Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Submission + - Developer Who Introduced 'Heartbleed' Flaw Denies He Inserted It Deliberately

Submitted by Hugh Pickens DOT Com
Hugh Pickens DOT Com writes: Ben Grubb reports that German software developer Robin Seggelmann says he did not insert the "Heartbleed" flaw deliberately as some have suggested. "It was a simple programming error in a new feature, which unfortunately occurred in a security relevant area. It was not intended at all, especially since I have previously fixed OpenSSL bugs myself, and was trying to contribute to the project," says Seggelmann. "I was working on improving OpenSSL and submitted numerous bug fixes and added new features. In one of the new features, unfortunately, I missed validating a variable containing a length." After he submitted the code, a reviewer "apparently also didn’t notice the missing validation," Seggelmann added, "so the error made its way from the development branch into the released version." Logs show that reviewer was Dr Stephen Henson. Despite denying he put the bug into the code intentionally, Seggelmann says it was entirely possible intelligence agencies had been making use of it over the past two years. "It is a possibility, and it's always better to assume the worst than best case in security matters." If anything has been demonstrated by the discovery of the bug, Seggelmann says it is awareness that more contributors are needed to keep an eye over code in open source software. "It’s unfortunate that it’s used by millions of people, but only very few actually contribute to it," Seggelmann concludes. "The more people look at it, the better, especially with a software like OpenSSL."

Submission + - Remembering the women in America's nuclear weapons history (thebulletin.org)

Submitted by Lasrick
Lasrick writes: Wonderful essay that asks us to remember and honor the women in America's 'rich nuclear history,' from the women in the 1940's who worked at the Y-12 National Security Complex in Oak Ridge, Tennessee (and who were kept in the dark about the nature of their work), to the women in recent years who have been involved in nuclear weapons policy. The author draws on information from the essay "Sex and Death in the Rational World of Defense Intellectuals" and "The Girls of Atomic City" to describe 'the barrier(s) to entry unique to the brave new world of nuclear politics.' Great read.

Submission + - New French Law Prohibits After-Hours Work Emails

Submitted by Hugh Pickens DOT Com
Hugh Pickens DOT Com writes: Lucy Mangan reports at The Guardian that a new labor agreement in France means that employees must ignore their bosses' work emails once they are out of the office and relaxing at home – even on their smartphones. Under the deal, which affects a million employees in the technology and consultancy sectors (including the French arms of Google, Facebook, and Deloitte), employees will also have to resist the temptation to look at work-related material on their computers or smartphones – or any other kind of malevolent intrusion into the time they have been nationally mandated to spend on whatever the French call la dolce vita. “We must also measure digital working time," says Michel De La Force, chairman of the General Confederation of Managers. "We can admit extra work in exceptional circumstances but we must always come back to what is normal, which is to unplug, to stop being permanently at work.” However critics say it will impose further red tape on French businesses, which already face some of the world's tightest labor laws. However according to Simon Kelner French productivity levels outstrip those of Britain and Germany, and French satisfaction with their quality of life is above the OECD average. "No wonder, we may say. We'd all like to take a couple of hours off for lunch, washed down with a nice glass of Côtes du Rhône, and then switch our phones off as soon as we leave work. It's just that our bosses won't let us."

Submission + - Canada halts online tax returns in wake of Heartbleed (networkworld.com)

Submitted by alphadogg
alphadogg writes: Canada Revenue Agency has halted online filing of tax returns by the country's citizens following the disclosure of the Heartbleed security vulnerability that rocked the Internet this week. The country's Minister of National Revenue wrote in a Twitter message https://twitter.com/KerryLynne... on Wednesday that interest and penalties will not be applied to those filing 2013 tax returns after April 30, the last date for filing the returns, for a period equal to the length of the service disruption. The agency has suspended public access to its online services as a preventive measure to protect the information it holds, while it investigates the potential impact on tax payer information, it said.

Submission + - Duo fought file-encrypting malware until Symantec let a secret slip (computerworld.com.au)

Submitted by SpacemanukBEJY.53u
SpacemanukBEJY.53u writes: Two researchers managed to find a gaping fault in a ransomware program called CryptoDefense, one in a long line of insidious programs that encrypt people's files and demands payment to free the data. They started a low-key project to help victims decrypt their files, but Symantec blogged about the fault. The cybercriminals subsequently updated the program to close the hole. Ransomware scams similar to CryptoDefense have been around for at least a decade but have suddenly surged because of their effectiveness in spooking people and strong profitability. Users have been left enraged and helpless.

Submission + - Chinese XP users Decline to Blink (english.cri.cn)

Submitted by gitbox
gitbox writes: While others pay extortionate fees to Microsoft to extend XP support, a majority of Chinese see "business as usual" in their future. (To be fair, most never paid for the OS in the first place.)
From the article,"A Wednesday report by Beijing-based China Internet Network Information Center indicates that only about 25 percent of survey participants plan to upgrade to a newer generation operating system and more than half of them intend to continue using Windows XP as long as possible."
Can private domestic firms keep Chinese XP boxes safe?

Submission + - Windows 8.1 Update released, adds a vast amount of improvements for non-touch co

Submitted by DroidJason1
DroidJason1 writes: Microsoft has released the highly anticipated Windows 8.1 Update, adding numerous improvements for non-touch consumers based on feedback. It is also a required update for Windows 8.1, otherwise consumers will no get any future security updates after May 2014. Most of the changes in the update are designed to appease non-touch users, with options to show apps on the desktop taskbar, the ability to see show the taskbar above apps, and a new title bar at the top of apps with options to minimize, close, or snap apps.

Submission + - Stem-cell research funding institute is shuttered (nature.com)

Submitted by Anonymous Coward
An anonymous reader writes: The National Institutes of Health, the top funder of biomedical research in the U.S., has closed a program designed to bring induced pluripotent stem cells (iPS cells) from the lab to the clinic. It has made no public mention of the closure, but the website has been deleted and Nature News reports that the center director, Mahendra Rao, resigned his post in frustration after the program allocated funds to only one clinical trial in its last round of fundingn.

Submission + - Festo's BionicKangaroo Gets the Hop on Energy-Efficiency (gizmag.com)

Submitted by Zothecula
Zothecula writes: Festo’s BionicKangaroo is yet another impressive addition to the company’s already mind-blowing bionic zoo that includes, among other things, bionic seagulls, dragonflies, flying penguins, elephant trunks and a whole selection of robotic marine critters. Just like its animal cousin, the robo-marsupial developed by Fasto’s Bionic Learning Network is able to store energy from the landing phase of a jump and reuse it efficiently on subsequent jumps. The technology developed for the BionicKangaroo may hold the key to more energy-efficient machines based on both pneumatic and electric drive technologies.

Submission + - Samsung Claims Breakthrough In Graphene Chip Design (itworld.com)

Submitted by jfruh
jfruh writes: Graphene, a carbon-based crystalline lattice that is extremely strong, lightweight, and an excellent conductor of electricity and heat, is coveted as a potential base for semiconductor chip design, and Samsung, working with the Sungkyungkwan University School of Advanced Materials Science and Engineering, has claimed a big jump towards that goal. With IBM also making progress in this realm, the days of silicon could actually be numbered.

Submission + - German Wikipedia Has Problems With Paid Editing -- And Threats Of Violence 2

Submitted by metasonix
metasonix writes: As German journalist Marvin Oppong learned recently, there are a number of people who work to make articles about certain corporations and trade groups on German Wikipedia "look better". And when Oppong published his discoveries, one reaction was an openly violent threat, aimed at him, posted on de-WP's "Kurier" noticeboard. Just as with English Wikipedia, it is apparently a "terrible crime" to criticize German Wikipedia, even when Jimbo Wales's "bright line" rule on paid editing is being violated. Unlike English WP, the Germans will threaten to "curbstone" people for saying it.

Submission + - Starting on intermediate maths?

Submitted by hughbar
hughbar writes: I haven't done any 'real' maths since university about 40 years ago. I wasn't useless, but not that great either, I had to do some elementary quantum mechanics and the kind of arithmetic that an empirical scientist always needs.

I'd like to start on a little more, but every entry in Wikipedia seems to lead to another entry. Can't find the end of this piece of string. Should I specialise? Is there a book or course that covers university entry and first year maths for non-mathematicians [for example, people switching major subject]? Any ideas on this welcome, I'm ready to start but just don't know where to start.

Submission + - 1930s immigrants to US who Americanized their names got income boost (economist.com) 1

Submitted by ananyo
ananyo writes: Economists—most famously the Freakonomics duo, Steven Levitt and Stephen Dubner—have long worried that having the “wrong” name could set you back in the labour market. A number of studies show that having an “ethnic-sounding” name tends to disadvantage job applicants (though others suggest that names matter little).
Waves of migrants to America did not need economists to tell them that their name could be a disadvantage. Many changed their names to fit in. Almost a third of naturalising immigrants abandoned their first names by 1930 and acquired popular American names such as William, John or Charles. What was the impact? The authors draw on a sample of 3,400 male migrants who naturalised in New York in 1930.
The authors found that changing from a purely foreign name to a very common American name was associated with a 14% hike in earnings.

Submission + - Solar Power as cheap as conventional electricity .. (thinkprogress.org)

Submitted by Anonymous Coward
An anonymous reader writes: Once all its costs are accounted for, the price of commercial solar power has pulled even with retail electricity rates in Italy and Germany, according to a new report ..

The analysis .. looked at a standard 30 kilowatt solar photovoltaic system for your average commercial building, and the built a methodology to assess its “leveled cost of energy” (LCOE) .. solar’s LCOE in Italy and Germany is now at “grid parity,” meaning it’s even with retail electricity prices in general in those countries. Spain’s already gotten there as well, and Mexico and France are coming up ...

Slashdot Top Deals

Saliva causes cancer, but only if swallowed in small amounts over a long period of time. -- George Carlin

Close