Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Submission + - Honeywell Home Controllers Open to Any Hacker Who Can Find Them Online

Trailrunner7 writes: The accumulation of automation and Internet-connected devices in many homes these days has led observers to coin the term smart homes. But as researchers take a closer look at the security of these devices, they’re finding that what these homes really are is naive.

The latest batch vulnerabilities to hit home automation equipment are in the Tuxedo Touch controller made by Honeywell, a device that’s designed to allow users to control home systems such as security, climate control, lighting, and others. The controller, of course, is accessible from the Internet and researcher Maxim Rupp discovered that there are two vulnerabilities in the Tuxedo Touch that could allow an attacker to take arbitrary actions, including unlocking doors or modifying the climate controls in the house.

Submission + - Project IceStorm passes another milestone: building a CPU-> 2 2

beckman101 writes: FPGAs — specialized, high speed chips with large arrays of configurable logic — are usually highly proprietary. Anyone who has used one is familiar with the buggy and node-locked accompanying tools that FPGA manufacturers provide.
Project IceStorm http://www.clifford.at/icestor... aims to change that by reverse-engineering some Lattice FPGAs to produce an open-source toolchain, and today it passed a milestone. The J1 open-source CPU is building under IceStorm, and running on real hardware. The result is a fairly puny microcontroller, but possibly the world's most open one.

Link to Original Source

Submission + - 950 million Android phones can be hijacked by malicious text messages->

techtech writes: Booby-trapped MMS messages and websites exploit flaw in heart of Android.

Almost all Android mobile devices available today are susceptible to hacks that can execute malicious code when they are sent a malformed text message or the user is lured to a malicious website, a security researcher reported Monday.

The vulnerability affects about 950 million Android phones and tablets, according to Joshua Drake, vice president of platform research and exploitation at security firm Zimperium. It resides in "Stagefright," an Android code library that processes several widely used media formats. The most serious exploit scenario is the use of a specially modified text message using the multimedia message (MMS) format. All an attacker needs is the phone number of the vulnerable Android phone. From there, the malicious message will surreptitiously execute malicious code on the vulnerable device with no action required by the end user and no indication that anything is amiss.

In a blog post
  published Monday, Zimperium researchers wrote: "A fully weaponized successful attack could even delete the message before you see it. You will only see the notification. These vulnerabilities are extremely dangerous because they do not require that the victim take any action to be exploited. Unlike spear-phishing, where the victim needs to open a PDF file or a link sent by the attacker, this vulnerability can be triggered while you sleep. Before you wake up, the attacker will remove any signs of the device being compromised and you will continue your day as usual—with a trojaned phone."

Link to Original Source

Submission + - Samsung Chromebook 2 Review - Samsung Chromebook 2->

richardhub7 writes: Samsung Chromebook 2 Review — Samsung Chromebook 2
http://alltopdeals4you.info/ch...

If you do most of your work on the Web, Samsung's 11-inch Chromebook 2 looks like an enticing and low-cost alternative to a "real" laptop! It has a high-res display, powerful specs (for a Chromebook), and a nice design.

Two years ago, Samsung made the first great Chromebook. It was thin, and light, and had good battery life, but most of all it was a different kind of computer. Chrome OS wasnâ(TM)t like Windows, which can do absolutely everything on earth including a laundry list of things that only confuse and overwhelm most users. It was designed to be simple, functional, and focused. âoeItâ(TM)s just a web browserâ wasnâ(TM)t a problem, it was progress.

As Samsung releases its successor, the Chromebook 2, things have changed. Cheap laptops can be even thinner, even faster, even more powerful, even longer-lasting; the Chromebook 2 is all four. The opportunity has grown, too: these 11.6-inch and 13.3-inch laptops enter a market in which most of what most people do all day lives inside a web browser anyway. We can do basic word processing and number-crunching with Google Docs or Office Online; we store all our files in Dropbox or OneDrive. Chrome OS feels more native than ever, but in a very real way weâ(TM)ve caught up to Googleâ(TM)s vision more than itâ(TM)s caught up to us.

Samsung Chromebook 2 Review — Samsung Chromebook
http://www.youtube.com/watch?v...

Link to Original Source

Submission + - Stretchable Conducting Fiber Provides Super Hero Capabilities->

schwit1 writes: The list of potential applications for a new electrically conducting fiber-artificial muscles, exoskeletons and morphing aircraft-sounds like something out of science fiction or a comic book. With a list like that, it's got to be a pretty special fiber... and it is. The fiber, made from sheets of carbon nanotubes wrapped around a rubber core, can be stretched to 14 times its original length and actually increase its electrical conductivity while being stretched, without losing any of its resistance.
Link to Original Source

Submission + - Senate Passes 'No Microsoft National Talent Strategy Goal Left Behind Act'

theodp writes: Microsoft is applauding the Senate's passage of the Every Child Achieves Act, a rewrite of the No Child Left Behind Act, saying the move will improve access to K-12 STEM learning nationwide. The legislation elevates Computer Science to a "core academic subject", opening the door to a number of funding opportunities. The major overhaul of the U.S. K-12 education system, adds Microsoft on the Issues, also "advances some of the goals outlined in Microsoft’s National Talent Strategy," its "two-pronged" plan to increase K-12 CS education and tech immigration. Perhaps Microsoft is tackling the latter goal in under-the-radar White House visits with the leaders of Mark Zuckerberg's FWD.us PAC, like this one, attended by Microsoft's William "It's Our Way Or the Canadian Highway" Kamela and FWD.us President Joe "Save Us From Just-Sort-of-OK US Workers" Green.

Submission + - HardenedBSD Completes Strong ASLR Implementation->

HardenedBSD writes: A relatively new fork of FreeBSD, HardenedBSD, completed their Address Space Layout Randomization (ASLR) feature. Without ASLR, applications are loaded into memory in a deterministic manner. An attacker who knows where a vulnerability lies in memory can reliably exploit that vulnerability to manipulate the application to doing the attacker's bidding. ASLR removes the determinism, making it so that an attacker knows that a vulnerability exists, but doesn't know where that vulnerability lies in memory. HardenedBSD's particular implementation of ASLR is the strongest form ever implemented in any of the BSDs.

With HardenedBSD having completed their ASLR implementation, the next step is to update documentation and submit update the patches they have already submitted upstream to FreeBSD. ASLR is the first step in a long list of exploit mitigation technologies HardenedBSD plans to implement. HardenedBSD has also implemented other exploit mitigation, security, and general hardening features, providing great security for FreeBSD.

Link to Original Source

Submission + - HP conversion to corporate hell complete as R&D dress code enforced. 1 1

An anonymous reader writes: HP was once known as a research ant technology giant, a company founded in a garage by a pair of engineers and dominated by researchers. Whilst a part of that lives on in Agilent any hope for the rest of the company has now died with the announcement that HP R&D will have to dress in business "smart casual" with T-shirts, baseball caps, short skirts, low cut dresses and sportsware all being banned.

Submission + - Apple Yanks Nest From Stores in Favor of Fussy HomeKit->

linkchaos writes: Late Thursday, news broke that Apple had fully removed Nest products from its retail stores and website. Nest, now owned by Google, includes the Nest camera, thermostat and smoke detector. All three are connected devices for the home that can be controlled via smartphone apps. We're talking about the Internet of Things here, folks, and Nest's products have been popular as long as they've been in the market.
Link to Original Source

Submission + - Augmented Reality: Hard Problems of Law and Policy->

UWLawWeb writes: An interdisciplinary team of technologists and legal experts examined Augmented Reality (AR) to understand the unique problems presented by AR. In particular they looked at AR’s ability to sense information (input) as well as overlay (output) and how it relates to legal issues surrounding First Amendment issues and the rights to privacy and public information.

“Particular implementations of AR strain prevailing conceptions of privacy and free speech, and
have the potential to compromise the user by overlaying information on the world that is erroneous,
dangerous, or legally problematic.”

Link to Original Source

Comment Re:Not that Useful (Score 0) 151 151

It's usually a problem when you open several tabs at once and one of them starts playing. And you have no idea which one.

So this is more bloat in FF isn't it? It doesn't even solve what's a niche problem for those few people who insist on having so many tabs open they cannot read them. If you can't read them, you can't see which one to mute.

The reward of a thing well done is to have done it. -- Emerson

Working...