Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Put restrict ... noquery in your ntp.conf file (Score 4, Informative) 115

by ctime (#48660469) Attached to: Apple Pushes First Automated OS X Security Update
http: //support.ntp.org/bin/view/Main/SecurityNotice Buffer overflow in ctl_putdata() References: Sec 2668 / CVE - 2014 - 9295 / VU #852879 Versions: All NTP4 releases before 4.2.8 CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5 Date Resolved: Stable (4.2.8) 18 Dec 2014 Summary: A remote attacker can send a carefully crafted packet that can overflow a stack buffer and potentially allow malicious code to be executed with the privilege level of the ntpd process. Mitigation - any of: Upgrade to 4.2.8, or later, from the NTP Project Download Page or the NTP Public Services Project Download Page. Put restrict ... noquery in your ntp.conf file, for non-trusted senders. Credit: This vulnerability was discovered by Stephen Roettger of the Google Security Team. w

Comment: Re:Move to a gated community (Score 1) 611

by ctime (#48604873) Attached to: Waze Causing Anger Among LA Residents
Those reversible lanes ("suicide lanes") have been around in Phoenix since a lot longer, starting in the 1970's. http://www.azcentral.com/news/...

Phoenix is one of the few U.S. cities in the that realizes a) Public transportation doesn't work well in low density, post-WW2 US cities (aka, the sunbelt and west coast) and b) Grid pattern streets and excellent freeways are the only reasonable, cost effective short term strategy. What is the long term strategy? Nobody knows, except maybe to completely get rid of shitty low density cities, which will never happen. American people want their trucks and backyards, and they especially don't want to have to sit next to some poor person on public transportation.

Comment: Re:Chip and PIN (Score 2) 132

by ctime (#47810901) Attached to: Banks Report Credit Card Breach At Home Depot
The problem is that these data compromises are going to happen and that the current magnetic strip technology is laughably obsolete and insecure. Chip + PIN effectively mitigates the weakness in magnetic strip data by embedding a chip (physical, something you have) and a pin (something you know) into the transaction process, plus many other security enhancements. Current magnetic strip cards are authenticated purely by a string of digits (something you know) and are easily copied and reproduced.

Read all about it here: http://en.wikipedia.org/wiki/E...

Chip + pin WILL be happening in America. http://blogs.wsj.com/corporate...

NFC-based payment system may have a chance to become popular in the mean time.

Comment: Pure speculation. (Score 2) 336

by ctime (#47802609) Attached to: Reported iCloud Hack Leaks Hundreds of Private Celebrity Photos
It could have just as easily been a packet sniffing engine on a local ISP, cellular network, data center etc. Maybe in front of Amazon? Were these all transferred through snapchat, dropbox or some other file sharing service that leverages AWS or some other cloud provider? Were any taken from those services by admins?

My point is, many of these images were *taken* with non-apple devices and *deleted* before photo stream was a thing. At this point it is likely someone got access to a darknet cache of images -- the sources are unlikely from one location, but from many many sources over many years.

LTDR; 1. Enable 2FA 2. If you upload something to the internet, assume someday someone will be able to see it and do whatever they want with it. Are you okay with that?

+ - Net neutrality campaign to show what the Web would be like with a 'slow lane'

Submitted by blottsie
blottsie (3618811) writes "In a move out of the anti-SOPA campaign playbook, Fight for the Future and other net neutrality activist groups have set up the Battle for the Net coalition, which plans to launch an “Internet slowdown day” later this month.

No actual traffic will be slowed down. Instead, participating sites will display embeddable modules that include a spinning “loading” symbol and information about contacting the Federal Communications Commission (FCC), the White House, and members of Congress."

+ - New Computer Model Predicts Impact of Yellowstone Volcano Eruption

Submitted by Anonymous Coward
An anonymous reader writes "Scientists from the U.S. Geological Survey (USGS) have used a program named Ash 3D to predict the impact of a Yellowstone volcano eruption, and found that cities within 300 miles from Yellowstone National Park may get covered by up to three feet of ash. From the article: "Ash3D helped the researchers understand how the previous eruptions created a widespread distribution of ash in places in the park's periphery. Aside from probing ash-distribution patterns, the Ash3D can also be used to identify potential hazards that volcanoes in Alaska may bring.""

+ - Power Grids: The Huge Battery Market You Never Knew Existed 1

Submitted by ashshy
ashshy (40594) writes "Following up on a recent Slashdot posting, The Motley Fool digs into another huge market for rechargeable batteries. Unlike the obvious battery needs for smartphones or electric cars, many consumers are unaware of the exploding need for enormous batteries as modern power grids bring a whole new set of requirements."

+ - Celebrity nude pictures leaked due to apparent iCloud hack-> 1

Submitted by swinferno
swinferno (1212408) writes "Hundreds of nude, semi-nude, and revealing pictures of female celebrities were leaked overnight after being stolen from their private collections. Hunger Games actress Jennifer Lawrence, Kirsten Dunst, and pop star Ariana Grande were among the celebrities apparently shown in the pictures, which were posted on infamous web forum 4chan.

It's unclear how the images were obtained, but anonymous 4chan users said that they were taken from celebrities' iCloud accounts. The accounts are designed to allow iPhone, iPad, and Mac users to synchronize images, settings, calendar information, and other data between devices, but the service has been criticized for being unreliable and confusing. Earlier this year, Jennifer Lawrence herself complained about the service in an interview with MTV.

Several media contacted Apple for more information but they have not commented on this yet.

http://www.theverge.com/2014/9..."

Link to Original Source

+ - Apple Said to Team With Visa, MasterCard on iPhone Wallet

Submitted by Anonymous Coward
An anonymous reader writes "Apple plans to its next iPhone into a mobile wallet through a partnership with major payment networks, banks and retailers, according a person familiar with the situation. The agreement includes Visa, MasterCard, and American Express and will be unveiled on Sept. 9 along with the next iPhone, said the person, who asked not to be identified because the talks are private. The new iPhone will make mobile payment easier by including a near-field communication chip for the first time, the person said. That advancement along with Touch ID, a fingerprint recognition reader that debuted on the most recent iPhone, will allow consumers to securely pay for items in a store with the touch of a finger."

Comment: Spread out work force (Score 1) 710

by ctime (#47312727) Attached to: Workaholism In America Is Hurting the Economy
Talent is usually worth paying extra for, so make your business a talent center and attract the top players. Then give them freedom to get things done and don't micro manage. Ask what isn't getting done (read: the small things, like documentation) and pay someone do to that. Grease the wheels. Allowing people to work from home *IS* a huge benefit for many people, and more importantly, lets people disconnect from the office. I tend to get way more done at home as the office is just pure interrupt driven non-sense most of the time. Technology work is difficult and frustrating, but on the bright side, can pay very well. Deal with it or don't play.

Comment: It is hip to be square (Score 5, Informative) 128

by ctime (#47288409) Attached to: Google Forks OpenSSL, Announces BoringSSL
For those having a hard time understanding the naming convention,

Boring: Not flashy, not exciting, not experimental, not sexy. Performs as expected.

In other words, exactly how I want my security libraries, my databases, and the other critical infrastructure that runs the planet to be described as. Boring is good. A choice between boring Plain Jane and Simple Sally? Even better. Thank you.

Comment: rediculous parents to blame (Score 1) 1198

by ctime (#47111505) Attached to: Misogyny, Entitlement, and Nerds
Is this a direct offshoot of our "never a loser" upbringing? I'm afraid these kids who go out on a rampage, thinking the entire time *they* are the victim, may actually be a victim of the coddled upbringing that seems to be commonplace since the 90's. I'm talking about helicopter parents who refuse to let their children get Bs, get second place (or even, god forbid, last place) in any kind of competition. Then we see them unable to understand and cope with failure later in life and blame others instead of accepting defeat. Like most people, I blame the parents. I blame them for not letting them fail. Parents should provide positive influence and basic necessities for children, then get the hell out of the way and let children grow up on their own.

Children who grow up without siblings (ie compeition for parents time) seem to be particularly narrisistic and useless when combined with overbearing and coddling parents. Those

"If truth is beauty, how come no one has their hair done in the library?" -- Lily Tomlin

Working...