Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

+ - A step closer to explaining high-temperature superconductivity?->

Submitted by sciencehabit
sciencehabit (1205606) writes "For years some physicists have been hoping to crack the mystery of high-temperature superconductivity—the ability of some complex materials to carry electricity without resistance at temperatures high above absolute zero—by simulating crystals with patterns of laser light and individual atoms. Now, a team has taken—almost—the next-to-last step in such "optical lattice" simulation by reproducing the pattern of magnetism seen in high-temperature superconductors from which the resistance-free flow of electricity emerges."
Link to Original Source

+ - Google Taking Over New TLDs->

Submitted by bobo the hobo
bobo the hobo (302407) writes "In the corner of the internet where people care about DNS, there is a bit of an uproar at Google's application for over a hundred new top-level domains, including .dev, .lol, .app, .blog, .cloud and .search. Their application includes statements such as:
By contrast, our application for the .blog TLD describes a new way of automatically linking new second level domains to blogs on our Blogger platform – this approach eliminates the need for any technical configuration on the part of the user and thus makes the domain name more user friendly.

And also limiting usage of .dev to Google only:
Second-level domain names within the proposed gTLD are intended for registration and use by Google only, and domain names under the new gTLD will not be available to the general public for purchase, sale, or registration. As such, Charleston Road Registry intends to apply for an exemption to the ICANN Registry Operator Code of Conduct as Google is intended to be the sole registrar and registrant."

Link to Original Source

+ - Pharming Attack Targets Home Router DNS Settings->

Submitted by msm1267
msm1267 (2804139) writes "Pharming attacks are generally network-based intrusions where the ultimate goal is to redirect a victim’s web traffic to a hacker-controlled webserver, generally through a malicious modification of DNS settings. Some of these attacks, however, are starting to move to the web and have their beginnings with a spam or phishing email.

Proofpoint yesterday reported on the latest iteration of this attack, also based in Brazil. The campaign was carried out during a five-week period starting in December when Proofpoint spotted phishing messages, fewer than 100, sent to customers of one of the country’s largest telecommunications companies."

Link to Original Source

+ - EFF Unearths Evidence of Possible Superfish-style Attacks in the Wild->

Submitted by Anonymous Coward
An anonymous reader writes "It's starting to look like Superfish and other software containing the same HTTPS-breaking code library may have posed more than a merely theoretical danger to Internet users. For the first time, researchers have uncovered evidence suggesting the critical weakness may have been exploited against real people visiting real sites, including Gmail, Amazon, eBay, Twitter, and Gpg4Win.org, to name just a few.

In a blog post published Wednesday, Researchers Joseph Bonneau and Jeremy Gillula wrote:

        We searched the Decentralized SSL Observatory for examples of certificates that Komodia should have rejected, but which it ended up causing browsers to accept, and found over 1600 entries. Affected domains included sensitive websites like Google (including mail.google.com, accounts.google.com, and checkout.google.com), Yahoo (including login.yahoo.com), Bing, Windows Live Mail, Amazon, eBay (including checkout.payments.ebay.com), Twitter, Netflix, Mozilla’s Add-Ons website, www.gpg4win.org, several banking websites (including mint.com and domains from HSBC and Wells Fargo), several insurance websites, the Decentralized SSL Observatory itself, and even superfish.com.

        While it’s likely that some of these domains had legitimately invalid certificates (due to configuration errors or other routine issues), it seems unlikely that all of them did. Thus it’s possible that Komodia’s software enabled real MitM attacks which gave attackers access to people’s email, search histories, social media accounts, e-commerce accounts, bank accounts, and even the ability to install malicious software that could permanently compromise a user’s browser or read their encryption keys."

Link to Original Source

+ - How Google avoids downtime->

Submitted by Brandon Butler
Brandon Butler (2829853) writes "Google has an innovative way of attempting to keep its services — like its cloud platform and apps — up and running as much as possible. The man in charge of it is Ben Trenyor, who runs Google's Site Reliability Engineer (SRE) team.

Each Google product has a service level agreement (SLA) that dictates how much downtime the product can have in a given month or year. Take 99.9% uptime, for example: That allows for 43 minutes of downtime per month, or about 8 hours and 40 minutes per year. That 8 hours and 40 minutes is what is referred to at Google as an “error budget.”

Google product managers don’t have to be perfect — they just have to be better than their SLA guarantee. So each product team at Google has a “budget” of errors it can make.
If the product adheres to the SLA’s uptime promise, then the product team is allowed to launch new features. If the product is outside of its SLA, then no new features are allowed to be rolled out until the reliability improves.

In a traditional site reliability model there is a fundamental disconnect between site reliability engineers (SREs) and the product managers. Product managers want to keep adding services to their offerings, but the SREs don’t like changes because that opens the door to more potential problems.

This “error budget” model addresses that issue by uniting the priorities of the SREs and product teams. The product developers want to add more features, so they architect reliable systems. It seems to work; according to tracking company CloudHamrony, Google had one of the most reliable IaaS clouds among the major vendors in 2014."

Link to Original Source

+ - How I Got My Photos From The Department of Homeland Security

Submitted by gallifreyan99
gallifreyan99 (3502381) writes "Like every foreigner who flies into the US (and an increasing number of Americans, too) Tor Project contributor Runa Sandvik is tracked by Homeland Security with a series of photos taken at the border. When she filed an FOIA request to get hold of those images, what emerged was a weird, Big Brotherish take on time lapse photography."

+ - Cable Networks are Speeding Up Shows to Fit More Ads

Submitted by WheezyJoe
WheezyJoe (1168567) writes "After trying just about every other trick to squeeze more commercials into your Law and Order binge-fix, cable networks are now resorting to speeding up older shows and reruns in an effort to capture yet more revenue. TBS used compression technology to speed up the Wizard of Oz during its airing last November, causing pop-culture writer Stephen Cox to notice that the munchkins' voices were pitched higher than normal. TBS, TNT, and TV Land have also sped up shows including Seinfeld and Friends. “It is a way to keep the revenue from going down as much as the ratings,” a top executive at one major cable programmer said. “The only way we can do it is to double down and stretch the unit load a little more.”"

+ - So. Cal. Edison's IT layoffs 'heartless,' says Sen. Grassley->

Submitted by dcblogs
dcblogs (1096431) writes "Southern California Edison's decision to cut 500 of its IT workers and replace them contractors from two large H-1B using India-based IT services firms, is getting the ire of U.S. Sen. Chuck Grassley (R-Iowa). He said the case illustrates how some employers "are potentially using legal avenues to import foreign workers, lay-off qualified Americans, and then export jobs overseas.” Grassley, chair of the Sen. Judiciary Committee, said “I don't intend on allowing legislation to move through this body without reforms to the H-1B visa program that protect the American worker." Meanwhile, Sen. Orrin Hatch (R-Iowa), and the leader of an effort to significantly raise the H-1B cap, was critical of Grassley’s view, and told The Hill: "It's absurd to think that in this global marketplace we can maintain an insular, protectionist workforce.”"
Link to Original Source

+ - 3 Million Strong RAMNIT Botnet Taken Down

Submitted by Anonymous Coward
An anonymous reader writes "The National Crime Agency’s National Cyber Crime Unit worked with law enforcement colleagues in the Netherlands, Italy and Germany, co-ordinated through Europol’s European Cybercrime Centre, to shut down command and control servers used by the RAMNIT botnet. Investigators believe that RAMNIT may have infected over three million computers worldwide, with around 33,000 of those being in the UK. It has so far largely been used to attempt to take money from bank accounts."

+ - The Groups Behind Making Distributed Solar Power Harder to Adopt->

Submitted by Lucas123
Lucas123 (935744) writes "Distributed rooftop solar is a threat not only to fossil fuel power generation, but also to the profits of monopolistic model of utilities. While the overall amount of electrical capacity represented by distributed solar power remains miniscule for now, it's quickly becoming one of leading sources of new energy deployment. As adoption grows, fossil fuel interests and utilities are succeeding in pushing anti-net metering legislation, which places surcharges on customers who deploy rooftop solar power and sell unused power back to their utility through the power grid. Other state legislation is aimed at reducing tax credits for households or businesses installing solar or allows utilities to buy back unused power at a reduced rate, while reselling it at the full retail price."
Link to Original Source

+ - Non-scientists can't tell the difference between real science and a numbers game

Submitted by StartsWithABang
StartsWithABang (3485481) writes "No one science can stand wholly on its own. For inquiry about the Universe to give a correct, complete picture, it requires that we bring in a whole slew of evidence, often from tangentially related fields. The interplay between three fields in particular — astronomy, physics, and math (not a science, but the tool used to help understand the relationships arising in the first two) — have given rise to the most successful picture of the Universe of all-time. But to the non-scientists out there, it's often difficult to tell a sciencey-sounding idea from real science."

+ - Firefox 36 Arrives With Full HTTP/2 Support, New Design For Android Tablets

Submitted by Anonymous Coward
An anonymous reader writes "Mozilla today launched Firefox 36 for Windows, Mac, Linux, and Android. Major additions to the browser include full HTTP/2 support and a new tablet user interface on Android. The biggest news for the browser is undoubtedly HTTP/2 support, the roadmap for which Mozilla outlined just last week. Mozilla plans to keep various draft levels of HTTP/2, already in Firefox, for a few versions. These will be removed “sometime in the near future.” The full changelog is here."

Innovation is hard to schedule. -- Dan Fylstra

Working...