Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

New Attack Bypasses Mac OS X Gatekeeper 66

msm1267 writes: Mac OS X's Gatekeeper security service is supposed to protect Apple computers from executing code that's not signed by Apple or downloaded from its App Store. A researcher, however, has built an exploit that uses a signed binary to execute malicious code. Patrick Wardle, a longtime Apple hacker, said Gatekeeper performs only an initial check on an application to determine whether it came from an untrusted source and should not be executed. Using a signed binary that passes the initial check and then loads a malicious library or app from the same or relative directory, however, will get an advanced attacker onto an OS X machine. Wardle disclosed his research and proof of concept to Apple, which said it is working on a patch, and may push out a short-term mitigation in the meantime.

Why NASA's Road To Mars Plan Proves That It Should Return To the Moon First 194

MarkWhittington writes: NASASpaceFlight.com published the results of current NASA thinking concerning what needs to be launched and when to support a crewed mission to Phobos and two crewed missions to the Martian surface between 2033 and 2043. The result is a mind-numbingly complex operation involving dozens of launches to cis-lunar space and Mars using the heavy lift Space Launch System. The architecture includes a collection of habitation modules, Mars landers, propulsion units (both chemical rockets and solar electric propulsion) and other parts of a Mars ship.
United Kingdom

GCHQ Tried To Track Web Visits of "Every Visible User On Internet" 85

An anonymous reader writes with Ars Technica's story on the relevations reported today by The Intercept that the UK's GCHQ has been tracking World Wide Web users since 2007, with an operation called "Karma Police" -- "a program that tracked Web browsing habits of people around the globe in what the agency itself billed as the 'world's biggest' Internet data-mining operation, intended to eventually track 'every visible user on the Internet.'"

APIs, Not Apps: What the Future Will Be Like When Everyone Can Code 255

An anonymous reader writes: There's been a huge push over the last few years to make programming part of the core academic curriculum. Hype or not, software developer Al Sweigart takes a shot at predicting what this will be in a future where some degree of coding skill is commonplace and he has an interesting take on it: "More programmers doesn't just mean more apps in app stores or clones of existing websites. Universal coding literacy doesn't increase the supply of web services so much as increase the sophistication in how web services are used. Programming—by which I mean being able to direct a computer to access data, organize it, and then make decisions based on it— will open up not only a popular ability to make more of online services, but also to demand more.

Almost every major website has an Application Program Interface (API), a formal specification for software to retrieve data and make requests similar to human-directed browsers. ... The vast majority of users don't use these APIs—or even know what an API is—because programming is something that they've left to the professionals. But when coding becomes universal, so will the expectation that websites become accessible to more than just browsers."

Data Store and Spying Laws Found Illegal By EU Court 64

WillAffleckUW writes: The EU High Court found the United Kingdom's data retention (and subsequent storage and analysis) and surveillance laws to be illegal throughout the EU, which subsequently would be an argument in courts in Australia and Canada against their own spy laws. This effectively brings back the rule of law that all EU citizens have a right to privacy that is at the Bill of Rights level, not an easily short-circuited legal basis.

"The judges identified two key problems with the law: that it does not provide for independent court or judicial scrutiny to ensure that only data deemed 'strictly necessary' is examined; and that there is no definition of what constitutes 'serious offenses' in relation to which material can be investigated." It is uncertain that this would apply to U.S. spy laws, as a right of privacy is only inferred by U.S. high courts and is not written into constitutions as it is in the EU, Australia, New Zealand and Canada.

Encryption Rights Community: Protecting Our Rights To Strongly Encrypt 140

Lauren Weinstein writes: Around the world, dictatorships and democracies alike are attempting to restrict access to strong encryption that governments cannot decrypt or bypass on demand. Firms providing strong encryption to protect their users — such as Google and Apple — are now being accused by government spokesmen of "aiding" terrorism by not making their users' communications available to law enforcement on demand. Increasingly, governments that have proven incapable of protecting their own systems from data thefts are calling for easily abused, technologically impractical government "backdoors" in commercial encryption that would put all private communications at extreme risk of attacks. This new G+ community will discuss means and methods to protect our rights related to encrypted communications, unfettered by government efforts to undermine our privacy in this context.

Iowa Makes a Bold Admission: We Need Fewer Roads 285

An anonymous reader writes: During a recent Urban Land Institute talk, the director of the Iowa Department of Transportation, Paul Trombino, told an audience that the road network in Iowa was probably going to "shrink." Calling for fewer highways isn't what you'd normally expect from a government transportation official, but since per capita driving has peaked in the U.S., it might make sense for states to question whether or not to spend their transportation budgets on new roads.
Operating Systems

Ask Slashdot: If You Could Assemble a "FrankenOS" What Parts Would You Use? 484

rnws writes: While commenting about log-structured file systems in relation to flash SSDs, I referenced Digital's Spiralog [pdf], released for OpenVMS in 1996. This got me thinking about how VMS to this day has some of, if not the best storage clustering (still) in use today. Many operating systems have come and gone over the years, particularly from the minicomputer era, and each usually had something unique it did really well. If you could stitch together your ideal OS, then which "body parts" would you use from today and reanimate from the past? I'd probably start with VMS's storage system, MPE's print handling, OS/2's Workplace Shell, AS/400's hardware abstraction and GNU's Bash shell. What would you choose?

Solar Impulse 2 Completes Record-Breaking Flight 21

An anonymous reader writes: Solar Impulse 2, the airplane powered only by the sun's light, has completed its flight from Japan to Hawaii. The distance sets the record for manned, solar-powered flight, both by distance (7,200 km, according to the BBC) and by time spent aloft (118 hours). This was one leg in a longer journey to fly around the world, and by far the longest they've attempted. Their next leg will send them across the rest of the Pacific Ocean, landing in Phoenix, Arizona. Then they'll stop off at New York before crossing the Atlantic Ocean on their way back to the journey's starting point, Abu Dhabi. Pilot Andre Borschberg was in good shape, despite spending almost five consecutive days in command of the aircraft. He was only allowed to sleep for up to 20 minutes at a time, so he took about a dozen naps every day. He did this at an altitude of 9,000 meters, and while taking medication to prevent thrombosis. Borschberg's partner, Bertrand Piccard, will fly the aircraft during the next leg to Phoenix. This will happen as soon as the plane is checked out and meteorologists think the weather will be placid enough for a safe crossing.

Turing Near Ready To Ship World's First Liquid Metal Android Smartphone 93

MojoKid writes: Liquid Metal is an alloy metal (technically, bulk metallic glass) that manages to combine the best features of a wide variety of materials into one product. Liquid Metal also has high corrosion resistance, high tensile strength, remarkable anti-wear characteristics and can also be heat-formed. Given its unique properties, Liquid Metal has been used in a number of industries, including in smartphones. Historically, it has been limited to small-scale applications and pieces parts, not entire products. However, Turing Robotic Industries (TRI) just announced pre-orders for the world's first liquid metal-frame smartphone. The Turing Phone uses its own brand of Liquid Metal called Liquidmorphium, which provides excellent shock absorption characteristics. So instead of making a dent in the smartphone casing or cracking/chipping like plastic when dropped, a Turing Phone should in theory "shake it off" while at the same time protecting the fragile display from breaking. The Turing Phone does not come cheap, however, with pricing starting at $610 for a 16GB model and escalating quickly to $740 and $870 respectively for the 64GB and 128GB models, unlocked. Pre-orders open up on July 31.

The program isn't debugged until the last user is dead.