Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Slashdot Deals: Deal of the Day - 6 month subscription of Pandora One at 46% off. ×

Did the Spamhaus DDoS Really Slow Down Global Internet Access? 70

CowboyRobot writes "Despite the headlines, the big denial of service attack may not have slowed the Internet after all. The argument against the original claim include the fact that reports of Internet users seeing slowdowns came not from service providers, but the DDoS mitigation service CloudFlare, which signed up Spamhaus as a customer last week. Also, multiple service providers and Internet watchers have now publicly stated that while the DDoS attacks against Spamhaus could theoretically have led to slowdowns, they've seen no evidence that this occurred for general Internet users. And while some users may have noticed a slowdown, the undersea cable cuts discovered by Egyptian sailors had more of an impact than the DDoS."
Electronic Frontier Foundation

DOJ Often Used Cell Tower Impersonating Devices Without Explicit Warrants 146

Via the EFF comes news that, during a case involving the use of a Stingray device, the DOJ revealed that it was standard practice to use the devices without explicitly requesting permission in warrants. "When Rigmaiden filed a motion to suppress the Stingray evidence as a warrantless search in violation of the Fourth Amendment, the government responded that this order was a search warrant that authorized the government to use the Stingray. Together with the ACLU of Northern California and the ACLU, we filed an amicus brief in support of Rigmaiden, noting that this 'order' wasn't a search warrant because it was directed towards Verizon, made no mention of an IMSI catcher or Stingray and didn't authorize the government — rather than Verizon — to do anything. Plus to the extent it captured loads of information from other people not suspected of criminal activity it was a 'general warrant,' the precise evil the Fourth Amendment was designed to prevent. ... The emails make clear that U.S. Attorneys in the Northern California were using Stingrays but not informing magistrates of what exactly they were doing. And once the judges got wind of what was actually going on, they were none too pleased:"

Misconfigured Open DNS Resolvers Key To Massive DDoS Attacks 179

msm1267 writes with an excerpt From Threat Post: "While the big traffic numbers and the spat between Spamhaus and illicit webhost Cyberbunker are grabbing big headlines, the underlying and percolating issue at play here has to do with the open DNS resolvers being used to DDoS the spam-fighters from Switzerland. Open resolvers do not authenticate a packet-sender's IP address before a DNS reply is sent back. Therefore, an attacker that is able to spoof a victim's IP address can have a DNS request bombard the victim with a 100-to-1 ratio of traffic coming back to them versus what was requested. DNS amplification attacks such as these have been used lately by hacktivists, extortionists and blacklisted webhosts to great success." Running an open DNS resolver isn't itself always a problem, but it looks like people are enabling neither source address verification nor rate limiting.

Google Pledges Not To Sue Any Open Source Projects Using Their Patents 153

sfcrazy writes "Google has announced the Open Patent Non-Assertion (OPN) Pledge. In the pledge Google says that they will not sue any user, distributor, or developer of Open Source software on specified patents, unless first attacked. Under this pledge, Google is starting off with 10 patents relating to MapReduce, a computing model for processing large data sets first developed at Google. Google says that over time they intend to expand the set of Google's patents covered by the pledge to other technologies." This is in addition to the Open Invention Network, and their general work toward reforming the patent system. The patents covered in the OPN will be free to use in Free/Open Source software for the life of the patent, even if Google should transfer ownership to another party. Read the text of the pledge. It appears that interaction with non-copyleft licenses (MIT/BSD/Apache) is a bit weird: if you create a non-free fork it appears you are no longer covered under the pledge.
The Media

What Does It Actually Cost To Publish a Scientific Paper? 166

ananyo writes "Nature has published an investigation into the real costs of publishing research after delving into the secretive, murky world of science publishing. Few publishers (open access or otherwise-including Nature Publishing Group) would reveal their profit margins, but they've pieced together a picture of how much it really costs to publish a paper by talking to analysts and insiders. Quoting from the piece: '"The costs of research publishing can be much lower than people think," agrees Peter Binfield, co-founder of one of the newest open-access journals, PeerJ, and formerly a publisher at PLoS. But publishers of subscription journals insist that such views are misguided — born of a failure to appreciate the value they add to the papers they publish, and to the research community as a whole. They say that their commercial operations are in fact quite efficient, so that if a switch to open-access publishing led scientists to drive down fees by choosing cheaper journals, it would undermine important values such as editorial quality.' There's also a comment piece by three open access advocates setting out what they think needs to happen next to push forward the movement as well as a piece arguing that 'Objections to the Creative Commons attribution license are straw men raised by parties who want open access to be as closed as possible.'"

Interviews: James Randi Answers Your Questions 217

A while ago you had the chance to ask James Randi, the founder of The James Randi Educational Foundation (JREF), about exposing hucksters, frauds, and fakers. Below you'll find his answers to your questions. In addition to his writings below, Randi was nice enough to sit down and talk to us about his life and his foundation. Keep an eye out for those videos coming soon.
Open Source

The FreeBSD Foundation Is Soliciting Project Proposals 58

Professor_Quail writes "Following a successful 2012 fundraising campaign, the FreeBSD Foundation is soliciting the submission of project proposals for funded development grants. Proposals may be related to any of the major subsystems or infrastructure within the FreeBSD operating system, and will be evaluated based on desirability, technical merit, and cost-effectiveness. The proposal process is open to all developers (including non-FreeBSD committers), and the deadline for submitting a proposal is April 26th, 2013." The foundation is currently funding a few other projects, including UEFI booting support.

Uniloc Patent Case Against Rackspace Tossed for Bogus Patents 76

netbuzz writes "A federal judge in Texas, presiding over a district notorious for favoring patent trolls, has summarily dismissed all claims relating to a case brought by Uniloc USA against Rackspace for [Linux] allegedly infringing upon [Uniloc's] patents. Red Hat defended Rackspace in the matter and issued a press release saying: 'In dismissing the case, Chief Judge Leonard Davis found that Uniloc's claim was unpatentable under Supreme Court case law that prohibits the patenting of mathematical algorithms. This is the first reported instance in which the Eastern District of Texas has granted an early motion to dismiss finding a patent invalid because it claimed unpatentable subject matter.'" You can't patent floating point math after all.
The Almighty Buck

Lawsuit Could Expose Whether Top VC Firms Are Actually Good Investments 90

curtwoodward writes "Venture capitalists like to project the image of wise kingmaker, financial alchemists who have a unique gift for spotting the Next Big Thing. They do not like having anyone see data about their performance, which has been generally lackluster over the past decade. This can be a problem, however, when VCs cash big checks from investors at public pension funds — taking taxpayer money sometimes comes with public disclosure. That's the crux of a court fight happening in California, where the state's massive university system is resisting attempts by the Reuters news organization to decode a complex shell game intended to hide the return data of two giants of Silicon Valley: Kleiner Perkins Caufield & Byers and Sequoia Capital."

$35 Indian Tablet Has Until March 31st To Ship or Be Cancelled 46

damitr writes "With a lot of fanfare the Indian Government had launched a $35 tablet named Aakash (The Sky). Despite skepticism, the government went ahead with the project. But delays in production and deployment of the tablet have left the project in risk of failure. The manufacturer has been unable to supply the required 100,000 units, and a deadline of March 31 has been set. The new minister Pallam Raju says: 'Aakash is only a tablet... there are other such devices as well. While work will continue to develop it and increase its productivity, manufacturing is obviously a problem.'" For what it's worth, they did manage to ship 17,000 of them. It looks like meeting the deadline is impossible and the $35 tablet is dead.

MySQL's Creator On Why the Future Belongs To MariaDB 208

angry tapir writes "When Oracle purchased Sun, many in the open source community were bleak about the future of MySQL. According to MySQL co-creator Michael "Monty" Widenius, these fears have been proven by Oracle's attitude to MySQL and its community. In the wake of the Sun takeover, Monty forked MySQL to create MariaDB, which has picked up momentum (being included by default in Fedora, Open SUSE and, most recently, Slackware). I recently interviewed Monty about what he learned from the MySQL experience and the current state of MariaDB."

I've got a bad feeling about this.