why did Linux succeed so spectacularly, whereas similar attempts to build a free or open source, Unix-like operating system kernel met with considerably less success? Christopher Tozzi has rounded up some theories, focusing specifically on kernels, not complete operating systems. These theories take a detailed look at the decentralized development structure, pragmatic approach to things, and the rich developer community, all of which worked in favor of Linux.

Submission + - The challenge of getting a usable QWERTY keyboard onto a dime-sized screen (thestack.com)

Submitted by Anonymous Coward
An anonymous reader writes: Researchers from Spain and Germany are building on Carnegie Mellon's work to attempt to create workable text-input interfaces [http://personales.upv.es/luileito/web/docs/papers/tinyqwerty-chi2015-preprint.pdf] for wearables, smartwatches and a new breed of IoT devices too small to accomodate even the truncated soft keyboards familiar to phone users. In certain cases, the screen area in which the keyboard must be made usable is no bigger than a dime.

Submission + - Researcher: drug Infusion Pump is the 'least secure IP device' he's ever seen (securityledger.com)

Submitted by chicksdaddy
chicksdaddy writes: This is a bad month for the medical equipment maker Hospira. First, security researcher Billy Rios finds a raft of serious and remotely exploitable holes in the company's MedNet software, prompting a vulnerability alert from ICS CERT. Now, one month later, ICS CERT is again warning of a "10 out of 10" critical vulnerability, this time in Hospira's LifeCare PCA drug infusion pump.(https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3459)

The problem? According to this report by Security Ledger (https://securityledger.com/2015/05/researcher-drug-pump-the-least-secure-ip-device-ive-ever-seen/) the main problem was an almost total lack of security controls on the device. According to independent researcher Jeremy Williams, the PCA pump listens on Telnet port 23. Connecting to the device via Telnet, he was brought immediately to a root shell account that gave him total, administrator level access to the pump without authentication. “The only thing I needed to get in was an interest in the pump,” he said.

Richards found other examples of loose security on the PCA 3: a FTP server that could be accessed without authentication and an embedded web server that runs Common Gateway Interface (CGI). That could allow an attacker to tamper with the pump’s operation using fairly simple scripts.

Also: The PCA pump stores wireless keys used to connect to the local (medical device) wireless network in plain text on the device. That means anyone with physical access to the Pump (which has an ethernet port) could gain access to the local medical device network and other devices on it.
The problems prompted Richards to call the PCA 3 pump “the least secure IP enabled device” he has ever worked with. (http://hextechsecurity.com/?p=123)

Hospira did not responded to requests for comment prior to publication.

Submission + - Is It Worth Learning a Little-Known Programming Language? (dice.com)

Submitted by Nerval's Lobster
Nerval's Lobster writes: Ask a group of developers to rattle off the world’s most popular programming languages, and they’ll likely name the usual suspects: JavaScript, Java, Python, Ruby, C++, PHP, and so on. Ask which programming languages pay the best, and they’ll probably list the same ones, which makes sense. But what about the little-known languages and skill sets (Dice link) that don’t leap immediately to mind but nonetheless support some vital IT infrastructure (and sometimes, as a result, pay absurdly well)? is it worth learning a relatively obscure language or skill set, on the hope that you can score one of a handful of well-paying jobs that require it? The answer is a qualified yes—so long as the language or skill set in question is clearly on the rise. Go, Swift, Rust, Julia and CoffeeScript have all enjoyed rising popularity, for example, which increases the odds that they’ll remain relevant for at least the next few years. But a language without momentum behind it probably isn’t worth your time, unless you want to learn it simply for the pleasure of learning something new.

Comment Re:Comcast (Score 1) 140

by countSudoku() (#49616919) Attached to: Internet Customers Surpass Cable Subscribers At Comcast

Not to worry, fellow subscriber! I got them back real good; Comcrap was the only game in town for a while and I had to get some service from them. After the initial install was having some bandwidth issues they found that my cable run from their street-hole was not in a conduit and was just bare coax under my lawn. So they spent a couple of days and many hundreds of their dollars installing brand new conduit (right thru the lawn and a paved driveway), brand new coax, brand new demark boxen... then I canceled their service within the next billing cycle as the other monopoly was now available. Comcrap can go install F-type connectors on their genitals. Also, congrats to Comcrap on helping keep the USA near the middle of the world's Internet accessibility ratings. Dopes.

Submission + - Apple pushing music labels to kill free Spotify streaming before Beats relaunch (theverge.com)

Submitted by mpicpp
mpicpp writes: Aggressive tactics from the music giant have garnered scrutiny from the Department of Justice.

The Department of Justice is looking closely into Apple’s business practices in relation to its upcoming music streaming service, according to multiple sources. The Verge has learned that Apple has been pushing major music labels to force streaming services like Spotify to abandon their free tiers, which will dramatically reduce the competition for Apple’s upcoming offering. DOJ officials have already interviewed high-ranking music industry executives about Apple’s business habits.

Apple has been using its considerable power in the music industry to stop the music labels from renewing Spotify’s license to stream music through its free tier. Spotify currently has 60 million listeners, but only 15 million of them are paid users. Getting the music labels to kill the freemium tiers from Spotify and others could put Apple in prime position to grab a large swath of new users when it launches its own streaming service, which is widely expected to feature a considerable amount of exclusive content. "All the way up to Tim Cook, these guys are cutthroat," one music industry source said.

Slashdot Top Deals

If all else fails, lower your standards.

Close