Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Submission + - Major OpenSSL bug found (heartbleed.com)

Bujang Lapok writes: OpenSSL implementation bug found which affects the majority of secure services (https, smtps, pop3s, openvpn etc). The vulnerability if exploited can cause the leak of the private keys. The fix is out, patch NOW!

Submission + - IBM patents encryption technique to run unencyrpted VMs and programs (infoworld.com) 1

WillAffleckUW writes: Infoworld reports IBM has a patent on an encryption method that, if implemented, allows you to process encrypted data without having to decrypt it first.

Called "fully homomorphic encryption," this encryption method patent may result in software products in the near future.

Normally, encrypted data must be decrypted entirely before any math or programming operations can be run. Homomorphic encryption (HE), however, lets you perform math directly on the encrypted data and have the results show in the underlying data.

From a security viewpoint, there is no need to decrypt any data and expose it to attack.Supposedly, programs (or entire VMs) could run while encrypted and exchange encrypted data between themselves while running.

Bruce Schneier in 2009 pointed out this is not a new technique: "Visions of a fully homomorphic cryptosystem have been dancing in cryptographers' heads for thirty years."

Schneier pointed out this technique could take longer to tun, but IBM claims that Victor Shoup and Shai Halevi of tT. J. Watson Research Center, claim to have taken Gentry's original breakthroughs and implemented them practically, with a released open source, GPL-licensed C++ library to perform HE, mostly meant for researchers working on HE.

"Hopefully in time we will be able to provide higher-level routines," writes Halevi.

Bob Gourley of CTOvision.com writes, "I have seen nothing in any of the research that makes me think a solution can be put in place that cannot be defeated by bad guys. And if that can’t be done then the solution will not solve any problems, it will just add processing overhead."

Since the implemented may not be that efficient, IBM has public challenges for its HE schemes, allowing successful attacks on the Gentry-Halevi implementation of HE to be examined in detail.

Submission + - Japan: state secrets are whatever we say they are and you don't need to know. (sciencemag.org) 1

kermidge writes: "Japanese scientists and academics are warning that legislation threatening prison terms for those who divulge and publish what the government deems a state secret threatens academic freedom and the public’s right to know."

Seems that what constitutes a state secret is not clearly defined, but punishments for divulging one are: 10 years in prison for government employees; 5 for journalists.

This new law, which sailed through the lower house of the Diet on 26 November and is expected to pass the upper house on 8 December, was fast-tracked, apparently in a bid to avoid much in the way of discussion, especially as about the only ones in favor of it are the ruling party.

This law is similar to provisions to be subscribed by all of the 12 initial members of the upcoming TPP, which is also to be fast-tracked by Congress. Slashdotters from the U.S. and abroad will likely recognize similar laws, or proposed laws, in their own countries.

Submission + - Are Doctors Killing Us with Drugs?

trainer16 writes: David Healy, a British Professor in Psychological Medicine, argues that mistakes made by Doctors are the third leading cause of death among patients. In particular, he cites studies showing trends of over-prescription of psychotropic drugs, which have been increasingly used by teenagers in the U.S. Healy accused medical professionals of colluding with the pharmaceutical industry to increase consumption of expensive brand name drugs, as well general lack of transparency in health care institutions and poor patient involvement. His words, while highly controversial, echo latest reports of "burgeoning epidemic of prescription drug abuse", which kills 50 people each day in the U.S alone.

Submission + - Zuck, Gates-Backed Code.org Wants Kids' Student Data

theodp writes: As part of its plan to improve computer science education in the U.S., the Mark Zuckerberg and Bill Gates-backed Code.org is asking school districts to sign a contract calling for Code.org to receive 'longitudinal student achievement data' for up to seven academic years in return for course materials, small teacher stipends, and general support. The Gates Foundation is already facing a backlash from the broader academic community over attempts to collect student data as part of its inBloom initiative. The Code.org contract also gives the organization veto power over the district teachers selected to participate in the Code.org program, who are required to commit to teaching in the program for a minimum of two school years.

Submission + - Humans Born in Space May Be Doomed to Gravity Sickness (popsci.com) 1

Jeremiah Cornelius writes: From the "What's-Up-Doc?" Dept.
NASA first started sending jellyfish to space aboard the Columbia space shuttle during the early '90s to test how space flight would affect their development. Under the fantastic headline "Space-Born Jellyfish Hate Life On Earth" Popular Science notes that jellyfish babies, born in microgravity environments, "have to deal with massive vertigo on Earth after spending their first few days in space". There's a possibility for future generations of space-born human children, who might never be acclimatised to a terrestrial environment, and in fact could be incapacitated by gravity forces approaching "normal". Jellyfish tell up from down through calcium sulfate crystals that ring the bottom edge of their mushroom-like bodies. Humans sense gravity and acceleration through calcium crystals in the inner ear — similar to jellyfish — moving sensitive hair cells that signal our brains on direction of gravitation.

Submission + - Will the US Lose Control of the Internet? (wired.co.uk) 2

Jeremiah Cornelius writes: Upon revelation of the extent of US foreign intelligence surveillance, through efforts by Edward Snowden and LavaBit founder Ladar Levison, an increasing number of nation's have expressed official dismay and concern over the US dominance in managing the infrastructure for request and transit of information on the Internet. In the past, ICANN challenges have been secondary to efforts in the UN ITU — until now. Yesterday at a summit in Uruguay, every major Internet governing body pledged to free themselves of the influence of the US government. "The directors of ICANN, the Internet Engineering Task Force, the Internet Architecture Board, the World Wide Web Consortium, the Internet Society and all five of the regional Internet address registries have vowed to break their associations with the US government. The group called for "accelerating the globalization of ICANN and IANA functions, towards an environment in which all stakeholders, including all governments, participate on an equal footing". Any doubt about the reason or timing of this statement is dispelled with the inclusion: "the group 'expressed strong concern over the undermining of the trust and confidence of Internet users globally due to recent revelations of pervasive monitoring and surveillance'."

The US argument for maintaining governance has been the need to maintain "a free and open Internet" versus interests of authoritarian societies. Has recent understanding of the wholesale surveillance of telecommunications by the NSA completely ruined the US reputation as the just custodian of that mission?

Submission + - Finland's Algorithm-Driven Public Bus (vice.com)

Daniel_Stuckey writes: Where's the Uber-like interactivity, the bus that comes to you after a tap on the iPhone?

In Finland, actually. The Kutsuplus is Helsinki's groundbreaking mass transit hybrid program that lets riders choose their own routes, pay for fares on their phones, and summon their own buses. It's a pretty interesting concept. With a ten minute lead time, you summon a Kutsuplus bus to a stop using the official app, just as you'd call a livery cab on Uber. Each minibus in the fleet seats at least nine people, and there's room for baby carriages and bikes.

You can call your own private Kutsuplus, but if you share the ride, you share the costs—it's about half the price of a cab fare, and a dollar or two more expensive than old school bus transit. You can then pick your own stop, also using the app.

Submission + - Charlie Stross: Why Microsoft Word Must Die (antipope.org)

Jeremiah Cornelius writes: Rapture of the Nerds co-author Charlie Stross hates Microsoft Word, worse than you do. Best of all, he can articulate the many structural faults of Word that make his loathing both understandable and contagious. "Steve Jobs approached Bill Gates... to organize the first true WYSIWYG word processor for a personal computer -- ...should it use control codes, or hierarchical style sheets? In the end, the decree went out: Word should implement both formatting paradigms. Even though they're fundamentally incompatible... Word was in fact broken by design, from the outset — and it only got worse from there." Can Free Software do any better, than to imitate the broken Microsoft model? Does document formatting even matter this much, versus content?

Submission + - BlueJay: Police Track Behavior With Twitter Real-Time Monitoring Tools (nbcnews.com) 1

Jeremiah Cornelius writes: BIG BOTHER IS WATCHING DEPT:
If you share something publicly on social media, "you should expect the world to read it," said Andy Sellars, a staff attorney at the Digital Media Law Project. "And you should expect that world to include law enforcement."

At the low price of 150 dollars for a month, per user, BlueJay is a tool for law enforcement that should only increase those expectations. Big Brother's Ministry of Love has SaaS: The BlueJay Law Enforcement Twitter "Crime Scanner" matches the Twitter "firehose" to Internet mapping data, with big-data techniques for keyword analytics and semantic-relevance. BlueJay "has no IT requirements," explains the sales literature. "All you need is Internet and a browser." "Monitor large public events, social unrest, gang communications and criminally predicated individuals, Identify potential witnesses and indicators for evidence."
"We could stop bad things from happening if we install cameras in everyone’s bedroom in America," Jay Stanley, senior policy analyst at the American Civil Liberties Union, told NBC News. "Which trade-off are we willing to accept?

Instead of that one guy getting busted for a lame joke misinterpreted as a real threat, we may face a future where algorithms bust people en masse for referencing illegal "Game of Thrones" downloads, and insurance companies seek non-smokers confessing to lapsing back into the habit.

Submission + - Linus Torvalds Admits He's Been Asked to Insert NSA Backdoor (eweek.com)

darthcamaro writes: At the Linuxcon conference in New Orleans today, Linus Torvalds joined fellow kernel developers in answering a barrage of questions about Linux development. One question he was asked was whether a government agency had ever asked about inserting a back-door into Linux.

Torvalds responded "no" while shaking his head "yes," as the audience broke into spontaneous laughter.

Torvalds also admitted that while he as a full life outside of Linux he couldn't imagine his life without it.

While Torvalds has a full life outside Linux, it is at the core of his existence, he said. "I don't see any project coming along being more interesting to me than Linux," Torvalds said. "I couldn't imagine filling the void in my life if I didn't have Linux." /blockquote.

Submission + - NSA Monitoring Inter-Bank Transfer and Credit Card Transactions

Jeremiah Cornelius writes: NSA surveillance of private financial activity is a big story in Europe, co-authored by Laura Poitras, the filmmaker who was first contacted by Edward Snowden for the release of his information. "Classified documents show that the intelligence agency has several means of accessing the internal data traffic of SWIFT, used by more than 8,000 banks worldwide for their international transactions. The NSA specifically targets other institutes on an individual basis. A document from the year 2011 clearly designates the SWIFT computer network as a "target." Late last week, EU Commissioner for Home Affairs said that the Americans should "immediately and precisely tell us what has happened, and put all the cards on the table." If it's true "that they share information with other agencies for purposes other than those outlined in the agreement we will have to consider ending the agreement."" NSA also has in-depth knowledge of the internal processes of credit card companies like Visa and MasterCard — as well the Internet currency Bitcoin.

Journal Journal: "Terms and Conditions May Apply" 1

"The scariest movie I've seen this year, a horror tale that would have been science fiction had it been made in the 1990s." These are not words to describe the latest zombie or slasher flick, but the description by G. Allen Johnson of the San Francisco Chronicle, in describing "Terms and Conditions May Apply", a new documentary about Internet privacy and the use of consumer information platforms like Facebook and Google for government surveillance. Inc

Submission + - "Terms and Conditions May Apply"

Jeremiah Cornelius writes: “The scariest movie I’ve seen this year, a horror tale that would have been science fiction had it been made in the 1990s.” These are not words to describe the latest zombie or slasher flick, but the description by G. Allen Johnson of the San Francisco Chronicle, in describing Terms and Conditions May Apply", a new documentary about Internet privacy and the use of consumer information platforms like Facebook and Google for government surveillance. Included are a range of discussions from personalities as diverse as Raymond Kurzweil, Moby and Mark Zuckerberg. The preview trailer at on the film's website is a great 2 minute primer on the subject, for general audiences, and the film's producers provide links to privacy tools, including instructions for leaving Facebook and removing Google personalization.

"The most important thing in a man is not what he knows, but what he is." -- Narciso Yepes