Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Submission + - Federal Judge Calls BS on Homeland Security's 2008 STEM 'Emergency'

theodp writes: In 2008, the U.S. Dept. of Homeland Security enacted 'emergency' changes to Optional Practical Training (OPT) to extend the amount of time foreign STEM graduates of US colleges could stay in the country and work ("to alleviate the crisis employers are facing due to the current H-1B visa shortage", as Bill Gates explained it in 2007). More than seven years later, U.S. District Court Judge Ellen Huvelle has found that the government erred by not seeking public comment when it extended the program, and issued a ruling that could force tens of thousands of foreign workers on OPT STEM extensions to return to their home countries early next year. Huvelle has given the government six months to submit the OPT extension rule for proper notice and comment lest it be revoked. From the ruling (pdf): "By failing to engage in notice-and-comment rulemaking, the record is largely one-sided, with input only from technology companies that stand to benefit from additional F-1 student employees, who are exempted from various wage taxes. Indeed, the 17-month duration of the STEM extension appears to have been adopted directly from the unanimous suggestions by Microsoft and similar industry groups." Microsoft declared a new crisis in 2012, this time designed to link tech's need for H-1B visas to U.S. children's lack of CS savvy.

Submission + - Windows 10 could disable pirated games and unauthorized hardware (

Mark Wilson writes: Cries of "FUD!" ring out whenever potential issues and concerns with Windows 10 are pointed out, but there's no denying that the launch of this version of Windows has been more blighted than any other. The latest controversy finds Microsoft updating its EULA so that it is able to block pirated games and unauthorized peripherals.

While on one hand this seems entirely reasonable — few people would argue too strongly that they should be permitted to play pirated games — on the other it is confusing and worrisome. It is yet another example of Microsoft causing trouble for itself by failing to properly communicate with its customers, being insufficiently transparent and clear in meaning. Just what is an 'unauthorized peripheral'? It is the lack of clarity that is likely to give the greatest cause for concern here.

Submission + - Windows 10's New Feature Steals Your Internet Bandwidth ( 5

An anonymous reader writes: t's a devious little feature called Windows Update Delivery Optimization. It's enabled by default. For Enterprise and Education users, it operates over the local LAN. For ordinary Home type users, Microsoft can send their data update goodies to potentially any PC on the global Internet — from your PC, over your Internet connection. On your dime.

We could get into the pros and cons of local updates being staged between local machines on a LAN as opposed to the outside Internet.

But as soon as MS decided that it's A-OK for them to use my Internet connection to cut down on their bandwidth costs serving their other customers — without asking me for my specific permission first — the situation blows into the red zone immediately.

Submission + - The real price of Windows 10 is your privacy (

Mark Wilson writes: Windows 10 is a free upgrade, right? Well, surely you know by now that there's no such thing as a free lunch. We're only 48 hours on from the launch of Windows 10 and already the complaining and criticism is underway. One thing that has been brought under the spotlight is privacy under the latest version of Microsoft's operating system.

Some people have been surprised to learn that Microsoft is utilizing the internet connections of Windows 10 users to deliver Windows Updates to others. But this is far from being the end of it. Cortana also gives cause for concern, and then there is the issue of Microsoft Edge, and ads in apps. Is this a price you're willing to pay?

Windows 10 is more closely tied to a Microsoft account than any previous version of the OS. This allows Microsoft to assign an ID number to users that can then be used to track them across different devices, services, and apps. This in turn can be used to deliver closely targeted ads to people. Microsoft has been pushing the mobile first, cloud first philosophy for some time now, and it becomes clear with Windows 10 that the love of the cloud is as much to do with the ability it gives Microsoft to gather useful data as it is about convenience for users.

Submission + - Does Windows slow down Windows?

blackest_k writes: I recently reinstalled windows7 home on a laptop a factory restore minus the shovel ware did all the windows updates and it was reasonably snappy. 4 weeks later its running like a slug and now 34 more updates to install. The system is clear of malware there are very few additional programs other than chrome browser.

It appears that windows slows down windows! Has anyone benchmarked windows7 as installed and then again as updated? Even better has anybody identified any windows update that put the slug into sluggish?

Submission + - Cyanogen Inc partners with Playphone -- a Google Play Store competitor (

BrianFagioli writes: Today, an app store called Playphone — focusing on distributing games — announces a partnership with Cyanogen. Yes, the CyanogenMod maker will be distributing Playphone with its Cyanogen OS in select markets. This alternative app store is home to popular developers such as SNK Playmore and Square Enix. Will this anger Google?

Submission + - Twitter moves non-US accounts to Ireland away from the NSA ( 1

Mark Wilson writes: Twitter has updated its privacy policy, creating a two-lane service that treats US and non-US users differently. If you live in the US, your account is controlled by San Francisco-based Twitter Inc, but if you're elsewhere in the world (anywhere else) it's handled by Twitter International Company in Dublin, Ireland. The changes also affect Periscope.

What's the significance of this? Twitter Inc is governed by US law, it is obliged to comply with NSA-driven court requests for data. Data stored in Ireland is not subject to the same obligation. Twitter is not alone in using Dublin as a base for non-US operations; Facebook is another company that has adopted the same tactic. The move could also have implications for how advertising is handled in the future.

Submission + - The Hidden FM Radio Inside Your Pocket (

mr crypto writes: Data providers would probably prefer you not know that most smart phones contain an FM chip that lets you listen to broadcasts for free: "But the FM chip is not activated on two-thirds of devices. That's because mobile makers have the FM capability switched off." The National Association of Broadcasters, National Public Radio, and American Public Media — have launched a lobbying campaign to get those radios switched on.

Submission + - LightEater malware attack places millions of unpatched BIOSes at risk (

Mark Wilson writes: Two minutes is all it takes to completely destroy a computer. In a presentation entitled "How many million BIOSes would you like to infect?" at security conference CanSecWest, security researchers Corey Kallenberg and Xeno Kovah revealed that even an unskilled person could use an implant called LightEater to infect a vulnerable system in mere moments.

The attack could be used to render a computer unusable, but it could also be used to steal passwords and intercept encrypted data. The problem affects motherboards from companies including Gigabyte, Acer, MSI, HP and Asus. It is exacerbated by manufactures reusing code across multiple UEFI BIOSes and places home users, businesses and governments at risk.


seoras writes: After coming under intense pressure PayPal has closed the account of cloud-storage service Mega. According to the company, SOPA proponent Senator Patrick Leahy personally pressured Visa and Mastercard who in turn called on PayPal to terminate the account. Bizarrely, Mega's encryption is being cited as a key problem.... ... What makes the situation more unusual is that PayPal reportedly apologized to Mega for its withdrawal while acknowledging that company’s business is indeed legitimate.
However, PayPal also advised that Mega’s unique selling point – it’s end-to-end-encryption – was a key concern for the processor."

Submission + - NSA Spying Wins Another Rubber Stamp (

schwit1 writes: The FISA court has again renewed an order allowing the NSA to continue its illegal bulk collection of Americans' phone records, at least until June 1 when it is set to expire in Congress. President Obama pledged to end the controversial program more than a year ago.

The extension is the fifth of its kind since Obama said he would effectively end the Snowden-exposed program as it currently exists during a major policy speech in January 2014. Obama and senior administration officials have repeatedly insisted that they will not act alone to end the program without Congress.

After all the other things he's done against or without congressional approval and he balks at this one?

Submission + - Taping K-Cup Lid to Keurig hacks its DRM permanently (

An anonymous reader writes: "If you haven’t actually used a Keurig coffee machine, then you’ve probably at least seen one. They are supposed to make brewing coffee simple. You just take one of the Keurig “k-cups” and place it into the machine. The machine will punch a hole in the foil top and run the water through the k-cup. Your flavored beverage of choice comes out the other side. It’s a simple idea, run by a more complex machine. A machine that is complicated enough to have a security vulnerability.

Unfortunately newer versions of these machines have a sort of DRM, or lockout chip. In order to prevent unofficial k-cups from being manufactured and sold, the Keurig machines have a way to detect which cups are legitimate and which are counterfeit. It appears as though the machine identifies the lid specifically as being genuine.

It turns out this “lockout” technology is very simple to defeat. All one needs to do is cut the lid off of a legitimate Keurig k-cup and place it on top of your counterfeit cup. The system will read the real lid and allow you to brew to your heart’s content. A more convenient solution involves cutting off just the small portion of the lid that contains the Keurig logo. This then gets taped directly to the Keurig machine itself. This way you can still easily replace the cups without having to fuss with the extra lid every time."

It’s a simple hack, but it’s interesting to see that even coffee machines are being sold with limiting technology these days. This is the kind of stuff we warned people about five or ten years ago. Yet here we are, with a coffee machine made more useable through its security vulnerability.

Submission + - *.RU based Photo Sharing is also hosting Pedophiles?

TchrBabe writes: Even "safe" pictures of your children online aren't safe anymore. Who would have thought this?!? (insert sarcasm tag here).

According to this article in the Sunday Express, pedophiles are gleaning family and "normal" photos of children from social media postings and sharing them with sexual commentary and discussion.

Once again, social media is only as safe as the level of common sense and privacy that the individuals use (which often isn't much).

Submission + - "TrueCrypt must not die" - TrueCrypt continuation effort underway

Runefox writes: In the wake of the confusing and abrupt apparent demise of TrueCrypt, many have been left without a continuing, open source means of cross-platform encryption., a Switzerland-hosted webpage, sprung up recently in a bid to reorganize and continue development of recently-discontinued TrueCrypt. While no development efforts have yet begun, according to their current development status:

Currently the news is still in flux, and we will support any efforts in reviving TrueCrypt. If other Initiatives arise we will try to support them. At the moment we want to make sure everyone who wants can continue to use TrueCrypt.

They have already gathered the TrueCrypt source code into GitHub and made available for download the latest working versions of TrueCrypt, with the disclaimer that they are currently unmaintained. According to the website, the choice to use Swiss web hosting was made because "If there have been legal problems with the US, the independent hosting in Switzerland will guarantee no interruption due to legal threats."

Submission + - How Silk Road Bounced Back from Its Multimillion-Dollar Hack (

Daniel_Stuckey writes: “I am sweating as I write this I must utter words all too familiar to this scarred community: We have been hacked.” That is what Defcon, the current administrator of the infamous black market site Silk Road (the 2.0 version), wrote back in February on the site’s forums. In total, an estimated $2.7 million worth of bitcoin belonging to users and staff of the site was stolen. Some in the Silk Road community suspected that the hack might have involved staff members of the site itself, echoing scams on other sites. Project Black Flag closed down after its owner scampered with all of their customers' bitcoin, and after that users of Sheep Marketplace had their funds stolen, in an incident that has never been conclusively proven as an inside job or otherwise. Many site owners would probably have given up at this point, and perhaps attempted to join another site, or start up a new one under a different alias. Why would you bother to pay back millions of dollars when you could just disappear into the digital ether? But Silk Road appears to be trying to rebuild, and to repay users' lost bitcoins.

The brain is a wonderful organ; it starts working the moment you get up in the morning, and does not stop until you get to work.