Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror

+ - School Defied Google and US Government, Let Boys Program White House Xmas Trees

Submitted by theodp
theodp (442580) writes "This holiday season, Google and the National Parks partnered to let girls program the White House Christmas tree lights. While the initiative earned kudos in Fast Company's 9 Giant Leaps For Women In Science and Technology In 2014, it also prompted an act of civil disobedience of sorts from St. Augustine of Canterbury School, which decided Google and the U.S. government wouldn't determine which of their kids would be allowed to participate in the coding event. "We decided to open it up to all our students, both boys and girls so that they could be a part of such an historic event, and have it be the kickoff to our Hour of Code week," explained Debra Knox, a technology teacher at St. Augustine."

+ - Chaos Computer Club Claims It Can Reproduce Fingerprints From People's Photos 1

Submitted by Anonymous Coward
An anonymous reader writes "Chaos Computer Club, Europe’s largest association of hackers, claims it can reproduce your fingerprints from a couple of photos that show your fingers. At the 31st annual Chaos Computer Club convention in Hamburg, Germany, Jan Krissler, also known by his alias "Starbug," explained how he copied the thumbprint of German Defense Minister Ursula von der Leyen. Because these fingerprints can be used for biometric authentication, Starbug believes that after his talk, "politicians will presumably wear gloves when talking in public.""

+ - Adobe Flash Update Installs McAfee Security Scan Plus Crapware

Submitted by Anonymous Coward
An anonymous reader writes "If you get an update notification for Adobe Flash you will also be installing McAfee Security Scan Plus. This mornings update did open an Adobe webpage but did not give the option of unticking a box to prevent installation of McAfee crapware like previous updates have had. To uninstall — Start, McAfee Security Scan Plus, Uninstall, restart, cross your fingers nothing gets borked."

+ - Google Chrome Will Block All NPAPI Plugins By Default In January

Submitted by Anonymous Coward
An anonymous reader writes "Google today provided an update on its plan to remove Netscape Plugin Application Programming Interface (NPAPI) from Chrome, which the company says will improve the browser’s security, speed, and stability, as well as reduce complexity in the code base. In short, the latest timeline is as follows: Block all plugins by default in January 2015, disable support in April 2015, and remove support completely in September 2015. For context, Google first announced in September 2013 that it was planning to drop NPAPI. At the time, Google said anonymous Chrome usage data showed just six NPAPI plugins were used by more than 5 percent of users, and the company was hoping to remove support from Chrome “before the end of 2014, but the exact timing will depend on usage and user feedback.”"

+ - Poll Suggestion - Holiday Party

Submitted by P0ck3tR4wk3t
P0ck3tR4wk3t (865643) writes "My Employer's Holiday Party...

1) Isn't happening — Budget Cutbacks
2) Isn't happening — Never has
3) Wasn't planned properly — in super-tiny meeting room with crappy food
4) Is happening, +1 invite (spouses) no longer allowed
5) Is happening, +1 allowed
6) We are all skiing with Cowboy Neal in Aspen, you insensitive clod!"

Comment: anyone still runs their own mail servers? (Score 2) 265

by ConstantineM (#48132653) Attached to: Ask Slashdot: Why Can't Google Block Spam In Gmail?

I was actually thinking of the opposite trend since a couple of years ago: even people fully capable of running their own mail servers are all using gmail these days; I think we're easily at the breaking point where noone really knows how to run a mail server anymore.

+ - Enraged Verizon FiOS Customer Seemingly Demonstrates Netflix Throttling->

Submitted by MojoKid
MojoKid (1002251) writes "The ongoing battle between Netflix and ISPs that can't seem to handle the streaming video service's traffic, boiled over to an infuriating level for Colin Nederkoon, a startup CEO who resides in New York City. Rather than accept excuses and finger pointing from either side, Nederkoon did a little investigating into why he was receiving such slow Netflix streams on his Verizon FiOS connection. What he discovered is that there appears to be a clear culprit. Nederkoon pays for Internet service that promises 75Mbps downstream and 35Mbps upstream through his FiOS connection. However, his Netflix video streams were limping along at just 375kbps (0.375mbps), equivalent to 0.5 percent of the speed he's paying for. On a hunch, he decided to connect to a VPN service, which in theory should actually make things slower since it's adding extra hops. Speeds didn't get slower, they got much faster. After connecting to VyprVPN, his Netflix connection suddenly jumped to 3000kbps, the fastest the streaming service allows and around 10 times faster than when connecting directly with Verizon. Verizon may have a different explanation as to why Nederkoon's Netflix streams suddenly sped up, but in the meantime, it would appear that throttling shenanigans are taking place. It seems that by using a VPN, Verizon simply doesn't know which packets to throttle, hence the gross disparity in speed."
Link to Original Source

+ - Congressman Mistakes U.S. Officials For Indian Ones->

Submitted by PolygamousRanchKid
PolygamousRanchKid (1290638) writes "Rep. Curt Clawson, a freshman Republican congressman from Florida, mistook two senior U.S. officials for representatives of the Indian government during a House hearing on Friday.

“I am familiar with your country, I love your country,” Clawson said to Nisha Biswal and Arun Kumar, addressing fellow U.S. citizens who hold high-ranking positions in the State Department and Commerce Department, respectively.

After a lingering silence, Clawson smiles slowly. Kumar appears to grin, while Biswal echoes Clawson’s sentiment, informing him it should probably be directed to the Indian government. It’s unclear whether Clawson realized his error."
Link to Original Source

+ - Russia goes after TOR's privacy; announces 4 million Roubles bounty->

Submitted by hypnosec
hypnosec (2231454) writes "Government of Russia has announced a 4 million Roubles (~£65,000) bounty to anyone who develops a technology to identify users of TOR – an anonymising network capable of encrypting user data and hiding the identity of its users. The bounty has been announced by Russian Ministry of Internal Affairs (MVD) in the form of a tender titled “Perform research, code ‘TOR’ (Navy)”. The public description of the project has been removed now and it only reads "cipher 'TOR' (Navy)". The ministry has said in the tender that it is looking for experts and researchers to “study the possibility of obtaining technical information about users and users equipment on the Tor anonymous network.”"
Link to Original Source

Comment: LibreSSL cannot be different by being the same (Score 1) 151

by ConstantineM (#47470831) Attached to: LibreSSL PRNG Vulnerability Patched

What a whole lot of people seem to want from LibreSSL is to behave in every little bit EXACTLY as OpenSSL does, even though OpenSSL itself is a complete and utter mess.

OpenSSL allowed developers to interfere with RNG, so LibreSSL must do that, too?

Well, you can't really go at improving and cleaning up the library if you have to keep all the old bugs and the whole crusty API around.

It's inconceivable to expect LibreSSL to be both better than OpenSSL, yet to have the exact same API and the exact same set of bugs and nuances as the original OpenSSL.

What they're trying to do is be a simple-enough replacement of OpenSSL for most modern software out there (possibly with some minimal patching of the outside software), and not a one-to-one drop-in-replacement for random edge cases.

+ - Chinese State Media Declares iPhone A Threat To National Security->

Submitted by MojoKid
MojoKid (1002251) writes "When NSA whistleblower Edward Snowden came forth last year with US government spying secrets, it didn't take long to realize that some of the information revealed could bring on serious repercussions — not just for the US government, but also for US-based companies. The latest to feel the hit? None other than Apple, and in a region the company has been working hard to increase market share: China. China, via state media, has today declared that Apple's iPhone is a threat to national security — all because of its thorough tracking capabilities. It has the ability to keep track of user locations, and to the country, this could potentially reveal "state secrets" somehow. It's being noted that the iPhone will continue to track the user to some extent even if the overall feature is disabled. China's iPhone ousting comes hot on the heels of Russia's industry and trade deeming AMD and Intel processors to be untrustworthy. The nation will instead be building its own ARM-based "Baikal" processor."
Link to Original Source

+ - First release of LibreSSL portable is available.

Submitted by ConstantineM
ConstantineM (965345) writes "It has finally happened. Bob Beck of The OpenBSD Foundation has just announced that the first release of LibreSSL portable is now available, and can be found in the LibreSSL directory of your favourite OpenBSD mirror. libressl-2.0.0.tar.gz has been tested to build on various versions of Linux, Solaris, Mac OS X and FreeBSD. This is intended to be an initial portable release of OpenBSD's libressl to allow the community to start using it and providing feedback, and has been done to address the issue of incorrect portable versions being attempted by third-parties. Support for additional platforms will be added as time and resources permit."

Unix is the worst operating system; except for all others. -- Berry Kercheval

Close