Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Submission + - LightEater malware attack places millions of unpatched BIOSes at risk (betanews.com)

Submitted by Mark Wilson
Mark Wilson writes: Two minutes is all it takes to completely destroy a computer. In a presentation entitled "How many million BIOSes would you like to infect?" at security conference CanSecWest, security researchers Corey Kallenberg and Xeno Kovah revealed that even an unskilled person could use an implant called LightEater to infect a vulnerable system in mere moments.

The attack could be used to render a computer unusable, but it could also be used to steal passwords and intercept encrypted data. The problem affects motherboards from companies including Gigabyte, Acer, MSI, HP and Asus. It is exacerbated by manufactures reusing code across multiple UEFI BIOSes and places home users, businesses and governments at risk.

Submission + - A software project full of 'male anatomy' jokes is going crazy right now (businessinsider.com)

Submitted by Anonymous Coward
An anonymous reader writes: There's no question that the tech world is an overwhelmingly male place. There's legit concern that tech is run-amok with "brogrammers" that make women programmers feel unwelcome. On the other hand, people just want to laugh.

It's at that intersection that programmer Randy Hunt, aka "letsgetrandy" posted a "project" earlier this week to software hosting site GitHub called "DICSS."The project, which is actual free and open source software, is surrounded by geeky jokes about the male anatomy. And it's gone nuts, so to speak, becoming the most trending project on Github, and the subject of a lot of chatter on Twitter. And, Hunt tells us, the folks at Github are scratching their heads wondering what they should do about it.

Some people love DICSS (and, we have to admit, some of the jokes did make us snicker) ... and some people are, understandably, offended.
The offended people point out that this is exactly the sort of thing that makes tech unwelcoming to women, and not just because of the original project, but because of some of the comments (posted as "commits") that might take the joke too far. (And, we have to admit, the tech world really doesn't need another thing that encourages sexism. A lot of male programmers are just as sick of that as women are.)

Whats Slashdot's opinion? Harmless fun? Sexism run rampant?

Submission + - Germany Succeeded with Massive Power Drops/Surges with its Solar Grid Today (reuters.com)

Submitted by SpzToid
SpzToid writes: Electrical grids in Europe succeeded in managing the unprecedented disruption to solar power from Friday's 2-1/2-hour eclipse that brought sudden, massive drops in supply.

Germany, Europe's leading economy and boasting the world's biggest solar-powered installations, was at the heart of the event.

"Good preparations paid off, we were able to handle all swings in production," said Ulrike Hoerchens, spokeswoman for one of the four high-voltage grid firms, TenneT, which operates in the region with the highest share of photovoltaic units.

Solar power output has expanded sharply to 38.2 gigawatts (GW) since the region's last notable eclipse in 2003, so the country — which borders nine nations — needed to prove its power market and network handling centres could function under extraordinary conditions.

German solar output right before the eclipse totalled 21.7 GW, then dropped to a low point of 6.2 GW, followed by an addition of 15 GW again within the following hour, TenneT said.

The speed of feed-in was treble the normal maximum, which could have caused disruptions.

Comment Not doing well in The Netherlands either (Score 5, Informative) 366

by SpzToid (#49289231) Attached to: Uber Shut Down In Multiple Countries Following Raids

The Netherlands regulates taxis in order to maintain various standards of safety and fair competition. But Uber is an app that doesn't play by the rules. So they've been busted, several times.

Initially the drivers received warnings.

Then the fines started to increase, which Uber Corp. seems happy to pay. In January the penalties were 10,000 euros, and unlicensed drivers risk a criminal record:
(in Dutch) http://www.nu.nl/internet/3978...
(English, machine translation)

Did that stop Uber, even when they were warned the next time, and subsequent violations would become 100,000 euros. No way!
(in Dutch) http://www.nrc.nl/nieuws/2015/...
(English, machine translation)

Uber defends itself by saying that innovation is faster than legislation. Uber says The Taxi Act of 2000, is outdated, and just keeps on truckin'

Submission + - Exciting developments in artificial photosynthesis.

Submitted by mjgday
mjgday writes: Researchers at both Caltech and Yale have had breakthroughs in the complex details of making artificial photosynthesis work.

Caltech have found that plating the photo-cathode and photo-anode with Nickel Oxide can greatly improve their longevity.

and Yale meanwhile have discovered an iridium catalyst which help with water oxidation.

Maybe we won't need to give up on liquid fuels after all.

Comment I like dreamhost (Score 2, Interesting) 295

by SpzToid (#49281625) Attached to: Ask Slashdot: Advice For Domain Name Registration?

Gotta agree with Dreamhost first and foremost as a domain registrar. If you search back past Slashdots, you'll see folks have chimed in to say how simply searching and pricing your desirable domain name at a lot of registrars, effectively and immediately places your desirable domain name on other people's (or the registrar's) radar. In other words, it is not kept private for you, and if you delay much at all, you'll probably see someone else (like the registrar themselves) might very well snatch it up, so you'll at least have to pay more. I can vouch this doesn't happen with Dreamhost (I've tested it myself, along with the other registrars folks had mentioned, and saw those results too). Domain name searches at Dreamhost remain private. GoDaddy was one of the abusing registrars I am referring to, if I recall correctly. I've had assets on Dreamhost now for 10 years, this coming summer.

Also, if your website needs are as simple as you have written of, then dreamhost is an absolutely fine host. Their customer service is very good, prompt, and helpful too. A very good deal for the price, if your website needs are so simple.

That being said, I can tell you the cheapest level at Dreamhost is not suitable for a heavy CMS like Drupal. If you are running something like Drupal, then you should really buy the whole VPS. Dreamhost has invested heavily in their VPS options in the years since I was seriously trying to get Drupal to work over there, but I find Linode.com and digitalocean.com VPS options to be very good for the task. Also, just so you know, my recommendation for Linode and Digital ocean is based on my own rather heavy server installations and configurations.

Finally, domain names are like wo/men. All the desirable ones are already taken.

Submission + - Microsoft Blacklists Fake Finnish Certificate

Submitted by jones_supa
jones_supa writes: Microsoft has issued a warning that a fraudulent SSL digital certificate has been issued in the name of a Finnish version of its Windows Live service. Although the company says it has revoked the certificate, security experts warn that older software may continue to "trust" the known bad certificate for months or even years, and that attackers could use it to trick users into running malware. "Microsoft is aware of an improperly issued SSL certificate for the domain 'live.fi' that could be used in attempts to spoof content, perform phishing attacks or perform man-in-the-middle attacks," Microsoft says in a March 16 security alert. "It cannot be used to issue other certificates, impersonate other domains or sign code. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue."

Comment Re:The State Run Media did not report this (Score 1) 334

Because if there was, you'd already know all about this matter if you were paying any attention at all to The Fair & Balanced Network(tm) Fox News, instead of these here slashdots. Just trust me on this, okay? Here, let me help you: http://lmgtfy.com/?q=site%3Afo...

Unless somehow, amazingly, Slashdot managed to scoop the very motivated Fox News, of course. I doubt it.

Submission + - IT disaster recovery lessons from Waffle House (opensource.com) 1

Submitted by Anonymous Coward
An anonymous reader writes: In IT, we often find ourselves in situations where planning for the future is the choice we would like to make, but making such plans would take away from the work we need to do now. Such is the lot of human beings: We can conceive of the future, but we're pretty bad at actually planning for it.

One example of such planning gaps in the IT world is that old bugaboo, disaster recovery. Everyone in IT knows they should do it, but rarely it gets done. In fact, disaster recovery planning is something that is not getting done in a lot of organizations. But every once in a while, an organization can break the mold and do a better job.

You wouldn't think Waffle House restaurants, a staple of interstate exits throughout the U.S. Southeast, would be a model for disaster recovery, but they are. The 24-hour restaurant chain has drawn up such a good disaster plan for their stores, people started noticing. If there's a natural disaster, such as a flood, hurricane, or tornado, Waffle Houses are pretty good about keeping their doors open and their hash browns flinging.

Submission + - Top-secret U.S. replica of Iran nuclear sites key to weapons deal (latimes.com)

Submitted by Lasrick
Lasrick writes: Paul Richter at the LA Times has a very cool article describing replicas of Iran's nuclear facilities that the US operates in order to study what Iran's technical capabilities are. 'Using centrifuges acquired when Libya abandoned its nuclear program in 2003, as well as American-built equipment, the government has spent millions of dollars over more than a decade to build replicas of the enrichment facilities that are the pride of Iran's nuclear program.' Fascinating stuff.

Submission + - $56,000 Speeding Ticket Issued Under Finland's System of Fines Based on Income

Submitted by HughPickens.com
HughPickens.com writes: Joe Pinsker writes at The Atlantic that Finish businessman Reima Kuisla was recently caught going 65 miles per hour in a 50 zone in his home country and ended up paying a fine of $56,000. The fine was so extreme because in Finland, some traffic fines, as well as fines for shoplifting and violating securities-exchange laws, are assessed based on earnings—and Kuisla's declared income was €6.5 million per year. Several years ago another executive was fined the equivalent of $103,000 for going 45 in a 30 zone on his motorcycle. Finland’s system for calculating fines is relatively simple: It starts with an estimate of the amount of spending money a Finn has for one day, and then divides that by two—the resulting number is considered a reasonable amount of spending money to deprive the offender of. Then, based on the severity of the crime, the system has rules for how many days the offender must go without that money. Going about 15 mph over the speed limit gets you a multiplier of 12 days, and going 25 mph over carries a 22-day multiplier. Sweden, Denmark, Germany, Austria, France, and Switzerland also have some sliding-scale fines, or “day-fines,” in place, but in America, flat-rate fines are the norm. Since the late 80s, when day-fines were first seriously tested in the U.S., they have remained unusual and even exotic.

Should such a system be used in the United States? After all, wealthier people have been shown to drive more recklessly than those who make less money. For example Steve Jobs was known to park in handicapped spots and drive around without license plates. But more importantly, day-fines could introduce some fairness to a legal system that many have convincingly shown to be biased against the poor. Last week, the Department of Justice released a comprehensive report on how fines have been doled out in Ferguson, Missouri. "Ferguson’s law enforcement practices are shaped by the City’s focus on revenue rather than by public safety needs," it concluded. The first day-fine ever in the U.S. was given in 1988, and about 70 percent of Staten Island’s fines in the following year were day-fines. A similar program was started in Milwaukee, and a few other cities implemented the day-fine idea and according to Judith Greene, who founded Justice Strategies, a nonprofit research organization, all of these initiatives were effective in making the justice system fairer for poor people. “When considering a proportion of their income,people are at least constantly risk-averse. This means that the worst that would happen is that the deterrent effect of fines would be the same across wealth or income levels,” says Casey Mulligan. "We should start small—say, only speeding tickets—and see what happens."

Comment OpenAtrium (Score 3, Informative) 144

by SpzToid (#49242559) Attached to: Ask Slashdot: Issue Tracker For Non-Engineers?

OpenAtrium is an open-source intranet-in-a-box, its v2.0 version making use of Responsive Design to support all devices, and includes calendaring, an excellent issue tracker, RSS reader/publisher, and can be customized for all kinds of unique purposes (or not).

www.openatrium.com

It is the issue tracker used by the current White House for its issue tracking and collaboration purposes.

http://www.kavehmoravej.com/bl...

https://developmentseed.org/bl...

Comment Re:Backup software? (Score 2) 71

by SpzToid (#49240285) Attached to: Google Nearline Delivers Some Serious Competition To Amazon Glacier

git-annex and Amazon glacier might serve you well. Encrypting your GIT/Glacier archive using your PGP key is a one-click-and-save option. With Google's recent announcement of Nearline I imagine over time it will be supported also. GIT annex came about through a kick-starter campaign, and you're welcome to support the project.

Here's some links to help you:

http://git-annex.branchable.co...

Specifically for Glacier:
http://git-annex.branchable.co...

Slashdot Top Deals

One man's constant is another man's variable. -- A.J. Perlis

Close