Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Submission + - Symantec: Hacking Group Black Vine Behind Anthem Breach->

itwbennett writes: Symantec said Tuesday in a report that the hacking group Black Vine, which has been active since 2012 and has gone after other businesses that deal with sensitive and critical data, including organizations in the aerospace, technology and finance industries, is behind the hack against Anthem. The Black Vine malware Mivast was used in the Anthem breach, according to Symantec.
Link to Original Source

Submission + - Slashdot by the People

turp182 writes: Slashdot by the People

Editors, please post to the front page if this get a response from the Firehose users. The response would help any potential buyer better understand the community, and the community could respond with insightful responses.

This is intended to be an idea generation story for how the community itself could purchase and then control Slashdot. If this happened I believe a lot of former users would at least come and take a look, and some of them would participate again.

This is not about improving the site, only about acquiring the site.

First, here's what we know:
1. DHI (Dice) paid $20 million for Slashdot, SourceForce, and Freecode, purchased from Geeknet back in 2012:
    http://techcrunch.com/2012/09/...
2. Slashdot has an Alexa Global Rank of 1,689, obtaining actual traffic numbers require money to see:
    http://www.alexa.com/siteinfo/...
3. According to Quantcast, Slashdot has over 250,000 unique monthly views:
    https://www.quantcast.com/slas...
4. Per an Arstechnia article, Slashdot Media (Slashdot and Sourceforge) had 2015Q2 revenues of $1.7 million and have expected full year revenues of $15-$16 million (which doesn't make sense given the quarterly number):
    http://arstechnica.com/informa...

Next, things we don't know:
0. Is Slashdot viable without a corporate owner? (the only question that matters)
1. What would DHI (Dice) sell Slashdot for? Would they split it from Sourceforge?
2. What are the hosting and equipment costs?
3. What are the personnel costs (editors, advertising salesforce, etc.)?
4. What other expenses does the site incur (legal for example)?
5. What is Slashdot's portion of the revenue of Slashdot Media?

These questions would need to be answered in order to valuate the site. Getting that info and performing the valuation would require expensive professional services.

What are possible ways we could proceed?

In my opinion, a non-profit organization would be the best route.

Finally, the hard part: Funding. Here are some ideas.

1. Benefactor(s) — It would be very nice to have people with some wealth that could help.
2. Crowdfunding/Kickstarter — I would contribute to such an effort I think a lot of Slashdotters would contribute. I think this would need to be a part of the funding rather than all of it.
3. Grants and Corporate Donations — Slashdot has a wide and varied membership and audience. We regularly see post from people that work at Google, Apple, and Microsoft. And at universities. We are developers (like me), scientists, experts, and also ordinary (also like me). A revived Slashdot could be a corporate cause in the world of tax deductions for companies.
4. ????
5. Profit!

Oh, the last thing: Is this even a relevant conversation?

I can't say. I think timing is the problem, with generating funds and access to financial information (probably won't get this without the funds) being the most critical barriers. Someone will buy the site, we're inside the top 2,000 global sites per info above.

The best solution, I believe, is to find a large corporate "sponsor" willing to help with the initial purchase and to be the recipient of any crowd sourcing funds to help repay them. The key is the site would have to have autonomy as a separate organization. They could have prime advertising space (so we should focus on IBM...) with the goal would be to repay the sponsor in full over time (no interest please?).

The second best is seeking a combination of "legal pledges" from companies/schools/organizations combined with crowd sourcing. This could get access to the necessary financials.

Also problematic, from a time perspective, a group of people would need to be formed to handle organization (managing fundraising/crowdsourcing) and interations with DHI (Dice). All volunteer for sure.

Is this even a relevant conversation? I say it is, I actually love Slashdot; it offers fun, entertaining, and enlightening conversation (I browse above the sewer), and I find the article selection interesting (this gyrates, but I still check a lot).

And to finish, the most critical question: Is Slashdot financially viable as an independent organization?

Comment Likely a new gift for the NSA (Score 3, Insightful) 218 218

What would the existence of an exascale supercomputer mean for today's popular encryption/hashing algorithms?

Exactly.

My first thought was the new addition will be tasked by the NSA/FiveEyes to break encryption for intercepted communications.

Submission + - Survey: Software Engineering Isn't "Meaningful" Work->

itwbennett writes: A recent PayScale survey set out to rank the meaningfulness of more than 500 job titles (as measured by a yes response to the question 'Does your work make the world a better place?'). Not surprisingly, the clergy and surgeons ranked their jobs very high on the meaningfulness scale, while parking lot attendants, again, not surprisingly, were at the bottom. Where did tech jobs fall? Most were in the bottom half, with software engineer coming in last among tech job titles (484 out of 505 job titles).
Link to Original Source

Submission + - HardenedBSD Completes Strong ASLR Implementation->

HardenedBSD writes: A relatively new fork of FreeBSD, HardenedBSD, completed their Address Space Layout Randomization (ASLR) feature. Without ASLR, applications are loaded into memory in a deterministic manner. An attacker who knows where a vulnerability lies in memory can reliably exploit that vulnerability to manipulate the application to doing the attacker's bidding. ASLR removes the determinism, making it so that an attacker knows that a vulnerability exists, but doesn't know where that vulnerability lies in memory. HardenedBSD's particular implementation of ASLR is the strongest form ever implemented in any of the BSDs.

With HardenedBSD having completed their ASLR implementation, the next step is to update documentation and submit update the patches they have already submitted upstream to FreeBSD. ASLR is the first step in a long list of exploit mitigation technologies HardenedBSD plans to implement. HardenedBSD has also implemented other exploit mitigation, security, and general hardening features, providing great security for FreeBSD.

Link to Original Source

Submission + - New ways to take down drones

mrflash818 writes: As drones of all flavors become increasingly ubiquitous, it was only a matter of time before countermeasures began to pop up—and they have in spades, across a spectrum of prices and tactics. These range from the high-tech (lasers and RF interference) to something as basic as a handheld "net gun."

http://arstechnica.com/busines...

Submission + - AMD Starts Rolling Out New Linux Driver Model, But Many Issues Remain->

An anonymous reader writes: With the upcoming Linux 4.2 kernel will be the premiere of the new "AMDGPU" kernel driver to succeed the "Radeon" DRM kernel driver, which is part of AMD's long talked about new Linux driver architecture for supporting the very latest GPUs and all future GPUs. Unfortunately for AMD customers, there's still much waiting. The new open-source AMDGPU Linux code works for Tonga/Carrizo GPUs but it doesn't yet support the latest R9 Fury "Fiji" GPUs, lacks re-clocking/DPM for Tonga GPUs leading to low performance, and there are stability issues under high-load OpenGL apps/games. There's also the matter that current Linux users need to jump through hoops for now in getting the code into a working state with the latest kernel and forked versions of Mesa, libdrm, new proprietary microcode files, and the new xf86-video-amdgpu user-space driver.
Link to Original Source

Submission + - Researchers Claim to Have Developed Faster, More Secure Tor

An anonymous reader writes: Researchers from the Swiss Federal Institute of Technology and University College London published a paper this week describing a faster and more secure version of Tor called HORNET. On one hand, the new onion routing network can purportedly achieve speeds of up to 93 gigabits per second and "be scaled to support large numbers of users with minimal overhead". On the other hand, researchers cannot claim to be immune to "confirmation attacks" known to be implemented on Tor, but they point out that, given how HORNET works, perpetrators of such attacks would have to control significantly more ISPs across multiple geopolitical boundaries and probably sacrifice the secrecy of their operations in order to successfully deploy such attacks on HORNET.

Submission + - Gigabit internet access growing at 480% per year, served by 84 ISPs->

An anonymous reader writes: According to Michael Render, principal analyst at market researcher RVA LLC, 83 Internet access providers have joined Google to offer gigabit Internet access service (all priced in the $50-$150 per month range).Render’s data shows that new subscribers are signing up at an annualized growth rate of 480 percent each year.
Link to Original Source

Submission + - FCC Approves AT&T-DirecTV Purchase->

An anonymous reader writes: The U.S. Federal Communications Commission has granted approval to AT&T to purchase DirecTV for $48.5 billion. AT&T will become the largest provider of cable or satellite TV in the U.S., with 26.4 million subscribers. "Adding TV customers gives AT&T more power to negotiate with big media companies over prices for those channels. The deal also combines a nationwide satellite TV service, the country’s largest, with the No. 2 nationwide wireless network as time spent on mobile devices increases." The FCC did put conditions on the deal: AT&T must make fiber internet service available to 12.5 million people, offer cheaper internet plans to low-income customers, and not mess with the internet traffic of online video competitors.
Link to Original Source

Submission + - Remote control of a car, with no phone or network connection required

Albanach writes: Following on from this week's Wired report showing the remote control of a Jeep using a cell phone, security researchers claim to have achieved a similar result using just the car radio. Using off the shelf components to create a fake radio station, the researchers sent signals using the DAB digital radio standard used in Europe and the Asia Pacific region. After taking control of the car's entertainment system it was possible to gain control of vital car systems such as the brakes. In the wild, such an exploit could allow widespread simultaneous deployment of a hack affecting huge numbers of vehicles.

Submission + - FBI Caught Breaking the Law When Hacking Computers

An anonymous reader writes: The FBI hacks computers. Specifics are scarce, and only a trickle of news has emerged from court filings and FOIA responses. But we know it happens.

In a new law review article, a Stanford professor pulls together what's been disclosed, and then matches it against established law. The results sure aren't pretty. FBI agents deceive judges, ignore time limits, don't tell computer owners after they've been hacked, and don't get 'super-warrants' for webcam snooping. Whatever you think of law enforcement hacking, it probably shouldn't be this lawless.

Submission + - Pro GPL->

just_another_sean writes: Christopher Allan Webber, recently returned from OSCON, shares his thoughts on the GPL and why he dislikes people pitting one type of software licenses against another.

There is no reason to pit permissive and copyleft licensing against each other. Anyone doing so is doing a great disservice to user freedom. My name is Christopher Allan Webber. I fight for the users, and I'm standing up for the GPL.


Link to Original Source

Submission + - As Nations Hack Each Other, Protecting Personal Information Must Become Priority->

An anonymous reader writes: Foreign hackers are now in possession of security clearance documents that contain deeply personal secrets, and there is no way of reversing that. These individuals are caught in what Maj. Gen. Charles J. Dunlap has labeled the “hyper-personalization of war.” While there is nothing new about espionage or hacking, the size and depth of these attacks make them extremely serious. The ubiquity of technology and poor security have caused both crime and surveillance to skyrocket in frequency and specificity; those same factors are now also allowing intelligence agencies to infiltrate each others’ systems and societies. Nations are seeing identity databases as important targets for both offense and defense.
Link to Original Source

Staff meeting in the conference room in %d minutes.

Working...