Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Submission + - Password storage service LastPass hacked.->

BitterOak writes: LastPass is a service which claims to securely store all your passwords in one safe place. According to this story, it proved not to be quite as safe as claimed. Apparently they were hacked. Hackers obtained people's e-mail addresses, password reminders, and encrypted versions of their master passwords. With these encrypted passwords, hackers could run brute force attacks to obtain weak passwords very easily. And the reminders may help them to figure out more secure passwords as well.
Link to Original Source

Comment It has "scam" written all over it! (Score 5, Insightful) 175

Beyond the obvious problems with the concept (the cost of goods sold for the coils themselves, the extreme improbability of a kerosene-powered drone built by college students being able to make intercontinental flights, the fact that there's no way in hell the FAA or the State Department would permit such a flight, etc.), there's several big red flags on this that scream "scam:"

  1. The creator of the project has put up two projects on KS before. The most recent, the "Banana Project," is either an attempt to troll or the sort of half-baked (pun intended) project I'd expect from someone who wants to get paid to buy a 3-D printer to screw around with. The earlier project, "Super Mario Bros. Z The Movie, was cancelled and pulled, presumably because Nintendo had an issue with some random guy creating what I can only imagine is an amateur animation project. This is not a good track record, especially since the more recent project is from just three months ago.
  2. The creator has no information on his bio, has not backed any other projects, and has no other real information available. Accountability seems non-existent.
  3. The photo of the putative tesla coil is a vague sketch. There's no other technical information on how they'll be built or what they'll look like. As for the drone, there's no information on how the drone will be built or how it will be controlled. There is no prototype, only hand-waving claims. This screams "vaporware." A good rule of thumb on KS is "never pledge to something unless there's at least a prototype."
  4. The submitter of this Slashdot article is an "anonymous submitter." Who wants to bet that the submitter is actually "Trevor Nestor?"

This KS is an excellent example of a KS from which you want to stay far, far away. Most of the time, the KS community is pretty wise to these sorts of things, but I suppose the combination of "North Korea," "tesla coils," and submissions to Slashdot will lure people in. Don't be a sucker.

Comment Re:It is unfair competition (Score 1) 204

As much as people complain about its occasionally byzantine bureaucracy and its sometimes lapses into small-time corruption (such as giving open terms to the politically powerful), Memphis Light, Gas, and Water (MLGW) serves over 400k subscribers, rapidly fixes outages in a major metropolitan area prone to thunderstorm damage, repeatedly wins awards for reliability of service and water quality, and has a AA bond rating. It offers extremely favorable terms and payment programs for low-income subscribers. Oh, yeah, and it also has .

But hey, municipal utilities can't do anything right, right?

The problem isn't municipal utilities. The problem is poor process and intentional handicapping. When you have neither of these -- for instance, because your municipal utility is run as an independent organization with elected oversight that has actual skin in the game (after all, if you live in the city and use the utility, you have a good reason to not have it suck) -- the results are positive, and there's some great examples of how this works.

Windows

Windows 10: Charms Bar Removed, No Start Screen For Desktops 378

jones_supa writes Late last week, Microsoft pushed out a new build (9926) of Windows 10 to those of you who are running the Technical Preview. The latest version comes with many new features, some easily accessible, others bubbling under, but two big changes are now certain: the Charms bar is dead, and Start Screen for large devices is no more. Replacing the Charms bar is the Action Center, which has many of the same shortcuts as the Charms bar, but also has a plethora of other information too. Notifications are now bundled into the Action Center and the shortcuts to individual settings are still easily accessible from this window. The Start Screen is no longer present for desktop users, the options for opening it are gone. Continuum is the future, and it has taken over what the Start Screen initiated with Windows 8.
Portables

Ask Slashdot: High-Performance Laptop That Doesn't Overheat? 325

AqD writes: Last year we started to replace business/multimedia-grade laptops with gaming laptops at work, after several years of frustration with overheating and throttling issues that plagued our laptops from Acer, ASUS, Dell, Lenovo, and basically every brand you can find on market, making it impossible to write code and run db/test environment all on the same laptop.

The first new batch comes from Clevo because their gaming laptops don't look like gaming laptops, and they offer 3-6 disk slots which we badly need. The result is acceptable, however, not quite as good as I had expected. Mine has i7-4700mq CPU which is more or less equivalent to an older i7 on the desktop, but its temperature is raised to 70-80C while turbo boost is on, even with the best thermal paste. My friend's i7-4801mq is worse — it could never stay at the advertised 3.6GHz for more than a few seconds before it burns up over 90 and starts to throttle. Its benchmark result is nearly identical to the 4700mq because of heat problems. And it's only 3.6GHz! The best i7 CPU on a desktop could easily run closer to 5GHz with 6 cores / 12 threads running!

So what should we choose next time? We're not looking for something cool or slim or light. We need real laptops which can at least run prime calculation at advertised turbo boost speed, full cores/threads for an entire day. A nice bonus would be manual fan control plus easy access to the fan for cleaning.

Comment Re: Desparate Microsoft pulls a "Sun Microsystems" (Score 1) 525

While I'm not a lawyer, I would assume that Microsoft would have to keep that promise by the principles of equitable and promissory estoppel. Reliance upon the promise (which has been around for several years now) is reasonable, and so Microsoft attempting to revoke it and sue would immediately cause damage to those who did so. I think an extremely strong argument could be made in court that the promise more or less permanently estops Microsoft from patent actions regarding the .NET Framework.

Television

Fox Moves To Use Aereo Ruling Against Dish Streaming Service 210

An anonymous reader writes A day after a surprise U.S. Supreme Court decision to outlaw streaming TV service Aereo, U.S. broadcaster Fox has moved to use the ruling to clamp down on another internet TV service. Fox has cited Wednesday's ruling – which found Aereo to be operating illegally – to bolster its claim against a service offered by Dish, America's third largest pay TV service, which streams live TV programming over the internet to its subscribers and allows them to copy programmes onto tablet computers for viewing outside the home.

Comment Re:Surprisingly Infrequent (Score 3, Insightful) 564

We use SCCM extensively at my office, and yes, it's entirely possible to tell it to reimage every single computer. You just need to target the deployment at "All Systems" and make it mandatory. My guess is that some admin picked the wrong collection, which is fairly easy to do in SCCM 2007 (2012 has Collection folders, which helps with that), and there's no warning messages -- just a summary of "this deployment is going to these devices, click Finish to do it." Of course, most other mass management tools assume that the admins know what they're doing, so they don't have much in the way of guard rails either.

One of the more obnoxious elements of SCCM is that there's no real way to recall a command you send out; clients pick up policy at periodic intervals, and without manual intervention, they'll just grab the policy and do what it says even if you kill the server in question. You can block deployments by taking down distribution points (if the clients can't grab content, they won't run the deployment), but you still have to be fairly quick about it to stop it.

What we do to prevent these sorts of disasters is implement process around the use of the ConfigMgr console and ensure only the people who know how to use it actually use it. To prevent an OS reimaging incident, our OS deployments go through a static set of collections by process and are always optional (requiring a manual touch, either at PXE boot or in the UI) except for a specific set of collections that are segregated in their own folder and have names and descriptions with scary words that make it clear what's going to happen. For instance, in our "Clean Reimage" folder, we have a collection that says, "Windows 7 Reimage (Clean, PXE, Forced)" with a description to the effect of, "*** A computer placed in this collection will be REIMAGED and LOSE ALL LOCAL DATA. Local state is NOT preserved or transferred. ***" If we were a larger IT organization, we'd probably use SCCM's role-based security to limit access to clean reimages to a specific group of people.

Idle

North Korea: Male University Students Required To Get Kim Jong-un Haircuts 110

An anonymous reader writes in with one more reason not to accept that full-ride scholarship to a North Korea University. "Male university students in North Korea are now required to get the same haircut as their leader Kim Jong-un, it is reported. The state-sanctioned guideline was introduced in the capital Pyongyang about two weeks ago, Radio Free Asia reports. It is now being rolled out across the country - although some people have expressed reservations about getting the look. 'Our leader's haircut is very particular, if you will,' one source tells Radio Free Asia. 'It doesn't always go with everyone since everyone has different face and head shapes.' Meanwhile, a North Korean now living in China says the look is actually unpopular at home because people think it resembles Chinese smugglers. 'Until the mid-2000s, we called it the "Chinese smuggler haircut",' the Korea Times reports."
PHP

The New PHP 254

An anonymous reader writes "This article at O'Reilly Programming suggests that PHP, a language known as much for its weaknesses as its strengths, has made steady progress over the past few years in fixing its problems. From the article: 'A few years ago, PHP had several large frameworks (e.g. CakePHP, CodeIgniter, and so on). Each framework was an island and provided its own implementation of features commonly found in other frameworks. Unfortunately, these insular implementations were likely not compatible with each other and forced developers to lock themselves in with a specific framework for a given project. Today the story is different. The new PHP community uses package management and component libraries to mix and match the best available tools. ... There are also exciting things happening with PHP under the hood, too. The PHP Zend Engine recently introduced memory usage optimizations. The memory usage in PHP 5.5 is far less than earlier versions.'"
United Kingdom

Child Porn Arrest For Cameron Aide Who Helped Plan UK Net Filters 205

An anonymous reader writes "A senior aide to David Cameron resigned from Downing Street last month the day before being arrested on allegations relating to child abuse images. Patrick Rock, who was involved in drawing up the government's policy for the large internet firms on online pornography filters, resigned after No 10 was alerted to the allegations. Rock was arrested at his west London flat the next morning. Officers from the National Crime Agency subsequently examined computers and offices used in Downing Street by Rock, the deputy director of No 10's policy unit, according to the Daily Mail, which disclosed news of his arrest."
Security

Ask Slashdot: How To Protect Your Passwords From Amnesia? 381

Phopojijo writes "You can encrypt your password library using a client-side manager or encrypted file container. You could practice your password every day, keep no written record, and do everything else right. You then go in for a serious operation or get in a terrible accident and, when you wake up, suffer severe memory loss. Slashdot readers, what do you consider an acceptable trade-off between proper security and preventing a data-loss catastrophe? I will leave some details and assumptions up to interpretation (budget, whether you have friends or co-workers to rely on, whether your solution will defend against the Government, chance of success, and so forth). For instance, would you split your master password in pieces and pay an attorney to contact you with a piece of it in case of emergency? Would you get a safe deposit box? Some biometric device? Leave the password with your husband, wife, or significant other? What can Slashdot come up with?"

Comment Misleading summary (Score 5, Informative) 366

If you actually bother to read the Federal Register text, you can see in the second paragraph of the introduction that the JOBS Act, and this subsequent regulatory structure, only applies to crowdfunding where the reward is a security. It specifically explains that this is different from the current model of crowdfunding in the U.S., where the donors receive some "token of value" related to the project, not a share of future financial returns. The SEC isn't trying to regulate the current system, but is trying (as directed by that law) to allow crowdfunding where the donor award is a security; the current regulatory structure, based on the Securities Act, largely makes this sort of model impossible due to the various requirements of public offerings.

So, there's nothing to get up in arms about. This is just a move by the SEC to allow something that isn't currently permissible under U.S. law, not an attempt to "tax Kickstarter" or "regulate Indiegogo" or whatever other nonsense people claim.

United States

An Anonymous US Law Enforcement Officer Claims US Wouldn't Arrest Julian Assange 399

McGruber writes "The Washington Post reports that 'Federal prosecutors have not filed a sealed indictment against WikiLeaks founder Julian Assange, despite persistent rumors that a nearly three-year grand jury investigation into him and his organization had secretly led to charges, according to senior law enforcement sources. ... "Nothing has occurred so far," said one law enforcement official with knowledge of the case. "If Assange came to the U.S. today, he would not be arrested. But I can't predict what's going to happen. He might be in six months." The law enforcement official providing this assurance chose to remain anonymous.'"
Internet Explorer

Google Ends Internet Explorer 9 Support In Google Apps 199

An anonymous reader writes "Google has announced it is discontinuing support for Internet Explorer 9 in Google Apps, including its Business, Education, and Government editions. Google says it has stopped all testing and engineering work related to IE9, given that IE11 was released on October 17 along with Windows 8.1. This means that IE9 users who access Gmail and other Google Apps services will be notified 'within the next few weeks' that they need to upgrade to a more modern browser. Google says this will either happen through an in-product notification message or an interstitial page."

Real Programs don't use shared text. Otherwise, how can they use functions for scratch space after they are finished calling them?

Working...