An anonymous reader writes "Updates to the open-source libbluray, libaacs, and libbdplus libraries have improved the open-source Blu-ray disc support to now enable the Blu-ray Java interactivity layer (BD-J). The Blu-ray Java code is in turn executed by OpenJDK or the Oracle JDK and is working well enough to play a Blu-ray disc on the Raspberry Pi when paired with the VLC media player."Link to Original Source
writes "A presentation on a low-budget method to unmask users of a popular online privacy tool, TOR, will no longer go ahead at the Black Hat security conference early next month. The talk was nixed by the legal counsel with Carnegie Mellon’s Software Engineering Institute after a finding that materials from researcher Alexander Volynkin were not approved for public release, according to a notice on the conference’s website. https://www.blackhat.com/lates... Volynkin, a research scientist with the university’s Computer Emergency Response Team (CERT) was due to give a talk entitled “You Don’t Have to be the NSA to Break Tor: Deanonymizing Users on a Budget” at the conference, which take places Aug. 6-7 in Last Vegas."Link to Original Source
writes "MIT's Jeanne Guillemin looks at the recent blunders with smallpox and H5N1 at the Centers for Disease Control and the National Institutes of Health to chronicle the fascinating history of smallpox eradication efforts and the attempts (thwarted by Western scientists) to destroy lab collections of the virus in order to make it truly extinct. 'In 1986, with no new smallpox cases reported, the World Health Assembly, the decision-making body of the WHO, resolved to destroy the strain collections and make the virus extinct. But there was resistance to this; American scientists in particular wanted to continue their research.' Within a few years, secret biological warfare programs were discovered in Moscow and in Iraq, and a new flurry of defensive research was funded. Nevertheless, Guillemin and others believe that changes in research methods, which no longer require the use of live viruses, mean that stocks of the live smallpox virus can and should finally be destroyed."Link to Original Source
writes "Scientists have identified and examined olfactory receptor genes from 13 mammalian species. The researchers found that every species has a highly unique variety of such genes: Of the 10,000 functioning olfactory receptor genes the team studied, only three are shared among the 13 species. Perhaps not surprisingly, given the length of its trunk, the African elephant has the largest number of such genes—nearly 2000, the scientists report online today in the Genome Research. In contrast, dogs have only 1000, and humans and chimpanzees, less than 400—possibly because higher primates rely more on their vision and less on their sense of smell."Link to Original Source
writes "Developers of the Tor privacy service say they're close to fixing a weakness that researchers for an abruptly canceled conference presentation said provides a low-cost way for adversaries to deanonymize hundreds of thousands of users. The talk previously scheduled for next month's Black Hat security conference in Las Vegas was titled "You Don't Have to be the NSA to Break Tor: Deanonymizing Users on a Budget." The abstract said that the hack cost less than $3,000 and could uncloak hundreds of thousands of users. On Monday, Black Hat organizers said the presentation was canceled at the request of attorneys from Carnegie Mellon University (CMU), where the researchers were employed, as well as the Software Engineering Institute (SEI). The attorneys said only that the materials to be presented "have not yet been approved by CMU/SEI for public release." Researchers Alexander Volynkin and Michael McCord have yet to explain why their talk was pulled."
writes "Microsoft Research is testing a new method for catching errors and bugs in while developers code: biometrics
http://sdtimes.com/sd-times-bl.... By measuring a developer's eye movements, physical and mental characteristics as they code, the researchers measured alertness and stress levels to predict when a programmer will make a coding error. In a paper entitled "Using Psycho-Physiological Measures to Assess Task Difficulty in Software Development" http://research.microsoft.com/..., the researchers summarized their study of 15 developers where they strapped an eye tracker, an electrodermal sensor and an EEG sensor to developers as they programmed various tasks. The study found that biometrics predicted task difficulty for a new developer 64.99% of the time. For a new development task, the researchers found biometrics to be 84.38% accurate. The researchers did not, however, comment on the invasiveness of biometric sensors to developers."
writes "Broadband customers are overwhelmingly choosing not to use parental-control systems foisted on ISPs by the government — with takeup in the single-digits for three of the four major broadband providers. Last year, the government pushed ISPs to roll out network-level filters, forcing new customers to make an "active" decision about whether they want to use them or not. Only 5% of new BT customers signed up, 8% opted in for Sky and 4% for Virgin Media. TalkTalk rolled out a parental-control system two years before the government required it and has a much better takeup, with 36% of customers signing up for it. The report, from regulator Ofcom, didn't bother to judge if the filters actually work, however."Link to Original Source
writes "I am managing a computer lab composed of various kind of Linux workstations, from small desktops to powerful workstations with plenty of ram and cores. The users' $HOME is NFS mounted, and they either access via console (no user switch allowed), ssh or x2go. In the past the powerful workstations were reseved to certain power users, but now even "regular" students may need to have access to high memory machines for some tasks.
I ask slashdort, is there a sort of resource management that would permit: to forbid a same user to log graphically more than once (like UserLock), to limit the amount of ssh sessions (i.e. no user using distcc and spamming the rest of the machines or even worse running in parallel), to give priority to the console user (i.e. automatically renicing remote users jobs and restricting their memory usage), to avoid swapping and waiting (i.e. all the users trying to log into the latest and greatest machine, so have a limited amount of logins proportional to the capacity of the machine).
The system being put in place uses Fedora 20, ldap PAM authentication, it is puppet managed, and NFS based. In the past I tried to achieve similar functionality via cron jobs, login scripts, ssh and nx management, queuing system.
But it is not an elegant solution and it is hacked a lot.
Since I think these requirements should be pretty standard for a computer lab, I am surprised to see that I cannot find something already written for it.
Does any of you know of a similar system, preferably opensource? A commercial solution could be acceptable as well."
writes "Four years ago notorious troll Andrew "weev" Auernheimer was imprisoned for exposing AT&T's weak security practices. Now he's been released from jail—early, thanks to a technicality—and is back in the game, as offensive as ever, and talking about his time behind bars."Link to Original Source
writes "In 2012, Apple introduced iOS 6 on June 11, and released the mobile operating system on Wednesday, Sept. 19 — exactly 100 days after its unveiling. The iPhone 5 launched two days later on Friday, Sept. 21. Last year, Apple unveiled iOS 7 on June 10, and released it on Sept. 18 — again, a Wednesday, and again, exactly 100 days after the unveiling. The iPhone 5S and 5C launched two days later on Friday, Sept. 20. This year, Apple unveiled iOS 8 on June 2. If the company wants to go 3-for-3 on its 100-day window between the public unveiling and launch dates, we may see iOS 8 launch on Wednesday, Sept. 10, which is, you guessed it, 100 days after it was unveiled at WWDC. And if Apple releases the new iPhone two days after iOS 8, as it’s done in the past, we may see the iPhone 6 release that Friday, Sept. 12."Link to Original Source
writes "A proposed talk by two Carnegie Mellon University researchers demonstrating how to de-anonymise Tor users on a budget of US$3,000 has been axed from the Black Hat USA 2014 conference in Las Vegas next month.
The talk, 'You don’t have to be the NSA to Break Tor: Deanonymizing Users on a Budget' by speakers, Alexander Volynkin and Michael McCord, from Carnegie Mellon University's Computer Emergency Response Team, had reportedly been highly anticipated by punters.
However, the talk was scrapped from the program because it had not been approved by the legal counsel with the university's Software Engineering Institute, according to a statement on the Black Hat website this week.
"Late last week, we were informed by the legal counsel for the Software Engineering Institute (SEI) and Carnegie Mellon University that: 'Unfortunately, Mr. Volynkin will not be able to speak at the conference since the materials that he would be speaking about have not yet been approved by CMU/SEI for public release'," the statement said."Link to Original Source
I Ate A Candle (3762149)
writes "Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues “in due time”, said Aaron Portnoy, co-founder and vice president of Exodus, but it isn’t giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds."