Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
China

Github DDoS Attack As Seen By Google 43

Posted by Soulskill
from the i-can-see-my-house-from-here dept.
New submitter opensec writes: Last month GitHub was hit by a massive DDoS attack originating from China. On this occasion the public discovered that the NSA was not the only one with a QUANTUM-like capability. China has its own "Great Cannon" that can inject malicious JavaScript inside HTTP traffic. That weapon was used in the GitHub attack. People using Baidu services were unwitting participants in the denial of service, their bandwidth used to flood the website. But such a massive subversion of the Internet could not evade Google's watchful eye. Niels Provos, engineer at Google, tells us how it happened. Showing that such attacks cannot be made covertly, Provos hopes that the public shaming will act as a deterrent.
DRM

Microsoft, Chip Makers Working On Hardware DRM For Windows 10 PCs 237

Posted by Soulskill
from the just-what-users-wanted dept.
writertype writes: Last month, Microsoft began talking about PlayReady 3.0, which adds hardware DRM to secure 4K movies. Intel, AMD, Nvidia, and Qualcomm are all building it in, according to Microsoft. "Older generations of PCs used software-based DRM technology. The new hardware-based technology will know who you are, what rights your PC has, and won’t ever allow your PC to unlock the content so it can be ripped. ... Unfortunately, it looks like the advent of PlayReady 3.0 could leave older PCs in the lurch. Previous PlayReady technology secured content up to 1080p resolution using software DRM—and that could be the maximum resolution for older PCs without PlayReady 3.0." Years back, a number of people got upset when Hollywood talked about locking down "our content." It looks like we may be facing it again for 4K video.
Government

German Intelligence Helped NSA Spy On EU Politicians and Companies 70

Posted by Soulskill
from the der-rubberschtampen dept.
An anonymous reader writes: We've known for some time already that intelligence agencies operate beyond rules, laws, and regulations. Now, we learn that the NSA and the German intelligence service, BND, lied and withheld information about misuse from the German Chancellor's Office.

"The BND realized as early as 2008 that some of the selectors were not permitted according to its internal rules, or covered by a 2002 US-Germany anti-terrorism "Memorandum of Agreement" on intelligence cooperation. And yet it did nothing to check the NSA's requests systematically. It was only in the summer of 2013, after Edward Snowden's revelations of massive NSA and GCHQ surveillance, that the BND finally started an inquiry into all the selectors that had been processed. According to Der Spiegel, investigators found that the BND had provided information on around 2,000 selectors that were clearly against European and German interests. Not only were European businesses such as the giant aerospace and defense company EADS, best-known as the manufacturer of the Airbus planes, targeted, so were European politicians—including German ones.

However, the BND did not inform the German Chancellor's office, which only found out about the misuse of the selector request system in March 2015. Instead, the BND simply asked the NSA to make requests that were fully covered by the anti-terrorism agreement between the two countries. According to Die Zeit, this was because the BND was worried that the NSA might curtail the flow of its own intelligence data to the German secret services if the selector scheme became embroiled in controversy.

+ - Music Industry Argues Works Entering Public Domain Are Not in Public Interest->

Submitted by Anonymous Coward
An anonymous reader writes: With news that Canada intends to extend the term of copyright for sound recordings and performers, the recording industry is now pushing the change by arguing that works entering the public domain is not in the public interest. It is hard to see how anyone can credibly claim that works are "lost" to the public domain and that the public interest in not served by increased public access, but if anyone would make the claim, it would be the recording industry.
Link to Original Source
Google

Median Age At Google Is 29, Says Age Discrimination Lawsuit 330

Posted by samzenpus
from the get-ready-for-carrousel dept.
dcblogs writes: The typical employee at Google is relatively young, according to a lawsuit brought by an older programmer who is alleging age discrimination. Between 2007 and 2013, Google's workforce grew from 9,500 to more than 28,000 employees, "yet as of 2013, its employees' median age was 29 years old," the lawsuit claims. That's in contrast to the median age of nearly 43 for all U.S. workers who are computer programmers, according to the lawsuit.
Security

Researcher Discloses Methods For Bypassing All OS X Security Protections 126

Posted by samzenpus
from the protect-ya-neck dept.
Trailrunner7 writes: For years, Apple has enjoyed a pretty good reputation among users for the security of its products. That halo has been enhanced by the addition of new security features such as Gatekeeper and XProtect to OS X recently, but one researcher said that all of those protections are simple to bypass and gaining persistence on a Mac as an attacker isn't much of a challenge at all. Gatekeeper is one of the key technologies that Apple uses to prevent malware from running on OS X machines. It gives users the ability to restrict which applications can run on their machines by choosing to only allow apps from the Mac App Store. With that setting in play, only signed, legitimate apps should be able to run on the machine. But Patrick Wardle, director of research at Synack, said that getting around that restriction is trivial. "Gatekeeper doesn't verify an extra content in the apps. So if I can find an Apple-approved app and get it to load external content, when the user runs it, it will bypass Gatekeeper," Wardle said in a talk at the RSA Conference here Thursday. "It only verifies the app bundle. If Macs were totally secure, I wouldn't be here talking," Wardle said. "It's trivial for any attacker to bypass the security tools on Macs."
Windows

iTunes Stops Working For Windows XP Users 349

Posted by timothy
from the why-it-seems-like-only-yesterday dept.
An anonymous reader writes: iTunes users who still run Windows XP started to experience connectivity issues this week. As documented in an Apple Support Communities thread, they can't log into the iTunes store, meaning functions like buying content, watching already purchased movies and TV shows, playing DRM-protected content, backing up, updating, and syncing all do not work.
Earth

USGS: Oil and Gas Operations Could Trigger Large Earthquakes 168

Posted by timothy
from the now-there's-some-economic-stimulus dept.
sciencehabit writes: The U.S. Geological Survey (USGS) has taken its first stab at quantifying the hazard from earthquakes associated with oil and gas development. The assessment, released in a preliminary report today, identifies 17 areas in eight states with elevated seismic hazard. And geologists now say that such induced earthquakes could potentially be large, up to magnitude 7, which is big enough to cause buildings to collapse and widespread damage. Update: 04/23 15:56 GMT by T : New submitter truavatar adds: At the same time, the Oklahoma Geological Survey released a statement explicitly calling out deep wastewater injection wells to Oklahoma earthquakes, stating "The OGS considers it very likely that the majority of recent earthquakes, particularly those in central and north-central Oklahoma, are triggered by the injection of produced water in disposal wells."

+ - Qt Creator 3.4.0 Released

Submitted by jones_supa
jones_supa writes: Qt Creator 3.4.0 has been released with many new features. Qt Creator is a C/C++ IDE with specialized tools for developing Qt applications, and it works great for general-purpose projects as well. The new version comes with a C++ refactoring option to move function definitions out of a class declaration, auto-completion for signals and slots in Qt5-style connects, experimental Qt Test and Qt Quick Tests support in the Professional and Enterprise edition, support for 64-bit Android toolchains, and various other improvements. More details on the new version can be found in the official announcement and the changelog.
Communications

New Privacy Concerns About US Program That Can Track Snail Mail 64

Posted by timothy
from the ask-not-what-your-country-can-do-to-you dept.
Lashdots writes: A lawyers' group has called for greater oversight of a government program that gives state and federal law enforcement officials access to metadata from private communications for criminal investigations and national security purposes. But it's not digital: this warrantless surveillance is conducted on regular mail. "The mail cover has been in use, in some form, since the 1800s," Chief Postal Inspector Guy J. Cottrell told Congress in November. The program targets a range of criminal activity including fraud, pornography, and terrorism, but, he said, "today, the most common use of this tool is related to investigations to rid the mail of illegal drugs and illegal drug proceeds." Recent revelations that the U.S. Postal Service photographs the front and back of all mail sent through the U.S., ostensibly for sorting purposes, has, Fast Company reports, brought new scrutiny—and new legal responses—to this obscure program.
Australia

Wellness App Author Lied About Cancer Diagnosis 252

Posted by timothy
from the but-this-was-my-whole-health-plan dept.
Freshly Exhumed writes: Wellness advocate Belle Gibson, who translated her high profile as a cancer survivor into publishing success, has admitted her cancer diagnosis was not real. Ms Gibson, 23, who claimed to have healed terminal brain cancer by eating wholefoods, made the admission in an interview with the Australian Women's Weekly. The success of Gibson's book, The Whole Pantry, and her smartphone application, which advocates natural therapies, has been largely dependent on her high-profile as a cancer survivor. Sadly, we've seen this sort of behaviour before. It would seem that Belle Gibson has emulated Dr. Andrew Wakefield in knowingly decieving the public in ways that could possibly be dangerous to the health of believers.

+ - Security Companies Accused Of Exaggerating Iran's Cyberthreats Against The U.S.->

Submitted by Anonymous Coward
An anonymous reader writes: A widely-read report accusing Iran of hundreds of thousands of cyberattacks against the U.S. is being criticized as hugely inaccurate as well as motivated by marketing and politics, according to a new whitepaper and critics around the security industry. The original report, solicited by a conservative think tank and published by Norse in the lead up to the RSA Security Conference, hit the front page of the New York Times by calling handshakes and network scans "sophisticated cyberattacks."
Link to Original Source

+ - Hubble finds something astronomers can't explain

Submitted by schwit1
schwit1 writes: The Hubble Space Telescope has spotted the explosion of a star that does not fit into any theory for stellar evolution.

The exploding star, which was seen in the constellation Eridanus, faded over two weeks — much too rapidly to qualify as a supernova. The outburst was also about ten times fainter than most supernovae, explosions that destroy some or all of a star. But it was about 100 times brighter than an ordinary nova, which is a type of surface explosion that leaves a star intact. "The combination of properties is puzzling," says Mario Livio, an astrophysicist at the Space Telescope Science Institute in Baltimore, Maryland. "I thought about a number of possibilities, but each of them fails" to account for all characteristics of the outburst, he adds.

We can put this discovery on the bottom of a very long list of similar discoveries by Hubble, which this week is celebrating the 25th anniversary of its launch.

Medicine

Ancient Hangover Cure Discovered In Greek Texts 105

Posted by samzenpus
from the adjusting-your-humors dept.
An anonymous reader writes with good news for people looking for an old cure for an old problem. Trying to ease a bad hangover? Wearing a necklace made from the leaves of a shrub called Alexandrian laurel would do the job, according to a newly translated Egyptian papyrus. The "drunken headache cure" appears in a 1,900-year-old text written in Greek and was discovered during the ongoing effort to translate more than half a million scraps of papyrus known as the Oxyrhynchus Papyri. Housed at Oxford University's Sackler Library, the enormous collection of texts contains lost gospels, works by Sophocles and other Greek authors, public and personal records and medical treatises dating from the first century AD to the sixth century A.D.
Medicine

Chinese Scientists Claim To Have Genetically Modified Human Embryos 182

Posted by samzenpus
from the super-babies dept.
Annanag writes: There were rumours — but now it's been confirmed. Chinese scientists have attempted the ethically questionable feat of genetically modifying human embryos. The scientists try to head off ethical concerns by using 'non-viable' embryos, which cannot result in a live birth, obtained from local fertility clinics. The study is a landmark — but also a cautionary tale.

The best way to accelerate a Macintoy is at 9.8 meters per second per second.

Working...