Do you develop on GitHub? You can keep using GitHub but automatically sync your GitHub releases to SourceForge quickly and easily with this tool so your projects have a backup location, and get your project in front of SourceForge's nearly 20 million monthly users. It takes less than a minute. Get new users downloading your project releases today!
Emmanuel Cecchet writes: Researchers of the BenchLab project at UMass Amherst have discovered a bug in the browser of the Samsung S3. If you browse a Web page that has multiple versions of the same image (for mobile, tablet, desktop, etc...) like most Wikipedia pages for example, instead of downloading one image at the right resolution, the phone will download all versions of it. A page that should be less than 100K becomes multiple MB! It looks like a bug in the implementation of the srcset HTML tag, but all the details are in the paper to be presented at the IWQoS conference next week. So far Samsung didn't acknowledge the problem though it seems to affect all S3 phones. You'd better have an unlimited data plan if you browse Wikipedia on an S3!
Lauren Weinstein writes: In one form or another — verbal, written, typed, semaphored, grunted, and more — passwords broadly defined have been part of our cultures pretty much since the dawn of humans at least. Whether an 18 character mixed-case password replete with unusual symbols, or the limb-twisting motions of a secret handshake, we've always needed means for authentication and identity verification, and we've long used the concept of a communicable "secret" of some kind to fill this need.
As we plow our way ever deeper into the 21st century, it is notable that most of our Internet and other computer-based systems still depend on the basic password motif for access control. And despite sometimes herculean efforts to keep password-based environments viable, it's all too clear that we're rapidly reaching the end of the road for this venerable mechanism.
That this was eventually inevitable has long been clear, but recent events seem to be piling up and pointing at a more rapid degeneration of password security than many observers had anticipated, and this is taking us quickly into the most complex realms of identity and privacy.
Myoozak writes: Augmented vision is definitely the future, in fact it's already here today in many way (Google Glass, smart phones that overlay data with video from the camera, etc.). Researchers at the University of Washington took this a step further by successfully integrating an RF-powered LED into a contact lens. Cool stuff, but my question to you slashdotters is this: Are contacts really a viable approach? I think there's some obvious problems with contacts that would be extremely difficult to surmount: 1. Rotation & drift of the lens 2. Out of 120 degrees of FOV, can only read text within 6 deg. So won't text always be in the way of what I'm looking at? 3. Moving eye to focus on text causes text to move as well. Maybe approaches like this are better? I'd like to hear your thoughts!
ASIC miners have been promised for months and only a few have ever actually shipped. butterflylabs has an unknown number of preorders dating back over a year.
Funksaw writes: It's Tax Day in America, and procrastinators are ruing the fact that lobbying by Intuit and H&R Block, among others, have prevented the U.S. from providing a pre-compiled tax return for them via the Web. Oh, if it wasn't for those meddling lobbyists! But what exactly would such a build entail? 124,892,051 taxpayers multiplied by 1165 different forms is one hell of a massive database. Maybe it's not a matter of political will,but of hard technical problems in big data.
tvlinux writes: The web is becoming more than just a media display, there is more interaction and more special things that need to be done. Right now jquery is the preferred method of very dynamic user interface. There is a W3 standard called XBL2.0. It is the macro language of the html. To me it seems like a great idea, Reusable HTML widgets where each one is a separate object contained with in it self. You can define properties, methods, events, each that is self contained. If the browsers supported XBL2, I can vision a whole ecosystem of new widgets, charts, grids and inputs that people could add to web pages just like any other HTML element. I see less experience developers be able to create fancy websites by just using DOM and not having to learn jquery. My question is WHY is XBL dead? I think a MACRO language for HTML is a good idea.
derekmead writes: A talk given by a security consultant at the Hack In The Box conference in Amsterdam has been making waves for a couple days now, largely because it made bold claims: Hugo Teso, whos also a trained commercial pilot, said hed developed a way to hijack airplanes (as in take over their flight controls) by attacking the planes systems wirelessly using an Android app he developed.
Teso set up a framework to gain access to two aircraft systems that broadcast wirelessly: the Automatic Dependent Surveillance-Broadcast(ADS-B), which communicates flight, traffic, and weather data back and forth with air traffic controllers; and the Aircraft Communications Addressing and Reporting System (ACARS), which essentially sends standardized messages back and forth between pilots and the ground, in some cases automatically so that pilots dont have to spend their time sending in standard reports.
Now, its true that both systems are insecure, and it does have some worrisome implications–for one, perhaps someone could spoof a plane via the ADS-B to warn pilots of a mid-air collision, which would likely cause some chaos on the flight deck. Regardless, that airline systems so susceptible to attacks is certainly is certainly something that needs to be fixed.
But the claim that a plane could be remotely controlled–which Teso did simulate in his talk, although the doom hype blame also lies with some media outlets–is pretty much false, for a number of reasons. For one, it's highly unlikely that a wireless attack could even access autopilot systems, which are physically isolated, and even then pilots would have no trouble taking over manual control.
Its unfortunate that the discussion has revolved around "Were all gonna die!" style headlines of hackers crashing planes with cell phones, because the exploits Teso demonstrated are worth examining on their own. Fooling around with ADS-B in particular seems like an area ripe for trouble. But no, turning a plane into a drone with a smartphone won't happen.
msm1267 writes: Microsoft announced last night that it has stopped pushing a security update originally released on Patch Tuesday because the fix is causing some PCs to blue screen. Microsoft recommends users uninstall the patch, which is also causing compatibility with some endpoint security software. MS13-036 was part of this week’s Patch Tuesday update. It addressed three vulnerabilities in the Windows Kernel-Mode Driver, which if exploited could allow an attacker to elevate their privileges on a compromised machine. Users began reporting issues earlier this week with some systems failing to recover from restarts, or applications failing to load, after the patch was installed.
nk497 writes: The latest PC sales stats don't make for positive reading — especially for Microsoft, with Windows 8 taking much of the blame for struggling desktop and laptop sales. But can a single OS really be blamed for taking out an entire market. Analysts suggests it's much more complicated than that: a new version of Windows doesn't actually boost the market, but the confusion around the Metro screen and a lack of affordable touch devices hasn't helped — nor has competition from tablets. While Windows 8 must accept some of the blame for the continuing PC slump, but even if it was a barnstorming OS, would it have made a difference? "Let’s face it," said one analyst. "PCs had their run, and it lasted close to 20 years... Interest among consumers is shifting to other types of device."
hypnosec writes: The UK Government will be examining whether free to download apps are putting unfair pressure on kids to pay up for additional content within the game through in-app purchases. Office of Fair Trading (OFT), UK, will be carrying out the investigation of games that include ‘commercially aggressive’ in-app purchases after a number of cases have been reported whereby parents have incurred huge bills after their kids have spent huge amounts on in-app purchases.
