Forgot your password?
typodupeerror
Moon

The Hackers Who Recovered NASA's Lost Lunar Photos 87

Posted by Soulskill
from the best-thing-to-come-out-of-a-mcdonald's dept.
An anonymous reader sends this story from Wired: "The Lunar Orbiter Image Recovery Project has since 2007 brought some 2,000 pictures back from 1,500 analog data tapes. They contain the first high-resolution photographs ever taken from behind the lunar horizon, including the first photo of an earthrise. Thanks to the technical savvy and DIY engineering of the team at LOIRP, it's being seen at a higher resolution than was ever previously possible. ... The photos were stored with remarkably high fidelity on the tapes, but at the time had to be copied from projection screens onto paper, sometimes at sizes so large that warehouses and even old churches were rented out to hang them up. The results were pretty grainy, but clear enough to identify landing sites and potential hazards. After the low-fi printing, the tapes were shoved into boxes and forgotten. ... The drives had to be rebuilt and in some cases completely re-engineered using instruction manuals or the advice of people who used to service them. The data they recovered then had to be demodulated and digitized, which added more layers of technical difficulties."
The Internet

ARIN Is Down To the Last /8 of IPv4 Addresses 262

Posted by Unknown Lamer
from the end-times dept.
An anonymous reader writes "On 3 February 2011, the Internet Assigned Numbers Authority (IANA) issued the remaining five /8 address blocks, each containing 16.7 million addresses, in the global free pool equally to the five RIRs, and as such ARIN is no longer able to receive additional IPv4 resources from the IANA. After yesterday's large allocation (104.64.0.0/10) to Akamai, the address pool remaining to be assigned by ARIN is now down to the last /8. This triggers stricter allocation rules and marks the end of general availability of new IPv4 addresses in North America. ARIN thus follows the RIRs of Asia, Europe and South America into the final phase of IPv4 depletion."
The Courts

Supreme Court OKs Stop and Search Based On Anonymous 911 Tips 427

Posted by Unknown Lamer
from the someone-said-you-were-a-sinner dept.
An anonymous reader writes "On Tuesday, the U.S. Supreme Court ruled that police officers are legally allowed to stop and search vehicles based solely on anonymous 911 tips. Justice Clarence Thomas, writing for the majority opinion, reasoned that 'a 911 call has some features that allow for identifying and tracking callers' as well as for recording their calls, both of which he believed gave anonymous callers enough reliability for police officers to act on their tips with reasonable suspicion against the people being reported.

The specific case before them involved an anonymous woman who called 911 to report a driver who forced her off the road. She gave the driver's license plate number and the make and model of his car as well as the location of the incident in question. Police officers later found him, pulled him over, smelled marijuana, and searched his car. They found 30 pounds of weed and subsequently arrested the driver. The driver later challenged the constitutionality of the arrest, claiming that a tip from an anonymous source was unreliable and therefore failed to meet the criteria of reasonable suspicion, which would have justified the stop and search. Five of the nine justices disagreed with him."
The ruling itself (PDF).

Comment: Re:That's a strange definition of "rich" (Score 1) 306

by jc42 (#46816595) Attached to: In the US, Rich Now Work Longer Hours Than the Poor

If all you need to be rich is a college degree, then hot damn I'm already rich!

Heh. My first reaction was "If you have to work at all, you're not rich."

The "rich" they're talking about are what most of us call upper-middle class.

I've read several explanations of why most of the US's truly rich pay no income tax. The reason can be summarized by merely observing that little or none of the money they have or receive legally qualifies as "income".

Earth

Oklahoma Moves To Discourage Solar and Wind Power 452

Posted by samzenpus
from the who-needs-the-sun? dept.
Hugh Pickens DOT Com (2995471) writes "Paul Monies reports at NewsOK that Oklahoma's legislature has passed a bill that allows regulated utilities to apply to the Oklahoma Corporation Commission to charge a higher base rate to customers who generate solar and wind energy and send their excess power back into the grid reversing a 1977 law that forbade utilities to charge extra to solar users. 'Renewable energy fed back into the grid is ultimately doing utility companies a service,' says John Aziz. 'Solar generates in the daytime, when demand for electricity is highest, thereby alleviating pressure during peak demand.'

The state's major electric utilities backed the bill but couldn't provide figures on how much customers already using distributed generation are getting subsidized by other customers. Oklahoma Gas and Electric Co. and Public Service Co. of Oklahoma have about 1.3 million electric customers in the state. They have about 500 customers using distributed generation. Kathleen O'Shea, OG&E spokeswoman, said few distributed generation customers want to sever their ties to the grid. 'If there's something wrong with their panel or it's really cloudy, they need our electricity, and it's going to be there for them,' O'Shea said. 'We just want to make sure they're paying their fair amount of that maintenance cost.' The prospect of widespread adoption of rooftop solar worries many utilities. A report last year by the industry's research group, the Edison Electric Institute, warns of the risks posed by rooftop solar (PDF). 'When customers have the opportunity to reduce their use of a product or find another provider of such service, utility earnings growth is threatened," the report said. "As this threat to growth becomes more evident, investors will become less attracted to investments in the utility sector.''"
Education

L.A. Science Teacher Suspended Over Student Science Fair Projects 250

Posted by timothy
from the science-is-sometimes-dangerous dept.
An anonymous reader writes "A high school science teacher at Grand Arts High School in Los Angeles was suspended from the classroom in February, after two of his science fair students turned in projects deemed dangerous by the administrators. "One project was a marshmallow shooter — which uses air pressure to launch projectiles. The other was an AA battery-powered coil gun — which uses electromagnetism to launch small objects. Similar projects have been honored in past LA County Science Fairs and even demonstrated at the White House."
Advertising

Google Aids Scientology-Linked Group CCHR With Pay-Per-Click Ads 185

Posted by timothy
from the don't-keep-that-all-bottled-up-inside-you-now dept.
An anonymous reader writes "The Citizens Commission on Human Rights (CCHR), a Scientology front group, has received a 'grant from Google in the amount of $10,000 per month worth of Pay Per Click Advertising to be used in our Orange County anti-psych campaigns.' CCHR believes that ALL psychiatrists are evil. They believe that psychiatrists were behind the holocaust, and these shadow men were never brought to justice. CCHR also believes that psychiatrists were behind the 911 attacks. Scientologists believe that psychiatrists have always been evil, and their treachery goes back 75 million years when the psychiatrists assisted XENU in killing countless alien life forms. Thanks Google! We may be able to stop these evil Psychs once and for all!"
Education

Ask Slashdot: Hungry Students, How Common? 389

Posted by timothy
from the rice-beans-eggs-and-kale dept.
Gud (78635) points to this story in the Washington Post about students having trouble with paying for both food and school. "I recall a number of these experiences from my time as grad student. I remember choosing between eating, living in bad neighborhoods, putting gas in the car, etc. Me and my fellow students still refer to ourselves as the 'starving grad students.' Today we laugh about these experiences because we all got good jobs that lifted us out of poverty, but not everyone is that fortunate. I wonder how many students are having hard time concentrating on their studies due to worrying where the next meal comes from. In the article I found the attitude of collage admins to the idea of meal plan point sharing, telling as how little they care about anything else but soak students & parents for fees and pester them later on with requests for donations. Last year I did the college tour for my first child, after reading the article, some of the comments I heard on that tour started making more sense. Like 'During exams you go to the dining hall in the morning, eat and study all day for one swipe' or 'One student is doing study on what happens when you live only on Ramen noodles!'

How common is 'food insecurity in college or high school'? What tricks can you share with current students?"

Comment: Re:So - who's in love with the government again? (Score 2, Informative) 397

by rossz (#46796193) Attached to: Beer Price Crisis On the Horizon

They didn't have the science to know it was asbestos causing health problems 4400 years ago. We have the science now. We figured out that it was a bad thing. Using modern science, we would know if feeding beer waste to cattle is bad. Perhaps in a thousand years to they might have new science that shows eat steaks from beer waste fed cattle increases the likelihood of cancer by .00001%.

Comment: Re:So I was all "Social contract, move to Somalia" (Score 4, Insightful) 397

by rossz (#46795955) Attached to: Beer Price Crisis On the Horizon

And how many people will consider beer waste handling as an important enough issue to vote out someone? None. They're going to be more interested in big ticket items like gay rights or abortion. This is how the government stealthes in an array of regulations that eventually consume our every moment.

Security

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions 59

Posted by timothy
from the bleeding-from-the-ears dept.
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software.

"Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated."

After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Comment: Re:However.... (Score 1) 235

by jc42 (#46788805) Attached to: Bug Bounties Don't Help If Bugs Never Run Out

To prevent double-use like this, a company should say that you don't get paid until they've fixed the bug and issued a patch for it in their software, all without the exploit ever being spotted in the wild.

One problem with this is that there's already a documented history of companies rejecting bug reports and not paying the bounty, and then some time later include a fix for it in their periodic updates. It's basically the same process that causes a company's "app store" to reject a submitted tool to do a particular job, and then a few months later releasing their own app that does the same thing.

I know a good number of people who've been bitten by the latter, from both MS and Apple. In the case of a bug, it's a lot harder to document that this has happened, but various software guys I know express a strong suspicion that it has been done to them.

It's widely believed that corporations don't have ethics at all, only costs and income, which would easily explain this sort of fraudulent "offers" of rewards with no intent to pay. We've heard here often from lots of people who think that this is right and proper, and that corporations should only be motivated by the bottom line.

When combined with the growing penchant for treating someone who reports a security bug as a criminal "security hacker" and prosecuting people who report bugs in software products, this should reasonably make a sensible developer reluctant to take rewards programs seriously. Given an offer which could get you thanks and some money, or could land you in jail for your efforts, and no way to know beforehand which the company will do, why would you even consider letting them know your name?

(Actually, my name has appeared in numerous companies' lists of honored contributors thanks to my bug reports and patches. But I haven't sent in security-related bug reports to many companies, only to the ones I have reasons to believe I can trust.)

To understand a program you must become both the machine and the program.

Working...