Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×

Submission + - Bug Bounties in the Crosshairs of Wassenaar Rules

Submitted by Trailrunner7
Trailrunner7 writes: Bug bounties have gone from novelty to necessity, not only for enterprises looking to take advantage of the skills of an organized pool of vulnerability hunters, but also for a slew of independent researchers who make a living contributing to various vendor and independent bounty and reward programs.

The proposed U.S. rules for the Wassenaar Arrangement pose a real challenge for all sides of that equation.

Under the rules, researchers who find a zero-day vulnerability and develop a PoC exploit triggering the issue, would have to apply for an export license in order to privately disclose their findings with the vendor in question. As a result, there will be occasions when a foreign researcher, for example, would have to share details on a zero-day with their government before the vendor in question.

“There are lots of concerns from researchers if this gets implemented,” said Kymberlee Price, senior director of operations at Bugcrowd, a private company that provides a platform for organizations wishing to start bug bounty programs. “Is it worth the effort to continue to report vulnerabilities if you have to go through a government and are likely to have to disclose details on that vulnerability? Do we want foreign governments knowing about it before it’s reported directly to the vendor so it can be patched?”

Submission + - Fracking Safe, Says EPA

Submitted by sycodon
sycodon writes: A long-awaited EPA report on hydraulic fracturing concludes that the extraction process has “not led to widespread, systemic impacts on drinking water resources.”

Submission + - Supreme Court may decide the fate of API's, Klingonese, Dothraki... (slate.com)

Submitted by nerdpocalypse
nerdpocalypse writes: In a larger battle than even Godzilla V Mothra, Google V Oracle threatens not only Japan but the entire Nerd World. What is at stake is how a language can be patented. This affects not just programming languages, API's, and everything that runs..well...everything, but also the copyright status of new languages such as Klingon and Dothraki

Submission + - You thought NSA bulk data collection was dead?

Submitted by fustakrakich
fustakrakich writes: Guess again!
US officials confirmed to the Guardian that in the coming days they will ask a secret surveillance court to revive the program – deemed illegal by a federal appeals court – all in the name of “transitioning” the domestic surveillance effort to the telephone companies that generate the so-called “call detail records” the government seeks to access. The unconventional and unexpected legal circumstance depends on a section of the USA Freedom Act, which Obama signed into law on Tuesday, that provides a six-month grace period to prepare the surveillance and legal bureaucracies for a world in which the National Security Agency is no longer the repository of bulk US phone metadata. During that time, the act’s ban on bulk collection will not yet take effect.

Submission + - Bing sponsored results spoof Google URLs, taking users to adware sites (expertreviews.co.uk)

Submitted by Anonymous Coward
An anonymous reader writes: Searching for Google Chrome on the UK version of Bing, we were hit with large ad box. While the top two hits were clearly for dubious download sites, it's the third link that made us pause: it showed a link that appeared to be from Google.com and listed the link as www.Google.com/Chrome.

Although the site looks legitimate, the URL is actually spoofed and clicking it leads to a completely different site (csoftonline.com). This is incredibly misleading and, while the main Bing search engine shows legitimate results, the differences between the sponsored and organic search listings won't be obvious to everyone. This means that people could end up on this site by mistake.

Submission + - How Dinosaurs Shrank and Became Birds (quantamagazine.org)

Submitted by Anonymous Coward
An anonymous reader writes: Discoveries have shown that bird-specific features like feathers began to emerge long before the evolution of birds, indicating that birds simply adapted a number of pre-existing features to a new use. And recent research suggests that a few simple changes — among them the adoption of a more babylike skull shape into adulthood — likely played essential roles in the final push to bird-hood. Not only are birds much smaller than their dinosaur ancestors, they closely resemble dinosaur embryos. Adaptations such as these may have paved the way for modern birds’ distinguishing features, namely their ability to fly and their remarkably agile beaks. The work demonstrates how huge evolutionary changes can result from a series of small evolutionary steps.

Submission + - USA 'Freedom' Act passed by Senate 67-32, headed to WH (ap.org)

Submitted by schwit1
schwit1 writes: Congress has sent legislation to the president reviving and remaking a disputed post-9/11 surveillance program two days after letting it temporarily expire.

The vote in the Senate Tuesday was 67-32. The House already has passed the bill, and President Barack Obama plans to sign it quickly.

The legislation will phase out, over six months, the once-secret National Security Agency bulk phone records collection program made public two years ago by agency contractor Edward Snowden. It will be replaced by a program that keeps the records with phone companies but allows the government to search them with a warrant. Senate Republican leaders opposed the House bill but were forced to accept it unchanged after senators rejected last-ditch attempts to amend it.

Submission + - Who's behind mysterious flights over US cities? FBI (csmonitor.com)

Submitted by kaizendojo
kaizendojo writes: The FBI is operating a small air force with scores of low-flying planes across the country carrying video and, at times, cellphone surveillance technology — all hidden behind fictitious companies that are fronts for the government, The Associated Press has learned.

The planes' surveillance equipment is generally used without a judge's approval, and the FBI said the flights are used for specific, ongoing investigations. In a recent 30-day period, the agency flew above more than 30 cities in 11 states across the country, an AP review found.

Submission + - Fuel Free Spacecrafts Using Graphene

Submitted by William Robinson
William Robinson writes: While using a laser to cut a sponge made of crumpled sheets of Graphene oxide, Researchers accidentally discovered that it can turn light into motion. As the laser cut into the material, it mysteriously propelled forward. Baffled, researchers investigated further. The Graphene material was put in a vacuum and again shot with a laser. Incredibly, the laser still pushed the sponge forward, and by as much as 40 centimeters. Researchers even got the Graphene to move by focusing ordinary sunlight on it with a lens.Though scientists are not sure why this happens, they are excited with new possibilities such as light propelled spacecraft that does not need fuel.

Submission + - SourceForge assumes ownership of GIMP For Win, wraps installer in adware (arstechnica.com)

Submitted by Anonymous Coward
An anonymous reader writes: It appears that SourceForge is assuming control of all projects that appear "abandoned." In a blog update on their site, they responded saying in part "There has recently been some report that the GIMP-Win project on SourceForge has been hijacked; this project was actually abandoned over 18 months ago, and SourceForge has stepped-in to keep this project current. "

SourceForge is now offering "to establish a program to enable users and developers to help us remove misleading and confusing ads."

Submission + - First Ultraviolet Quantum Dots Shine In An LED (acs.org)

Submitted by ckwu
ckwu writes: Researchers in South Korea have made the first quantum dots that emit ultraviolet light and used them to make a flexible, light-emitting diode. Until now, no one had succeeded in making quantum dots that emit wavelengths shorter than about 400 nm, which marks the high end of the UV spectrum. To get quantum dots that emit UV, the researchers figured out how make them with light-emitting cores smaller than 3 nm in diameter. They did it by coating a light-emitting cadmium zinc selenide nanoparticle with a zinc sulfide shell, which caused the core to shrink to 2.5 nm. The quantum dots give off true UV light, at 377 nm. An LED made with the quantum dots could illuminate the anticounterfeiting marks on a paper bill. If their lifetimes can be improved, these potentially low-cost UV LEDs could find uses in counterfeit currency detection, water sterilization, and industrial applications.

Submission + - Science Generally Astonished Over Lack of Holes

Submitted by TheRealHocusLocus
TheRealHocusLocus writes: "Holes in Swiss Cheese, expect we do," Yoda says. Tipped off by an alarming increase in cheese, agrarians at Agroscope scoped out the true reason why holes were becoming almost wholly absent from modern Swiss. One hundred years after William Clark famously ascribed them to carbon dioxide bubbles, and one CT scan later — nothing was observed — forming around tiny particles, whose composition should be studied more closely, for they are referred to obliquely as 'udder-hay'. Where has the carbon dioxide gone? Has it disappeared into the oceans, to re-emerge as missing heat? To counter a general lack of astonishment in modern Science reporting, the story is being heralded with the unbridled enthusiasm of an ancient mystery revealed. Google News has assigned this easy-to-remember ID d-e_cnlKUED1nWMhdSuG4PdO1KTwM to help track silly headlines. The phenomenon has also released a flood of disturbing press images.

Submission + - Sourceforge staff takes over a user's account and wraps their software installer (arstechnica.com) 11

Submitted by Anonymous Coward
An anonymous reader writes: Sourceforge staff took over the account of the GIMP-for-Windows maintainer claiming it was abandoned and used this opportunity to wrap the installer in crapware. Quoting Ars:

SourceForge, the code repository site owned by Slashdot Media, has apparently seized control of the account hosting GIMP for Windows on the service, according to e-mails and discussions amongst members of the GIMP community—locking out GIMP's lead Windows developer. And now anyone downloading the Windows version of the open source image editing tool from SourceForge gets the software wrapped in an installer replete with advertisements.

Submission + - SourceForge (owned by Slashdot Media) installs ads with GIMP (arstechnica.com) 5

Submitted by careysb
careysb writes: SourceForge, the code repository site owned by Slashdot Media, has apparently seized control of the account hosting GIMP for Windows on the service, according to e-mails and discussions amongst members of the GIMP community—locking out GIMP's lead Windows developer. And now anyone downloading the Windows version of the open source image editing tool from SourceForge gets the software wrapped in an installer replete with advertisements.

Slashdot Top Deals

"Engineering without management is art." -- Jeff Johnson

Close