Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Tips For Securing Your Secure Shell 148

Posted by Soulskill
from the locking-your-locks dept.
jones_supa writes: As you may have heard, the NSA has had some success in cracking Secure Shell (SSH) connections. To respond to these risks, a guide written by Stribika tries to help you make your shell as robust as possible. The two main concepts are to make the crypto harder and make stealing keys impossible. So prepare a cup of coffee and read the tutorial carefully to see what could be improved in your configuration. Stribika gives also some extra security tips: don't install what you don't need (as any code line can introduce a bug), use the kind of open source code that has actually been reviewed, keep your software up to date, and use exploit mitigation technologies.

Inside Cryptowall 2.0 Ransomware 181

Posted by Soulskill
from the just-another-crypt-in-the-wall dept.
msm1267 writes: If you need more evidence that ransomware is here to stay, and could turn into cybercriminals' weapon of choice, look no further than Cryptowall. Researchers at Cisco's Talos group have published an analysis of a Cryptowall 2.0 sample, peeling back many layers of known commodities around this threat, such as its use of the Tor anonymity network to disguise command-and-control communication. But perhaps more telling about the commitment around ransomware is the investment attackers made in its capabilities to detect execution in virtual environments, building in many stages of decryption present before the ransomware activates, and its ability to detect 32- and 64-bit architectures and executing different versions for each.

+ - FCC Misplaced Around 600,000 Net Neutrality Comments

Submitted by Presto Vivace
Presto Vivace (882157) writes "FCC States It Misplaced Around 600,000 Net Neutrality Comments

Just as net neutrality opponents were celebrating the claim that their outrage-o-matic form letter campaigns resulted in more FCC-filed comments than neutrality supporters, the FCC has announced that it somehow managed to lose roughly 600,000 net neutrality comments during processing. According to a blog post by the FCC, the agency says that the comments were misplaced due to the agency's "18-year-old Electronic Comment Filing system (ECFS)."


Comment: Are biological self-reproducing robots ... robots? (Score 1) 391

by Khopesh (#48636235) Attached to: The Dominant Life Form In the Cosmos Is Probably Superintelligent Robots
Who is to say that we'd even be able to conceive these "robots" as anything but another form of life? They'd have to tell us that they were manufactured, and given the required self-sufficiency of space travel, said "manufacture" would probably be rather akin to what we call "reproduction." All of these lines are blurred when talking about sufficiently advanced technology and science.

+ - Excuse Me While I Kiss This Guy: The Science of Misheard Song Lyrics

Submitted by (3830033) writes "Maria Konnikova writes in The New Yorker that mondegreens are funny but they also give us insight into the underlying nature of linguistic processing, how our minds make meaning out of sound, and how in fractions of seconds, we translate a boundless blur of sound into sense. One of the reasons we often mishear song lyrics is that there’s a lot of noise to get through, and we usually can’t see the musicians’ faces. Other times, the misperceptions come from the nature of the speech itself, for example when someone speaks in an unfamiliar accent or when the usual structure of stresses and inflections changes, as it does in a poem or a song. Another common cause of mondegreens is the oronym: word strings in which the sounds can be logically divided multiple ways. One version that Steven Pinker describes goes like this: Eugene O’Neill won a Pullet Surprise. The string of phonetic sounds can be plausibly broken up in multiple ways—and if you’re not familiar with the requisite proper noun, you may find yourself making an error.

Other times, the culprit is the perception of the sound itself: some letters and letter combinations sound remarkably alike, and we need further cues, whether visual or contextual, to help us out. In a phenomenon known as the McGurk effect, people can be made to hear one consonant when a similar one is being spoken. “There’s a bathroom on the right” standing in for “there’s a bad moon on the rise” is a succession of such similarities adding up to two equally coherent alternatives.

Finally along with knowledge, we’re governed by familiarity: we are more likely to select a word or phrase that we’re familiar with, a phenomenon known as Zipf’s law. One of the reasons that “Excuse me while I kiss this guy” substituted for Jimi Hendrix’s “Excuse me while I kiss the sky” remains one of the most widely reported mondegreens of all time can be explained in part by frequency. It’s much more common to hear of people kissing guys than skies."

Comment: Neil deGrasse Tyson wants NASA to have a 2x budget (Score 5, Insightful) 121

by Khopesh (#48568983) Attached to: NASA Gets 2% Boost To Science Budget

Neil deGrasse Tyson's video pleas We Stopped Dreaming and its follow-up A New Perspective proposed we increase NASA spending to 1% of the US Federal Budget (current spending: 0.5%) suggests we could go to Mars and innovate the way we did in the 70s, so there's a long way to go (a 2% boost leaves us 98% shy of Tyson's goal).

NASA is already trying to plan a manned mission to Mars or an asteroid in the future. It would be nice if they were funded for it.

Comment: Re:Isn't that click fraud? (Score 2) 285

by Khopesh (#48557809) Attached to: AdNauseam Browser Extension Quietly Clicks On Blocked Ads
There are plenty of existing issues with abusive click fraud.

For example, Fraud from bots represents a loss of $6 billion in digital advertising @Reuters says

Almost one-fourth of video ads and 11 percent of display ads are viewed by fake consumers created by cyber crime networks seeking to take a chunk of the billions of dollars spent on digital advertising

I think getting "clicks" from actual targeted customers is a non-problem in the face of all this other fraud. When it comes to security research (my field), more information pretty much always leads to better verdicts. It's therefore quite reasonable that you want to crawl an extra step deep in order to vet a page you're on. This isn't even unprecedented; think of the browser link prefetching, which anticipates where you'll click and downloads content ahead of time.

+ - AT&T prepares for war on net neutrality.

Submitted by Anonymous Coward
An anonymous reader writes "AT&T has hired Republican polling company Call Research to conduct a national poll this week on net neutrality. In no way even-handed, the poll misrepresents what net neutrality is and what will happen if it becomes law. This is 'Obamacare for the Internet' they claim, a government takeover of the Internet which will stifle innovation of the Internet, the greatest private sector invention for decades, grant the government greater surveillance powers, threaten liberty and will cause America to lose the moral high ground against authoritarian countries like China. Regulation will cost consumers more to access the net and do to the Internet what regulation has done to the poor power and water companies. It's supported by Obama and opposed by the Tea party and the wonderful companies who provide you the Internet like Comcast and Verizon. On and on for twenty minutes it continues.

The results of this poll will no doubt be used to convince politicians what a bad idea net neutrality is, as the respondents seem to be falling for it.

I apologize for posting as AC but I'm violating my NDA and I need this job."

+ - Open source craft brewery shares more the recipes->

Submitted by Jason Hibbets
Jason Hibbets (2851661) writes "An open source craft brewery in Saint Paul, Minnesota is taking open source beyond sharing recipes. The goal for Tin Whiskers Brewing Company is to "engage and give back to the community by sharing an inside look at opening and operating a craft brewery." In this interview with co-founder George Kellerman, we learn a little more about why the trio of hobbyists who started the brewing company took the path to becoming professional brewers and why they decided to be more open. "The brewery community was extremely helpful and open, so being open ourselves seemed like a great way to honor that," Kellerman said."
Link to Original Source

Mathematicians Study Effects of Gerrymandering On 2012 Election 413

Posted by samzenpus
from the fix-is-in dept. writes Gerrymandering is the practice of establishing a political advantage for a particular party by manipulating district boundaries to concentrate all your opponents' votes in a few districts while keeping your party's supporters as a majority in the remaining districts. For example, in North Carolina in 2012 Republicans ended up winning nine out of 13 congressional seats even though more North Carolinians voted for Democrats than Republicans statewide. Now Jessica Jones reports that researchers at Duke are studying the mathematical explanation for the discrepancy. Mathematicians Jonathan Mattingly and Christy Vaughn created a series of district maps using the same vote totals from 2012, but with different borders. Their work was governed by two principles of redistricting: a federal rule requires each district have roughly the same population and a state rule requires congressional districts to be compact. Using those principles as a guide, they created a mathematical algorithm to randomly redraw the boundaries of the state's 13 congressional districts. "We just used the actual vote counts from 2012 and just retabulated them under the different districtings," says Vaughn. "If someone voted for a particular candidate in the 2012 election and one of our redrawn maps assigned where they live to a new congressional district, we assumed that they would still vote for the same political party."

The results were startling. After re-running the election 100 times with a randomly drawn nonpartisan map each time, the average simulated election result was 7 or 8 U.S. House seats for the Democrats and 5 or 6 for Republicans. The maximum number of Republican seats that emerged from any of the simulations was eight. The actual outcome of the election — four Democratic representatives and nine Republicans – did not occur in any of the simulations. "If we really want our elections to reflect the will of the people, then I think we have to put in safeguards to protect our democracy so redistrictings don't end up so biased that they essentially fix the elections before they get started," says Mattingly. But North Carolina State Senator Bob Rucho is unimpressed. "I'm saying these maps aren't gerrymandered," says Rucho. "It was a matter of what the candidates actually was able to tell the voters and if the voters agreed with them. Why would you call that uncompetitive?"

Profanity-Laced Academic Paper Exposes Scam Journal 137

Posted by Soulskill
from the start-building-your-resume dept.
Frosty P writes: A scientific paper titled "Get Me Off Your F****** Mailing List" was actually accepted by the International Journal of Advanced Computer Technology. As reported at Vox and other web sites, the journal, despite its distinguished name, is a predatory open-access journal. These sorts of low-quality journals spam thousands of scientists, offering to publish their work for a fee. In 2005, computer scientists David Mazières and Eddie Kohler created this highly profane ten-page paper as a joke, to send in replying to unwanted conference invitations. It literally just contains that seven-word phrase over and over, along with a nice flow chart and scatter-plot graph. More recently, computer scientist Peter Vamplew sent it to the IJACT in response to spam from the journal, and the paper was automatically accepted with an anonymous reviewer rating it as "excellent," and requested a fee of $150. Over the years, the number of these predatory journals has exploded. Jeffrey Beall, a librarian at the University of Colorado, keeps an up-to-date list of them to help researchers avoid being taken in; it currently has 550 publishers and journals on it."

Comment: Re:Tax tech industry immigrants' salaries to fund (Score 1) 186

our educational system is still probably the best at producing software engineers

First, the tech industry is not just software engineers.

Second, while the current US educational system is very good at producing people who can drive good design, it's not so great at producing people who can implement it. The raw technical chops, especially with respect to understanding of advanced mathematics, is a rarity here in the US compared to (e.g.) much of the EU.

Comment: Tax tech industry immigrants' salaries to fund Edu (Score 1) 186

This has been proposed before, but perhaps not strongly enough or from an important enough source, which is too bad because it solves practically all of our worries.

The premise is simple: the tech industry doesn't have enough good workers because our education system is not well suited to producing the necessary skill sets. Therefore, allow qualified talent to come in and fill that gap. Tax employers based on their salaries (for this to work, salaries must be lower rather than having the same salaries with extra deductions). The collected taxes would be directed to improve our educational systems (K-12 as well as public universities) so that this problem goes away. In time, it won't be worthwhile for an employer to consider this type of talent acquisition because qualified US citizens would be more readily available and would cost less (due to not requiring this proposed tax).

(Sorry if I got some of that terminology wrong; I'm not in HR nor do I deal with immigration paperwork.)


The Man Who Made Tetris 37

Posted by samzenpus
from the fitting-it-in dept.
rossgneumann writes Life gets pretty chill after creating 'Tetris' and escaping the KGB. A quick web search for "Alexey Pajitnov" brings up pages of articles and interviews that fixate only on his seminal creation—a work that remains, far and away, the best selling video game of all time. But clearly, there's more to the man than just Tetris. Meeting Pajitnov himself led me to wonder about, well, everything else. What was the Tetris-less life of Alexey Pajitnov?

Comment: Re:Hm, Prius="Before" vs Mirai="Future" (Score 0) 194

by Khopesh (#48407609) Attached to: Toyota Names Upcoming Hydrogen Fuel Cell Car

You cant find a citation because it isn't true.

Nissan sells 5,000,000 cars per year and made US$3 billion in profit last FY. Nissan makes good cars that sell well, pretty much the antithesis of American car corporations, so they're quite safe.

Yes, you are currently correct, but I'm talking about before the Leaf was released.

The story was that they had invested all of their research into batteries and then made a major play to be the first to market for plug-ins (be they electric vehicles or hybrids). The Leaf uses their advanced batteries and serves as a demonstration of a very basic electric car (the Leaf started as merely a Versa converted to be an EV). With the Leaf's success, Nissan is on its way to having the same kind of dominance in hybrid/electric car batteries that Toyota has in regenerative braking (which is leased by many competitors).

The sooner you fall behind, the more time you have to catch up.