Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×
Open Source

Submission + - Leveraging Open Source Experience in Your Job Hunt (smartbear.com)

Esther Schindler writes: "Working in open source brings many kinds of rewards. Open source participation helps get the software created that you need, and it brings a sense of accomplishment to help others with the work you do. If you’ve been involved in an open source community, you probably also have discovered that it’s a way to gain new technical skills.

But, writes Andy Lester, the experience you gain in a FOSS project can also help you when you go looking for a job. In Leveraging Open Source Experience in Your Job Hunt, he points out, "Your experience in working in open source is just that — work experience. Even if you're not paid for your contributions, it is still valuable experience that belongs on your resume, and the contacts you make in the community can help you find jobs." Whereupon he enumerates the ways you can list your open source experience on your resume, approach project colleagues about work references, and guiding a hiring manager through your best work (hint: Don't just say, "Here's a link to my github page")."


Submission + - You can now file with the USTPO to shoot down and invalidate obvious patents (wired.com)

Cutting_Crew writes: "Yes this is from Wired again, but as they state here today marks the first day that any 3rd party can file an injunction against patents that are frivolous, too obvious and even offer proof of prior art.

Stack Exchange has a patents forum now to help start the process as they have been working with google and also collaborating with the patent office since 2007 on testing patents.

So here is my question. Which frivolous, too obvious, downright ridiculous patent are you going to submit?"


Submission + - Critical Hole Opens Oracle 11g To Offline, Dictionary Attacks (securityledger.com)

chicksdaddy writes: "A presentation at the Ekoparty Conference in Argentina will detail a critical hole in some versions of Oracle’s Database Server that could allow remote attackers to crack user and administrator passwords. The presentation, by researcher Esteban Fayó of Application Security Inc., describes a vulnerability in versions 11.1 and 11.2 of Oracle’s native authentication protocol, which is used by Oracle 11g Database Servers. The flaw allows any user with knowledge of a valid Oracle Database login to determine if a given password corresponds to that user account.
In an interview with Security Ledger, Fayó said that he discovered the authentication flaw while researching another problem. To help conduct his research, Fayó created a small test program that authenticated repeatedly with the Oracle database server using the same user name, but different passwords.After running it, he noticed strange behavior when he analyzed the network packet captures from sessions between his test client and the Oracle Database server. Namely: the client seemed to know that it had the wrong password before the server rejected the login attempt. “Most of the times, when password (sp) is wrong, Oracle 11g client returns ORA-1017 (“invalid username/password message) without sending the password,” Fayó wondered how the client knew the password was wrong in advance.

The answer was that the client was able to verify the password simply using the information that the database server had already supplied during the login attempt, namely: the unique session key for the login session and a random value – or salt- used to secure passwords from cracking.
It's another black eye for Oracle, which was informed of the flaw in May...2010!!! Oracle fixed it by swapping out the logon protocol with Version 12 (patch 11.2.03) in August, 2011. But Fayó charges the database giant with downplaying the seriousness of the flaw: pushing it out as a software update instead of a security-focused Critical Patch Update (CPU) and mentioning the change only in an obscure passage "Protection Against Password-Guessing Attacks" from the readme file that accompanied the 11.2.03 patch."


Submission + - Bank of America Website under Cyber Attack from Islamic Hackers (thehackernews.com)

An anonymous reader writes: Bank of America's website experienced periodic outages Tuesday due to cyber attacks launched in retaliation for "Innocence of Muslims," the amateurish film whose mocking portrait of the Prophet Muhammad has incited deadly riots throughout the Middle East. "Cyber fighters of Izz ad-din Al qassam" said it would attack the Bank of America and the New York Stock Exchange as a "first step" in a campaign against properties of "American-Zionist Capitalists."

Read more from Mohit Kumar @ The Hacker News : http://thehackernews.com/2012/09/bank-of-america-website-under-cyber.html

Submission + - Roundup tolerant GM maize linked to tumor development (heraldonline.com)

spirito writes: The first animal feeding trial studying the lifetime effects of exposure to Roundup tolerant GM maize, and Roundup, the world's best-selling weedkiller, shows that levels currently considered safe can cause tumors and multiple organ damage and lead to premature death in laboratory rats, according to research published online today by the scientific journal Food and Chemical Toxicology.
Electronic Frontier Foundation

Submission + - TSA Spending $245 Million on "Second Generation" Nude-O-Scope Body Scanners (gsnmagazine.com)

McGruber writes: Continuing its standard practice of wasting hundreds of millions of taxpayer dollars (http://news.slashdot.org/story/12/05/09/2014206/congress-the-tsa-is-wasting-hundreds-of-millions-in-taxpayer-dollars), the US Transportation Security Administration (TSA) has awarded an indefinite delivery / indefinite quantity (IDIQ) contract, worth up to $245 Million, (http://www.gsnmagazine.com/node/27302?c=airport_aviation_security) to American Science and Engineering Inc. (http://www.as-e.com/) to deliver an unspecified number of “second generation” Advanced Imaging Technology (AIT) screening systems for use at U.S. airports.

As previously reported on slashdot (http://yro.slashdot.org/story/12/06/20/2243228/the-ineffectiveness-of-tsa-body-scanners---now-with-surveillance-camera-footage), Jonathan Corbett proved that TSA's current nude-o-scopes are incapable of actually detecting hidden objects.


Submission + - French weekly fuels Mohammad row with nude cartoons (reuters.com) 1

PolygamousRanchKid writes: A French magazine ridiculed the Prophet Mohammad on Wednesday by portraying him naked in cartoons, threatening to fuel the anger of Muslims around the world who are already incensed by a film depicting him as a womanizing buffoon. The French government, which had urged the magazine not to print the images, said it was temporarily shutting down premises including embassies and schools in 20 countries on Friday, when protests sometimes break out after Muslim prayers.

"We have the impression that it's officially allowed for Charlie Hebdo to attack the Catholic far-right but we cannot poke fun at fundamental Islamists," Charlie Hebdo editor Stephane Charbonnier, who drew the front-page cartoon, said. "It shows the climate — everyone is driven by fear, and that is exactly what this small handful of extremists who do not represent anyone want — to make everyone afraid, to shut us all in a cave," he told Reuters.


Submission + - Is the Can Worse Than the Soda? (smithsonianmag.com)

DevotedSkeptic writes: "Since the 1960s, manufacturers have widely used the chemical bisphenol-A (BPA) in plastics and food packaging. Only recently, though, have scientists begun thoroughly looking into how the compound might affect human health—and what they’ve found has been a cause for concern.

Starting in 2006, a series of studies, mostly in mice, indicated that the chemical might act as an endocrine disruptor (by mimicking the hormone estrogen), cause problems during development and potentially affect the reproductive system, reducing fertility. After a 2010 Food and Drug Administration report warned that the compound could pose an especially hazardous risk for fetuses, infants and young children, BPA-free water bottles and food containers started flying off the shelves. In July, the FDA banned the use of BPA in baby bottles and sippy cups, but the chemical is still present in aluminum cans, containers of baby formula and other packaging materials.

Now comes another piece of data on a potential risk from BPA but in an area of health in which it has largely been overlooked: obesity. A study by researchers from New York University, published today in the Journal of the American Medical Association, looked at a sample of nearly 3,000 children and teens across the country and found a “significant” link between the amount of BPA in their urine and the prevalence of obesity."

The Military

Submission + - Suicide Drones (rt.com)

Taco Cowboy writes: A miniature drone that weight just 5 pounds (or about 2.3KG) may become the next in thing for the US Army.

Officially known as " the Lethal Miniature Aerial Munition System", or LMAMS, the miniature drone can be armed with high explosives, and can be flown to slam into a target 6 miles (or 9.6KM) away.

It is much cheaper than smart bombs, and it is much easier to be handled and store, and can kill with much precision.

More information can be found at http://www.wired.com/dangerroom/2012/09/suicidal-drone-6-miles-away/


Submission + - Monkeys Made Smarter With Prosthetic Device (medicaldaily.com)

An anonymous reader writes: Scientists have successfully restored and, in some cases, enhanced decision-making ability in brain-damaged monkeys on cocaine by connecting a prosthetic device to their brains. This breakthrough may one day help restore cognitive ability in people who have cognitive deficiencies due to brain disease or injury.

Submission + - Intel's Haswell is an unprecedented threat to Nvidia, AMD (extremetech.com)

MrSeb writes: "Fully unveiled at the Intel Developer Forum over the last few days, Intel’s next-generation architecture, codenamed Haswell, isn’t just another “tock” in Intel’s tick/tock cadence; it’s a serious threat to both AMD and Nvidia. For the first time, Intel is poised to challenge both companies in the mainstream graphics market while simultaneously eroding Nvidia’s edge in the GPGPU business. For a start, the Haswell CPU core will be 10-15% faster than Ivy Bridge, but thanks to the addition of AVX2, Haswell's floating point performance will be monstrous: a quad-core part should be capable of 256 (double-precision) gigaflops, which should be enough to outpace Nvidia's GTX 680. On the GPU side of things, Haswell will massively increase the number of processing cores, offering "up to 2x" the performance of Ivy Bridge's HD 4000. Even a conservative take on that promise spells trouble for AMD and Nvidia. According to benchmarks, Trinity’s GPU is an average of 18% faster than Llano’s across a range of 15 popular titles. Compared to Sandy Bridge, Trinity was almost 80% faster. Against Ivy Bridge, it’s just 20% faster. Given what we know of Haswell’s GPU shader counts and performance targets, it shouldn’t be hard for Intel to deliver a 30-50% performance boost in real-world games. If it does, Trinity goes from the fastest integrated GPU on the market to an also-ran, and AMD loses the superior graphics hole card it’s been playing since it launched the AMD 780G chipset four years ago. It isn't looking good for either AMD or Nvidia."

Submission + - MIT Brings Us One Step Closer to Transdermal Drugs (exabites.com)

An anonymous reader writes: Researchers at MIT have discovered a new trick when it comes to delivering vital medicine through the skin—a development they say might revolutionize everything from how vaccinations are delivered to the way insulin is migrated to diabetes patients

Submission + - YouTube Refuses to Remove anti-Islamic Film Clip

Hugh Pickens writes writes: "BBC reports that Google officials have rejected the notion of removing a video that depicts the prophet as a fraud and philanderer and has been blamed for sparking violence at US embassies in Cairo and Benghazi on grounds it does not violate YouTube's policies, but restricted viewers in Egypt and Libya from loading it due to the special circumstances in the country. Google's response to the crisis highlighted the struggle faced by the company, and others like it, to balance free speech with legal and ethical concerns in an age when social media can impact world events. "This video – which is widely available on the Web – is clearly within our guidelines and so will stay on YouTube," Google said in a statement. "However, given the very difficult situation in Libya and Egypt, we have temporarily restricted access in both countries." Underscoring Google's quandary, some digital free expression groups have criticised YouTube for censoring the video. Eva Galperin of the Electronic Frontier Foundation says given Google' s strong track record of protecting free speech, she was surprised the company gave in to pressure to selectively block ithe video "It is extremely unusual for YouTube to block a video in any country without it being a violation of their terms of service or in response to a valid legal complaint," says Galperin. "I'm not sure they did the right thing.""

The shortest distance between two points is under construction. -- Noelie Alito