Please create an account to participate in the Slashdot moderation system


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Submission + - Are Bug Bounties the Right Solution for Improving Security? ( writes: Coding Horror's Jeff Atwood is questioning if the current practice of paying researchers bounties for the software vulnerabilities they find is really improving over-all security. He notes how the Heartbleed bug serves as a counter example to "Linus's Law" that "Given enough eyeballs, all bugs are shallow".

...If you want to find bugs in your code, in your website, in your app, you do it the old fashioned way: by paying for them. You buy the eyeballs.

While I applaud any effort to make things more secure, and I completely agree that security is a battle we should be fighting on multiple fronts, both commercial and non-commercial, I am uneasy about some aspects of paying for bugs becoming the new normal. What are we incentivizing, exactly?

Submission + - Congressmen Invite Schneier to Brief them on the NSA ( writes: Six members of Congress invited security expert Bruce Schneier to brief them on the NSA. Why Bruce? Because, with access to the Snowden documents, he's more forthcoming about the NSA's activities than anybody at the NSA itself. He writes:

Rep. Lofgren asked me to brief her and a few Representatives on the NSA. She said that the NSA wasn't forthcoming about their activities, and they wanted me — as someone with access to the Snowden documents — to explain to them what the NSA was doing. Of course I'm not going to give details on the meeting, except to say that it was candid and interesting. And that it's extremely freaky that Congress has such a difficult time getting information out of the NSA that they have to ask me. I really want oversight to work better in this country.

Ironic: Even though the contents of top-secret, unpublished documents was discussed, the meeting was held in a regular conference room, because Bruce didn't have the necessary security clearance to enter a secure government facility.

Submission + - Google Glass Teardown writes: Ever wonder how Google packed all of the Google Glass functionality into a slender eyeglass frame? Find out by checking out this teardown by Scott Torborg and Star Simpson. Goodies found inside include proximity, light and inertial sensors, sound transducers, a TI OMAP CPU, flash, RAM, camera and tiny projection display.

Submission + - Opportunties From the Twilight of Moore's Law ( writes: "Andrew "bunnie" Huang just posted an excellent essay, Why the Best Days of Open Hardware are Yet to Come. He shows how the gradually slowing pace of semiconductor density actually may create many new opportunities for smaller scale innovators and entrepreneurs. It's based on a talk presented at the 2011 Open Hardware Summit.

Are we entering an age of heirloom laptops and artisan engineering?"

Submission + - Telehack re-creates the Internet from 25 years ago ( writes: " has meticulously re-created the Internet as it appeared to a command line user over a quarter century ago. Drawing on material from Jason Scott's, the text-only world of the 1980's appears right in your browser.

If you want to show somebody what the Arpanet looked like (you didn't call it the "Internet" until the late '80s) this is it.

Using the "finger" command and seeing familiar names from decades ago (some, sadly, ghosts now) sends a chill down your spine."

2 pints = 1 Cavort