Forgot your password?
typodupeerror

+ - A Fictional Compression Metric Moves Into the Real World->

Submitted by Tekla Perry
Tekla Perry (3034735) writes "The "Weissman Score"—created for HBO's Silicon Valley to add dramatic flair to the show's race to build the best compression algorithm—creates a single score by considering both the amount of compression and the compression speed. While it was created for a TV show, it does really work, and it's quickly migrating into academia. Computer science and engineering students will begin to encounter the Weissman Score in the classroom this fall."
Link to Original Source

+ - Internet Census 2012 Data Examined: Authentic but Chaotic and Unetical->

Submitted by Anonymous Coward
An anonymous reader writes "A team of researchers at the TU Berlin and RWTH Aachen presented an analysis of the Internet Census 2012 data set in the July edition of the ACM Sigcomm Computer Communication Review journal. After its release on March 17, 2013 by an anonymous author, the Internet Census data created an immediate media buzz, mainly due to its unethical data collection methodology that exploited default passwords to form the Carna botnet.
The now published analysis suggests that the released data set is authentic and not faked, but also reveals a rather chaotic picture. The Census suffers from a number of methodological flaws and also lacks meta-data information, which renders the data unusable for many further analyses. As a result, the researchers have not been able to verify several claims that the anonymous author(s) made in the published Internet Census report. The researchers also point to similar but legal efforts measuring the Internet and remark that the illegally measured Internet Census 2012 is not only unethical but might have been overrated by the press."

Link to Original Source

+ - A Personal Electronic Aura Could be the Answer to Password Hell ->

Submitted by DavidGilbert99
DavidGilbert99 (2607235) writes "Imagine using chips implanted in accessories like glasses, shoes and belts — or even under your skin — to generate a personal electronic aura. This would be your own personal safe zone, and only inside this would your electronics work, including a device which logs and stores thousands of passwords. This is the vision of a Cambridge University professor who wants to create an Electronic Aura for everyone."
Link to Original Source

+ - Stanford Engineers Explain How They Created a Fictitious Compression For HBO's S->

Submitted by Tekla Perry
Tekla Perry (3034735) writes "Professor Tsachy Weissman and Ph.D student Vinith Misra came up with (almost) believable compression algorithms for HBO's Silicon Valley. Some constraints--they had to seem plausible, look good when illustrated on a whiteboard, and work with the punchline, "middle out". Next season the engineers may encourage producers to tackle the challenge of local decodability."
Link to Original Source

+ - New SSL server rules go into effect Nov. 1->

Submitted by alphadogg
alphadogg (971356) writes "Public certificate authorities (CAs) are warning that as of Nov. 1 they will reject requests for internal SSL server certificates that don’t conform to new internal domain naming and IP address conventions designed to safeguard networks. The concern is that SSL server digital certificates issued by CAs at present for internal corporate e-mail servers, Web servers and databases are not unique and can potentially be used in man-in-the-middle attacks involving the setup of rogue servers inside the targeted network, say representatives for the Certification Authority/Browser Forum (CA/B Forum), the industry group that sets security and operational guidelines for digital certificates. Members include the overwhelming bulk of public CAs around the globe, plus browser makers such as Microsoft and Apple. The problem today is that network managers often give their servers names like “Server1” and allocate internal IP addresses so that SSL certificates issued for them through the public CAs are not necessarily globally unique, notes Trend Micro's Chris Bailey."
Link to Original Source

+ - Is encryption for the public now a myth?

Submitted by TechForensics
TechForensics (944258) writes "We all know the TrueCrypt story-- a fine, effective encryption program beginning to achieve wide use. When you see how the national security agency modified this tool so they could easily overcome it, you'll probably understand why they don't complain about PGP anymore. The slip that showed what was happening was the information that NSA "were really ticked about TrueCrypt" either because they couldn't circumvent it or found it too difficult. From the standpoint of privacy advocates, NSA's dislike for TrueCrypt was evidence it was effective.

Next, NSA directly wrapped up the makers of TrueCrypt in legal webs that made them insert an NSA backdoor and forbade them from revealing it was there. It's only because of the cleverness of the TrueCrypt makers the world was able to determine for itself that TrueCrypt was now compromised. (Among other things, though formerly staunch privacy advocates, the makers discontinued development of TrueCrypt and recommended something like Microsoft Bitlocker, which no one with any sense believes could be NSA – hostile. It then became logically defensible, since NSA was not complaining about PGP or other encryption programs, to posit they had already been vitiated.

This is the situation we have: all of the main are important encryption programs are compromised at least in use against the federal government. Whether NSA tools are made available to local law enforcement is not known. This all begs the question:

Does the public now have *any* encryption that works? Even if we can see the source code of the encryption algorithm the source code of the program employing that algorithm must be considered false. (TrueCrypt was the only program NSA complained about.) In the case of other software, it becomes believable the NSA has allowed to be published only source code that hides their changes, and the only way around that may be to check and compile the published code yourself. Half the public probably doesn't bother.

Okay, Slashdot, what do you think? Where do we stand? And what ought we to do about it?"

+ - Poetry for sysadmins: Shall I compare thee to a lumbering bear?->

Submitted by itwbennett
itwbennett (1594911) writes "Don't forget that tomorrow is Sysadmin Day — a good day to show love to the folks who save your butt again and again when you mess up your computer. Forget the chocolate and flowers, long-time sysadmin Sandra Henry-Stocker has tailored some poems to celebrate these under appreciated, hard-working souls."
Link to Original Source

+ - Laser Eye Surgery, Revisited 10 years Later->

Submitted by gunner_von_diamond
gunner_von_diamond (3461783) writes "I was just reading a story on ./ from 10 years ago today, about Lasik Eye Surgery. Personally, I've had Lasik done and loved every single part of the surgery. I went from wearing contacts/glasses every day to having 20/15 vision! In the older post, everyone seemed to be cautious about it, waiting for technical advances to get the surgery done. In present day, the surgery is fairly inexpensive [even for a programmer :) ], takes about 10-15 minutes for the actual surgery, and I recovered from the surgery that same day. So my question is, what is holding everyone else back from being reliant on contacts and/or glasses?"
Link to Original Source

+ - Border official points gun at Boy Scout->

Submitted by Anonymous Coward
An anonymous reader writes "A central Iowa Boy Scout troop just returned from a three-week trip they will likely never forget.
Boy Scout Troop 111 Leader Jim Fox spelled out what happened to him and the Mid-Iowa Boy Scout Troop 111 as four van-loads of Scouts and adult volunteers tried to drive from Canada into Alaska.
Fox said one of the Scouts took a picture of a border official, which spurred agents to detain everyone in that van and search them and their belongings.
âoeThe agent immediately confiscated his camera, informed him he would be arrested, fined possibly $10,000 and 10 years in prison,â Fox said.
Another of the Scouts was taking luggage from the top of a van to be searched when something startling happened.
âoeHe hears a snap of a holster, turns around, and hereâ(TM)s this agent, both hands on a loaded pistol, pointing at the young manâ(TM)s head,â Fox explained."

Link to Original Source

+ - For half, STEM degrees in computers, math or stats lead to other jobs->

Submitted by dcblogs
dcblogs (1096431) writes "The Census Bureau reports that only 26% of people with any type of four-year STEM degree are working in a STEM field. For those with a degree specifically in computer, math or statistics, the figure is 49%, nearly the same for engineering degrees. What happens to the other STEM trained workers? The largest numbers are managers at non-STEM businesses (22.5%), or having careers in education (17.7%), business/finance (13.2%) and office support (11.5%). Some other data points: Among those with college degrees in computer-related occupations, men are paid more than women ($90,354 vs. $78,859 on average), and African American workers are more likely to be unemployed than white or Asian workers."
Link to Original Source

+ - 2 Factor Authentication in the Real World? Please share your story. 1

Submitted by Norsak
Norsak (1755552) writes "I work as an IT Manager. We have 1000 users on a Windows domain, a fairly common scenario
I personally doubt that implementing 2 Factor Authentication in my organization would be possible. If some of you have successfully upgraded a company to 2 factor authentication, I would be very interested in hearing about your experience.

My primary concern is:
There are so many different ways a user can currently use AD credentials.
Wouldn’t any Two Factor Authentication solution support fewer access permutations than the old Username + Password system it is replacing?

Here are some scenarios that come to mind:

- Offline Laptop cached credentials login
- Iphone & Android email login, as well as offline access to old emails.
- Non IIS webservers that use LDAP to authenticate against AD

My second concern is ease of use and its impact on user acceptance.
At the bank they plug smartcards into a reader; but solutions beyond the desktop, like Microsoft’s Azure MFA, appear much more clunky.

Please share your experiences."

+ - Internet Explorer Vulnerabilities Increase 100%

Submitted by Anonymous Coward
An anonymous reader writes "Bromium Labs analyzed public vulnerabilities and exploits from the first six months of 2014. The research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013 , surpassing Java and Flash vulnerabilities. Web browsers have always been a favorite avenue of attack, but we are now seeing that hackers are not only getting better at attacking Internet Explorer, they are doing it more frequently."

+ - The Psychology Of Phishing

Submitted by Anonymous Coward
An anonymous reader writes "Phishing emails are without a doubt one of the biggest security issues consumers and businesses face today. Cybercriminals understand that we are a generation of clickers and they use this to their advantage. They will take the time to create sophisticated phishing emails because they understand that today users can tell-apart spam annoyances from useful email, however they still find it difficult identifying phishing emails, particularly when they are tailored to suit each recipient individually. Fake emails are so convincing and compelling that they fool 10% of recipients into clicking on the malicious link. To put that into context a legitimate marketing department at a FTSE 100 company typically expects less than a 2% click rate on their advertising campaigns. So, how are the cybercriminals out-marketing the marketing experts?"

+ - Verizon's offer: Let us track you, get free stuff->

Submitted by mpicpp
mpicpp (3454017) writes "Are you comfortable having your location and Web browsing tracked for marketing purposes? If so, Verizon's got a deal for you.

The wireless giant announced a new program this week called "Smart Rewards" that offers customers credit card-style perks like discounts for shopping, travel and dining. You accrue points through the program by doing things like signing onto the Verizon website, paying your bill online and participating in the company's trade-in program.

Verizon emphasizes that the data it collects is anonymized before it's shared with third parties.
The program is novel in that offers Verizon users some compensation for the collection of their data, which has become big business for telecom and tech companies. Some privacy advocates have pushed data-collecting companies to reward customers for their personal information in the interest of transparency."

Link to Original Source

+ - Intel Launches Self-Encrypting SSD 2500 Pro Solid State Drive->

Submitted by MojoKid
MojoKid (1002251) writes "Intel just launched their new SSD 2500 Pro series solid state drive, the follow-up to last year's SSD 1500 Pro series, which targets corporate and small-business clients. The drive shares much of its DNA with some of Intel's consumer-class drives, but the Pro series cranks things up a few notches with support for advanced security and management features, low power states, and an extended management toolset. In terms of performance, the Intel SSD 2500 Pro isn't class-leading in light of many enthusiast-class drives but it's no slouch either. Intel differentiates the 2500 Pro series by adding support for vPro remote-management and hardware-based self-encryption. The 2500 Pro series supports TCG (Trusted Computing Group) Opal 2.0 features and is Microsoft eDrive capable as well. Intel also offers an administration tool for easy management of the drive. With the Intel administration tool, users can even reset the PSID (physical presence security ID), though the contents of the drive will be wiped. The SSD 2500 Pro series of solid state drives will be offered in both 2.5" SATA (7mm Z-Height) and M.2 "gumstick" form factors, with capacities ranging from 120GB on up to 480GB. Sequential reads are rated at up to 540MB/s, sequential writes at up to 480MB/s, with 45K – 80K random read / write IOps."
Link to Original Source

The way to make a small fortune in the commodities market is to start with a large fortune.

Working...