Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Submission + - Symantec: Hacking Group Black Vine Behind Anthem Breach->

itwbennett writes: Symantec said Tuesday in a report that the hacking group Black Vine, which has been active since 2012 and has gone after other businesses that deal with sensitive and critical data, including organizations in the aerospace, technology and finance industries, is behind the hack against Anthem. The Black Vine malware Mivast was used in the Anthem breach, according to Symantec.
Link to Original Source

Submission + - Slashdot by the People

turp182 writes: Slashdot by the People

Editors, please post to the front page if this get a response from the Firehose users. The response would help any potential buyer better understand the community, and the community could respond with insightful responses.

This is intended to be an idea generation story for how the community itself could purchase and then control Slashdot. If this happened I believe a lot of former users would at least come and take a look, and some of them would participate again.

This is not about improving the site, only about acquiring the site.

First, here's what we know:
1. DHI (Dice) paid $20 million for Slashdot, SourceForce, and Freecode, purchased from Geeknet back in 2012:
    http://techcrunch.com/2012/09/...
2. Slashdot has an Alexa Global Rank of 1,689, obtaining actual traffic numbers require money to see:
    http://www.alexa.com/siteinfo/...
3. According to Quantcast, Slashdot has over 250,000 unique monthly views:
    https://www.quantcast.com/slas...
4. Per an Arstechnia article, Slashdot Media (Slashdot and Sourceforge) had 2015Q2 revenues of $1.7 million and have expected full year revenues of $15-$16 million (which doesn't make sense given the quarterly number):
    http://arstechnica.com/informa...

Next, things we don't know:
0. Is Slashdot viable without a corporate owner? (the only question that matters)
1. What would DHI (Dice) sell Slashdot for? Would they split it from Sourceforge?
2. What are the hosting and equipment costs?
3. What are the personnel costs (editors, advertising salesforce, etc.)?
4. What other expenses does the site incur (legal for example)?
5. What is Slashdot's portion of the revenue of Slashdot Media?

These questions would need to be answered in order to valuate the site. Getting that info and performing the valuation would require expensive professional services.

What are possible ways we could proceed?

In my opinion, a non-profit organization would be the best route.

Finally, the hard part: Funding. Here are some ideas.

1. Benefactor(s) — It would be very nice to have people with some wealth that could help.
2. Crowdfunding/Kickstarter — I would contribute to such an effort I think a lot of Slashdotters would contribute. I think this would need to be a part of the funding rather than all of it.
3. Grants and Corporate Donations — Slashdot has a wide and varied membership and audience. We regularly see post from people that work at Google, Apple, and Microsoft. And at universities. We are developers (like me), scientists, experts, and also ordinary (also like me). A revived Slashdot could be a corporate cause in the world of tax deductions for companies.
4. ????
5. Profit!

Oh, the last thing: Is this even a relevant conversation?

I can't say. I think timing is the problem, with generating funds and access to financial information (probably won't get this without the funds) being the most critical barriers. Someone will buy the site, we're inside the top 2,000 global sites per info above.

The best solution, I believe, is to find a large corporate "sponsor" willing to help with the initial purchase and to be the recipient of any crowd sourcing funds to help repay them. The key is the site would have to have autonomy as a separate organization. They could have prime advertising space (so we should focus on IBM...) with the goal would be to repay the sponsor in full over time (no interest please?).

The second best is seeking a combination of "legal pledges" from companies/schools/organizations combined with crowd sourcing. This could get access to the necessary financials.

Also problematic, from a time perspective, a group of people would need to be formed to handle organization (managing fundraising/crowdsourcing) and interations with DHI (Dice). All volunteer for sure.

Is this even a relevant conversation? I say it is, I actually love Slashdot; it offers fun, entertaining, and enlightening conversation (I browse above the sewer), and I find the article selection interesting (this gyrates, but I still check a lot).

And to finish, the most critical question: Is Slashdot financially viable as an independent organization?
Medicine

Beyond Safety: Is Robotic Surgery Sustainable? 46 46

Hallie Siegel writes: The release last week of the study on adverse events in robotic surgery led to much discussion on the safety and effectiveness of robotic surgical procedures. MIT Sloane's Matt Beane argues that while the hope is that this dialogue will mean safer and more effective robotic procedures in the future, the intense focus on safety and effectiveness has compromised training opportunities for new robotic surgeons, who require many hours of 'live' surgical practice time to develop their skills. Beane says that robotic surgery will likely continue to expand in proportion to other methods, given that it allows fewer surgeons to perform surgery with less trauma to the patient, but no matter how safe we make robotic surgical procedures, they will become a luxury available to a very few if we fail to address the sustainability of the practice.

Comment Likely a new gift for the NSA (Score 2, Insightful) 183 183

What would the existence of an exascale supercomputer mean for today's popular encryption/hashing algorithms?

Exactly.

My first thought was the new addition will be tasked by the NSA/FiveEyes to break encryption for intercepted communications.

Supercomputing

Obama's New Executive Order Says the US Must Build an Exascale Supercomputer 183 183

Jason Koebler writes: President Obama has signed an executive order authorizing a new supercomputing research initiative with the goal of creating the fastest supercomputers ever devised. The National Strategic Computing Initiative, or NSCI, will attempt to build the first ever exascale computer, 30 times faster than today's fastest supercomputer. Motherboard reports: "The initiative will primarily be a partnership between the Department of Energy, Department of Defense, and National Science Foundation, which will be designing supercomputers primarily for use by NASA, the FBI, the National Institutes of Health, the Department of Homeland Security, and NOAA. Each of those agencies will be allowed to provide input during the early stages of the development of these new computers."
Power

Replacing Silicon With Gallium Nitride In Chips Could Reduce Energy Use By 20% 85 85

Mickeycaskill writes: Cambridge Electronics Inc (CEI), formed of researchers from the Massachusetts Institute of Technology (MIT), claim semiconductors made of gallium nitride (GaN) could reduce the power consumption of data centers and consumer electronics by 20 percent by 2025. CEI has revealed a range of GaN transistors and power electronic circuits that have just one tenth of the resistance of silicon, resulting in much higher energy efficiency. The company claims to have overcome previous barriers to adoption such as safety concerns and expense through new manufacturing techniques. "Basically, we are fabricating our advanced GaN transistors and circuits in conventional silicon foundries, at the cost of silicon. The cost is the same, but the performance of the new devices is 100 times better," Cambridge Electronics researcher Bin Lu said.
China

What Federal Employees Really Need To Worry About After the Chinese Hack 115 115

HughPickens.com writes: Lisa Rein writes in the Washington Post that a new government review of what the Chinese hack of sensitive security clearance files of 21 million people means for national security is in — and some of the implications are quite grave. According to the Congressional Research Service, covert intelligence officers and their operations could be exposed and high-resolution fingerprints could be copied by criminals. Some suspect that the Chinese government may build a database of U.S. government employees that could help identify U.S. officials and their roles or that could help target individuals to gain access to additional systems or information. National security concerns include whether hackers could have obtained information that could help them identify clandestine and covert officers and operations (PDF).

CRS says that if the fingerprints in the background investigation files are of high enough quality, "depending on whose hands the fingerprints come into, they could be used for criminal or counterintelligence purposes." Fingerprints also could be trafficked on the black market for profit — or used to blow the covers of spies and other covert and clandestine officers, the research service found. And if they're compromised, fingerprints can't be reissued like a new credit card, the report says, making "recovery from the breach more challenging for some."
vivaoporto Also points out that these same hackers are believed to be responsible for hacking United Airlines.
GNU is Not Unix

Interviews: Ask Richard Stallman a Question 264 264

RMS founded the GNU Project, the Free Software Foundation, and remains one of the most important and outspoken advocates for software freedom. He now spends much of his time fighting excessive extension of copyright laws, digital restrictions management, and software patents. RMS has agreed to answer your questions about GNU/Linux, how GNU relates to Linux the kernel, free software, why he disagrees with the idea of open source, and other issues of public concern. As usual, ask as many as you'd like, but please, one question per post.
Android

Maliciously Crafted MKV Video Files Can Be Used To Crash Android Phones 85 85

itwbennett writes: Just days after publication of a flaw in Android's Stagefright, which could allow attackers to compromise devices with a simple MMS message, researchers have found another Android media processing flaw. The latest vulnerability is located in Android's mediaserver component, more specifically in how the service handles files that use the Matroska video container (MKV), Trend Micro researchers said. "When the process opens a malformed MKV file, the service may crash (and with it, the rest of the operating system). The vulnerability is caused by an integer overflow when the mediaserver service parses an MKV file. It reads memory out of buffer or writes data to NULL address when parsing audio data."
Privacy

Kentucky Man Arrested After Shooting Down Drone 1056 1056

McGruber writes: Hillview, Kentucky resident William H. Merideth describes his weekend: "Sunday afternoon, the kids – my girls – were out on the back deck, and the neighbors were out in their yard. And they come in and said, 'Dad, there's a drone out here, flying over everybody's yard.'" Merideth's neighbors saw it too. "It was just hovering above our house and it stayed for a few moments and then she finally waved and it took off," said neighbor Kim VanMeter. Merideth grabbed his shotgun and waited to see if the drone crossed over his property. When it did, he took aim and shot it out of the sky.

The owners showed up shortly, and the police right after. He was arrested and charged with first degree criminal mischief and first degree wanton endangerment before being released the next day. Merideth says he will pursue legal action against the drone's owner: "He didn't just fly over. If he had been moving and just kept moving, that would have been one thing -- but when he come directly over our heads, and just hovered there, I felt like I had the right. You know, when you're in your own property, within a six-foot privacy fence, you have the expectation of privacy. We don't know if he was looking at the girls. We don't know if he was looking for something to steal. To me, it was the same as trespassing."
Security

Hacking a 'Smart' Sniper Rifle 63 63

An anonymous reader writes: It was inevitable: as soon as we heard about computer-aimed rifles, we knew somebody would find a way to compromise their security. At the upcoming Black Hat security conference, researchers Runa Sandvik and Michael Auger will present their techniques for doing just that. "Their tricks can change variables in the scope's calculations that make the rifle inexplicably miss its target, permanently disable the scope's computer, or even prevent the gun from firing." In one demonstration they were able to tweak the rifle's ballistic calculations by making it think a piece of ammunition weighed 72 lbs instead of 0.4 ounces. After changing this value, the gun tried to automatically adjust for the weight, and shot significantly to the left. Fortunately, they couldn't find a way to make the gun fire without physically pulling the trigger.
Bug

Honeywell Home Controllers Open To Any Hacker Who Can Find Them Online 83 83

Trailrunner7 writes: Security issues continue to crop up within the so-called "smart home." A pair of vulnerabilities have been reported for the Tuxedo Touch controller made by Honeywell, a device that's designed to allow users to control home systems such as security, climate control, lighting, and others. The controller, of course, is accessible from the Internet. Researcher Maxim Rupp discovered that the vulnerabilities could allow an attacker to take arbitrary actions, including unlocking doors or modifying the climate controls in the house.
Software

Ask Slashdot: Everyone Building Software -- Is This the Future We Need? 339 339

An anonymous reader writes: I recently stumbled upon Apple's headline for version 2 of its Swift programming language: "Now everyone can build amazing apps." My question: is this what we really need? Tech giants (not just Apple, but Microsoft, Facebook, and more) are encouraging kids and adults to become developers, adding to an already-troubled IT landscape. While many software engineering positions are focused only on a business's internal concerns, many others can dramatically affect other people's lives. People write software for the cars we drive; our finances are in the hands of software, and even the medical industry is replete with new software these days. Poor code here can legitimately mess up somebody's life. Compare this to other high-influence professions: can you become surgeon just because you bought a state-of-art turbo laser knife? Of course not. Back to Swift: the app ecosystem is already chaotic, without solid quality control and responsibility from most developers. If you want simple to-do app, you'll get never-ending list of software artifacts that will drain your battery, eat memory, freeze the OS and disappoint you in every possible way. So, should we really be focusing on quantity, rather than quality?
Security

Video Veteran IT Journalist Worries That Online Privacy May Not Exist (Video) 43 43

Tom Henderson is a long-time observer of the IT scene, complete with scowl and grey goatee. And cynicism. Tom is a world-class cynic, no doubt about it. Why? Cover enterprise IT security and other computing topics long enough for big-time industry publications like ITWorld and its IDG brethren, and you too may start to think that no matter what you do, your systems will always have (virtual) welcome mats in front of them, inviting crackers to come in and have a high old time with your data.

Note: Alert readers have probably noticed that we talked with Tom about cloud security back in March. Another good interview, worth seeing (or reading).
Businesses

DHI Group Inc. Announces Plans to Sell Slashdot Media 546 546

An anonymous reader writes: DHI Group Inc. (formerly known as Dice Holdings Inc.) announced plans to sell Slashdot Media (slashdot.org & sourceforge.net) in their Q2 financial report. This is being reported by multiple sources. Editor's note: Yep, looks like we're being sold again. We'll keep you folks updated, but for now I don't have any more information than is contained in the press release. Business as usual until we find a buyer (and hopefully after). The company prepared a statement for our blog as well — feel free to discuss the news here, there, or in both places.

Like punning, programming is a play on words.

Working...