Forgot your password?
typodupeerror

+ - Bird flocks resemble liquid helium->

Submitted by sciencehabit
sciencehabit (1205606) writes "A flock of starlings flies as one, a spectacular display in which each bird flits about as if in a well-choreographed dance. Everyone seems to know exactly when and where to turn. Now, for the first time, researchers have measured how that knowledge moves through the flock—a behavior that mirrors certain quantum phenomena of liquid helium. Some of the more interesting findings: Tracking data showed that the message for a flock to turn started from a handful of birds and swept through the flock at a constant speed between 20 and 40 meters per second. That means that for a group of 400 birds, it takes just a little more than a half-second for the whole flock to turn."
Link to Original Source

+ - Popular Android apps full 'o bugs - researchers blame recycling of code->

Submitted by Brett W
Brett W (3715683) writes "The security researchers that first published the 'Heartbleed' vulnerabilities in OpenSSL have spent the last few months auditing the Top 50 downloaded Android apps for vulnerabilities and have found issues with at least half of them. Many send user data to ad networks without consent, potentially without the publisher or even the app developer being aware of it. Quite a few also send private data across the network in plain text. The full study is due out later this week."
Link to Original Source

+ - Linus Torvalds: "GCC 4.9.0 seems to be terminally broken"->

Submitted by hypnosec
hypnosec (2231454) writes "Linus Torvalds has called GCC 4.9.0 compiler ‘pure and utter sh*t’ and 'terminally broken' after a random panic was discovered in a load balance function in Linux 3.16-rc6. “Ok, so I'm looking at the code generation and your compiler is pure and utter *shit*”, in one of the mails on Linux kernel mailing list. “gcc-4.9.0 seems to be terminally broken”, he added further. The issue that invited such comments from Torvalds is to do with the compiler apparently spilled a constant and incorrect stack red-zoning on x86-64 code generation."
Link to Original Source

+ - What would you do with half a rack of server space?

Submitted by Christian Gainsbrugh
Christian Gainsbrugh (3766717) writes "I work at a company that is currently transitioning all our servers into the cloud. In the interim we have half a rack of server space in a great datacenter that will soon be sitting completely idle for the next few months until our lease runs out.

Right now the space is occupied by around 8 HP g series servers, a watchguard xtm firewall, cisco switch and some various other equipment. All in all there are probably around 20 or so physical XEON processors, and probably close to 10 tb of storage among all the machines. We have a dedicated 10 mbs connection that is burstable to 100mbs.

I'm curious what slashdot readers would do if they were in a similar situation. Is there anything productive that could be done with these resources? Obviously something revenue generating is great, but even if there is something novel that could be done with these servers we would be interested in putting them to good use.

Christian Gainsbrugh
Lead Developer
LearningCart
www.LearningCart.com"

+ - Ask Slashdot: Where do you get news about new open source projects ?->

Submitted by Anonymous Coward
An anonymous reader writes "Now that freshmeat.net / freecode.com doesn't accept any updates, I wonder how the Slashdot crowd gets news about new projects, and even new versions of existing projects. For projects managers, where could you announce new versions of your project, so that it can reach not only those who already know the project.

Freshmeat / Freecode had all the tools to explore and discover projects, see screenshots (a mandatory feature for any software project, even with only a console interface or no interface at all) and go to the homepage of the project. I subscribed years ago to the RSS feed and sometimes found interesting projects this way.

You could replace these tools by subscribing to newsletters or feeds from the projects you follow, but that doesn't cover the discovery part."

Link to Original Source

+ - Pi Power - the power supply the Raspberry Pi *should* have come with->

Submitted by nsayer
nsayer (86181) writes "The Raspberry Pi is awesome. There's only one thing I dislike about it — how you're meant to power it. Crappy USB power supplies are ubiquitous, and the power more or less goes straight onto the +5 rail. Not only that, but the micro USB connector is SMT, and USB cables are much thicker and heavier than their 2.1mm barrel connector cable counterparts. No, it's just not the best tool for the job.

So I made Pi Power. It's a small board that sits on the GPIO pins (it comes with a stacking header so you can piggyback onto it) and has a 2.1mm barrel connector that will accept any DC voltage from 6-15 volts and output up to 2A of well regulated 5V power.

I sell them on Tindie for $15 ( https://www.tindie.com/product... ) and am running an IndieGoGo campaign to fund building 1000 of them at http://igg.me/at/PiPower ."

Link to Original Source

+ - Wikipedia to US Congress: Stop Trolling->

Submitted by alphatel
alphatel (1450715) writes "Wikipedia has blocked anonymous edits from a congressional IP address for 10 days because of "disruptive" edits. These otherwise anonymous edits were brought to light recently by @Congressedits.

The biography of former US defense secretary Donald Rumsfeld was edited to say that he was an "alien lizard". Mediaite's Wikipedia page was modified to label the site as a "sexist transphobic" publication."

Link to Original Source

+ - GNU Guix 0.7 released->

Submitted by davexunit
davexunit (3765571) writes "GNU Guix, the purely functional package manager and distribution of the GNU operating system, has made a new alpha release. This release features an installation disk image of the GNU system for i686 and x86_64 platforms, 130 new packages, and an improved developer's API.

A description of Guix is provided in the full release notes:

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. It also offers a declarative approach to operating system configuration management. Guix uses low-level mechanisms from the Nix package manager, with Guile Scheme programming interfaces.

"

Link to Original Source

+ - Is encryption for the public now a myth?

Submitted by TechForensics
TechForensics (944258) writes "We all know the TrueCrypt story-- a fine, effective encryption program beginning to achieve wide use. When you see how the national security agency modified this tool so they could easily overcome it, you'll probably understand why they don't complain about PGP anymore. The slip that showed what was happening was the information that NSA "were really ticked about TrueCrypt" either because they couldn't circumvent it or found it too difficult. From the standpoint of privacy advocates, NSA's dislike for TrueCrypt was evidence it was effective.

Next, NSA directly wrapped up the makers of TrueCrypt in legal webs that made them insert an NSA backdoor and forbade them from revealing it was there. It's only because of the cleverness of the TrueCrypt makers the world was able to determine for itself that TrueCrypt was now compromised. (Among other things, though formerly staunch privacy advocates, the makers discontinued development of TrueCrypt and recommended something like Microsoft Bitlocker, which no one with any sense believes could be NSA – hostile. It then became logically defensible, since NSA was not complaining about PGP or other encryption programs, to posit they had already been vitiated.

This is the situation we have: all of the main are important encryption programs are compromised at least in use against the federal government. Whether NSA tools are made available to local law enforcement is not known. This all begs the question:

Does the public now have *any* encryption that works? Even if we can see the source code of the encryption algorithm the source code of the program employing that algorithm must be considered false. (TrueCrypt was the only program NSA complained about.) In the case of other software, it becomes believable the NSA has allowed to be published only source code that hides their changes, and the only way around that may be to check and compile the published code yourself. Half the public probably doesn't bother.

Okay, Slashdot, what do you think? Where do we stand? And what ought we to do about it?"

+ - Ask Slashdot: Linux Login and Resource Management/Restriction in a Computer Lab

Submitted by rongten
rongten (756490) writes "I am managing a computer lab composed of various kind of Linux workstations, from small desktops to powerful workstations with plenty of ram and cores. The users' $HOME is NFS mounted, and they either access via console (no user switch allowed), ssh or x2go. In the past the powerful workstations were reseved to certain power users, but now even "regular" students may need to have access to high memory machines for some tasks.
I ask slashdort, is there a sort of resource management that would permit: to forbid a same user to log graphically more than once (like UserLock), to limit the amount of ssh sessions (i.e. no user using distcc and spamming the rest of the machines or even worse running in parallel), to give priority to the console user (i.e. automatically renicing remote users jobs and restricting their memory usage), to avoid swapping and waiting (i.e. all the users trying to log into the latest and greatest machine, so have a limited amount of logins proportional to the capacity of the machine).
The system being put in place uses Fedora 20, ldap PAM authentication, it is puppet managed, and NFS based. In the past I tried to achieve similar functionality via cron jobs, login scripts, ssh and nx management, queuing system.
But it is not an elegant solution and it is hacked a lot.
Since I think these requirements should be pretty standard for a computer lab, I am surprised to see that I cannot find something already written for it.
Does any of you know of a similar system, preferably opensource? A commercial solution could be acceptable as well."

+ - Print Isn't Dead: How Linux Voice Crowdfunded A New Magazine

Submitted by M-Saunders
M-Saunders (706738) writes "The death of print has been predicted for years, and many magazines and publishers have taken a big hit with the rise of eBooks and tablets. But not everyone has given up. Four geeks quit their job at an old Linux magazine to start Linux Voice, an independent GNU/Linux print and digital mag with a different publishing model: giving profits and content back to the community. Six months after a successful crowdfunding campaign, the magazine is going well, so here is the full story."

+ - No RIF'd Employees Need Apply for Microsoft External Staff Jobs for 6 Months 1

Submitted by theodp
theodp (442580) writes "So, what does Microsoft do for an encore after laying off 18,000 employees with a hilariously bad memo? Issue another bad memo — Changes to Microsoft Network and Building Access for External Staff — "to introduce a new policy [retroactive to July 1] that will better protect our Microsoft IP and confidential information." How so? "The policy change affects [only] US-based external staff (including Agency Temporaries, Vendors and Business Guests)," Microsoft adds, "and limits their access to Microsoft buildings and the Microsoft corporate network to a period of 18 months, with a required six-month break before access may be granted again." Suppose Microsoft feels that's where the NSA went wrong with Edward Snowden? And if any soon-to-be-terminated Microsoft employees hope to latch on to a job with a Microsoft external vendor to keep their income flowing, they best think again. "Any Microsoft employee who separated from Microsoft on or after July 1, 2014," the kick-em-while-they're-down memo explains, "will be required to take a minimum 6-month break from access between the day the employee separates from Microsoft and the date when the former employee may begin an assignment as an External Staff performing services for Microsoft.""

+ - Sorry, Fanboys, There Will Be No Rise of the Machines (blog)->

Submitted by Anonymous Coward
An anonymous reader writes "From the blog: "You’ve seen it in billion dollar movie franchises. You’ve read it in countless science fiction novels. You’ve heard it straight from the mouths of luminaries in the world of technology. It’s the premise that one day, machines will become so intelligent that they will rise up against their human creators, and either destroy them outright or simply out-compete them to extinction. The premise sounds plausible. It plays into our innate paranoia towards everything we don’t understand. But it’s actually as ridiculously and preposterously absurd as the premise that the earth is flat — maybe more so!""
Link to Original Source

"The only way for a reporter to look at a politician is down." -- H.L. Mencken

Working...