Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Botnet

Ask Slashdot: Who's Going To Win the Malware Arms Race? 155

Posted by Soulskill from the not-you-and-not-me dept.
An anonymous reader writes: We've been in a malware arms race since the 1990s. Malicious hackers keep building new viruses, worms, and trojan horses, while security vendors keep building better detection and removal algorithms to stop them. Botnets are becoming more powerful, and phishing techniques are always improving — but so are the mitigation strategies. There's been some back and forth, but it seems like the arms race has been pretty balanced, so far. My question: will the balance continue, or is one side likely to take the upper hand over the next decade or two? Which side is going to win? Do you imagine an internet, 20 years from now, where we don't have to worry about what links we click or what attachments we open? Or is it the other way around, with threats so hard to block and DDoS attacks so rampant that the internet of the future is not as useful as it is now?
Space

SpaceX's New Combustion Technologies 132

Posted by samzenpus from the try-this-one dept.
An anonymous reader shares this story that takes a look at some of the advances SpaceX is working on. "Getting a small group of human beings to Mars and back is no easy task, we learned at the recent GPU Technology Conference in San Jose hosted graphics chip and accelerator maker Nvidia. One of the problems with such a mission is that you need a very large and efficient rocket engine to get the amount of material into orbit for the mission, explained Adam Lichtl, who is director of research at SpaceX and who with a team of a few dozen programmers is try to crack the particularly difficult task of better simulating the combustion inside of a rocket engine. You need a large engine to shorten the trip to Mars, too....Not only do you need a lot of stuff to get to Mars and sustain a colony there, but you also need a way to generate fuel on Mars to come back to Earth. All of these factors affect the design of the rocket engine....As if these were not problems enough, there is another really big issue. The computational fluid dynamics, or CFD, software that is used to simulate the movement of fluids and gases and their ignition inside of all kinds of engines is particularly bad at assisting in rocket engine design. 'Methane is a fairly simple hydrocarbon that is perfectly good as a fuel,' Lichtl said. 'The challenge here is to design an engine that works efficiently with such a compound. But rocket engine CFD is hard. Really hard.'"

Comment Re:Sooo .. (Score 1) 127

I've been using the bluetooth trusted device for several days now with a Microsoft Band device and it seems to work pretty well. I generally only need to use my pass code unlock once a day or so. As you said, the idea is that a thief (or border agent or police) can see it as unlocked and leave and it will lock right away when it gets out of BT range. Seems like a decent security usability trade off, but of course it isn't secure enough for everyone. Fortunately we have knobs and levers like this that allow people to customize the settings to ones that are secure enough for their needs, but usable enough as well. I thought about the "on body" detection, but I don't think it will work as well for me as the BT with the Band. It is nice to have the choices though!
Bitcoin

One Year Later, We're No Closer To Finding MtGox's Missing Millions 178

Posted by Soulskill from the crime-pays dept.
itwbennett writes: When Mt. Gox collapsed on Feb. 28, 2014, with liabilities of some ¥6.5 billion ($63.6 million), it said it was unable to account for some 850,000 bitcoins. Some 200,000 of them turned up in an old-format bitcoin wallet last March, bringing the tally of missing bitcoins to 650,000 (now worth about $180 million). In January, Japan's Yomiuri Shimbun newspaper, citing sources close to a Tokyo police probe of the MtGox collapse, reported that only 7,000 of the coins appear to have been taken by hackers, with the remainder stolen through a series of fraudulent transactions. But there's still no explanation of what happened to them, and no clear record of what happened on the exchange.
Software

Ask Slashdot: Version Control For Non-Developers? 343

Posted by timothy from the devil-is-in-the-versioning dept.
occamboy writes My spouse works at a company that deals with lots of documents (Word, spreadsheets, scans, and so forth), and they have a classic version control problem that sucks up hours of her time each week. Documents are stored on a shared server in some sort of hierarchy, but there are all kinds of problems, e.g. multiple copies get saved with slightly-different names because people are afraid of overwriting the old version 'just in case' and nobody can figure out which is the latest version, or which got sent out to a client, etc.

Version control should help, and my first thought was to use SVN with TortoiseSVN, but I'm wondering if there's something even simpler that they could use? Do the Slashdotteratti have any experiences or thoughts that they could share? The ideal solution would also make it easy to text search the document tree.
Networking

$10K Ethernet Cable Claims Audio Fidelity, If You're Stupid Enough To Buy It 418

Posted by Soulskill from the imaginary-audio-quality-is-more-valuable-than-a-car dept.
MojoKid writes: There are few markets that are quite as loaded-up with "snake oil" products as the audio/video arena. You may have immediately thought of "Monster" cables as one of the most infamous offenders. But believe it or not, there are some vendors that push the envelope so far that Monster's $100 HDMI cables sound like a bargain by comparison. Take AudioQuest's high-end Ethernet cable, for example. Called "Diamond," AudioQuest is promising the world with this $10,500 Ethernet cable. If you, for some reason, believe that an Ethernet cable is completely irrelevant for audio, guess again. In addition to promises about the purity and smoothness of the silver conductors, and their custom "Noise-Dissipation System," they say," "Another upgrade with Diamond is a complete plug redesign, opting for an ultra-performance RJ45 connector made from silver with tabs that are virtually unbreakable. The plug comes with added strain relief and firmly lock into place ensuring no critical data is lost." Unfortunately, in this case, there's the issue of digital data being, well... digital. But hey, a 1 or a 0 could arrive at its destination so much cleaner, right?
United States

Obama Proposes One-Time Tax On $2 Trillion US Companies Hold Overseas 825

Posted by samzenpus from the pay-the-man dept.
mrspoonsi writes with news about a new proposed tax on overseas profits to help pay for a $478 billion public works program of highway, bridge and transit upgrades. President Barack Obama's fiscal 2016 budget would impose a one-time 14 percent tax on some $2 trillion of untaxed foreign earnings accumulated by U.S. companies abroad and use that to fund infrastructure projects, a White House official said. The money also would be used to fill a projected shortfall in the Highway Trust Fund. "This transition tax would mean that companies have to pay U.S. tax right now on the $2 trillion they already have overseas, rather than being able to delay paying any U.S. tax indefinitely," the official said. "Unlike a voluntary repatriation holiday, which the president opposes and which would lose revenue, the president's proposed transition tax is a one-time, mandatory tax on previously untaxed foreign earnings, regardless of whether the earnings are repatriated." In the future, the budget proposes that U.S. companies pay a 19 percent tax on all of their foreign earnings as they are earned, while a tax credit would be issued for foreign taxes paid, the official said.
Businesses

LibreOffice Gets a Streamlined Makeover With 4.4 Release 148

Posted by samzenpus from the check-it-out dept.
TechCurmudgeon sends word that LibreOffice 4.4 has been released. "The Document foundation announced availability of the latest version of LibreOffice on Thursday, which it says is the most beautiful version of the open source productivity suite yet. LibreOffice 4.4 also fixes some compatibility issues with files that are saved in Microsoft's OOXML formats. LibreOffice 4.4 has got a lot of UX and design love," Jan "Kendy" Holesovsky, who leads the design team for Libreoffice, said in a statement. LibreOffice 4.4 is currently available for Windows."
Programming

Ask Slashdot: What Makes a Great Software Developer? 214

Posted by Soulskill from the highlander-style-combat dept.
Nerval's Lobster writes: What does it take to become a great — or even just a good — software developer? According to developer Michael O. Church's posting on Quora (later posted on LifeHacker), it's a long list: great developers are unafraid to learn on the job, manage their careers aggressively, know the politics of software development (which he refers to as 'CS666'), avoid long days when feasible, and can tell fads from technologies that actually endure... and those are just a few of his points. Over at Salsita Software's corporate blog, meanwhile, CEO and founder Matthew Gertner boils it all down to a single point: experienced programmers and developers know when to slow down. What do you think separates the great developers from the not-so-fantastic ones?
GNU is Not Unix

Serious Network Function Vulnerability Found In Glibc 211

Posted by Soulskill from the audits-finding-gold dept.
An anonymous reader writes: A very serious security problem has been found and patched in the GNU C Library (Glibc). A heap-based buffer overflow was found in __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to make an application call to either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the program. The vulnerability is easy to trigger as gethostbyname() can be called remotely for applications that do any kind of DNS resolving within the code. Qualys, who discovered the vulnerability (nicknamed "Ghost") during a code audit, wrote a mailing list entry with more details, including in-depth analysis and exploit vectors.

Comment Re:Subject to the whims of the masses... (Score 4, Interesting) 225

by GIL_Dude (#48865045) Attached to: Facebook Will Let You Flag Content As 'False'
Well, that just calls for a reputation service so that the flagging gets the appropriate weight. Perhaps that is where meta-modding comes in (to give it a slashdot spin). But at some point, a pattern emerges that can be seen, analyzed, and corrected for when someone mods every story they see about a certain topic as false. I'm betting a company with the kind of data a Facebook or Google has can probably come up with a reputation engine for weighting the flags too that will work - not perfectly - but probably "good enough".

Comment Re:Only 30 Grand? (Score 1) 426

by GIL_Dude (#48793011) Attached to: Chevrolet Unveils 200-Mile Bolt EV At Detroit Auto Show
Although range is definitely a big issue, lack of the ability to extend the range (via "charging stations" or "battery swap stations"; something analogous to the common "gas station") is even more the issue. I can get by normally on 200 miles (my commute is 72 miles round trip), but on the odd time I want to say drive to see my daughter at college - 240 miles away - it is a non-starter mostly because I cannot fill up on the route.
Bitcoin

Hackers Steal $5M In Bitcoin During Bitstamp Exchange Attack 114

Posted by Soulskill from the digital-wild-west dept.
itwbennett writes: After a weekend hack forced the Bitcoin exchange Bitstamp to shut down, Bitstamp has revealed that $5 million worth of bitcoin was stolen during the attack. And that's not all the bad news for Bitcoin this week: Canadian Bitcoin exchange Vault of Satoshi announced it is is no longer accepting new deposits and will close Feb. 5. But in this case the operators are pursuing new business opportunities, saying in a post that the shutdown "has absolutely nothing to do with insolvency, stolen funds, or any other unfortunate scenario."
Businesses

If the Programmer Won't Go To Silicon Valley, Should SV Go To the Programmer? 294

Posted by Soulskill from the can't-always-get-what-you-want dept.
theodp writes: "If 95% of great programmers aren't in the U.S.," Matt Mullenweg advises in How Paul Graham Is Wrong (a rejoinder to Graham's Let the Other 95% of Great Programmers In), "and an even higher percentage not in the Bay Area, set up your company to take advantage of that fact as a strength, not a weakness. Use WordPress and P2, use Slack, use G+ Hangouts, use Skype, use any of the amazing technology that allows us to collaborate as effectively online as previous generations of company did offline. Let people live someplace remarkable instead of paying $2,800 a month for a mediocre one bedroom rental in San Francisco. Or don't, and let companies like Automattic and Github hire the best and brightest and let them live and work wherever they like." Microsoft and Google — which hawk the very tools to facilitate remote work that Mullenweg cites — have shuttered remote offices filled with top talent even as they cry the talent sky is falling. So, is "being stubborn on keeping a company culture that requires people to be physically co-located," as Mullenweg puts it, a big part of tech's 'talent shortage' problem?" Chris Pepper also recently posted another reasoned rebuttal to Graham's post.
Open Source

Linux 3.19 Kernel To Start 2015 With Many New Features 66

Posted by timothy from the presents-from-linus-and-friends dept.
An anonymous reader writes Linux 3.18 was recently released, thus making Linux 3.19 the version under development as the year comes to a close. Linux 3.19 as the first big kernel update of 2015 is bringing in the new year with many new features: among them are AMDKFD HSA kernel driver, Intel "Skylake" graphics support, Radeon and NVIDIA driver improvements, RAID5/6 improvements for Btrfs, LZ4 compression for SquashFS, better multi-touch support, new input drivers, x86 laptop improvements, etc.

Slashdot Top Deals

E = MC ** 2 +- 3db

Close