Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror
Security

Adobe's Latest Zero-Day Exploit Repurposed, Targeting Adult Websites 201

Posted by samzenpus
from the watch-what-you-watch dept.
MojoKid writes Adobe issued a patch for bug CVE-2015-0311, one that exposes a user's browser to become vulnerable to code injection, and the now infamous Angler EK (Exploit Kit). To fall victim to this kind of attack, all someone needs to do is visit a website with compromised Flash files, at which point the attacker can inject code and utilize Angler EK, which has proven to be an extremely popular tool over the past year. This particular version of Angler EK is different, however. For starters, it makes use of obfuscated JavaScript and attempts to detect virtual machines and anti-virus products. Its target audience is also rather specific: porn watchers. According to FireEye, which has researched the CVE-2015-0311 vulnerability extensively, this exploit has reached people via banner ads on popular adult websites. It was also noted that even a top 1000 website was affected, so it's not as though victims are surfing to the murkiest depths of the web to come in contact with it.
United States

Secret Service Investigating Small Drone On White House Grounds 146

Posted by samzenpus
from the a-little-off-course dept.
An anonymous reader sends word that the Secret Service is investigating a "device," described as a small drone, found on the grounds of the White House. "A small drone was found on the White House grounds overnight, two law enforcement sources told ABC News, but White House Press Secretary Josh Earnest said the situation 'does not pose any sort of ongoing threat.' The Secret Service is investigating the device, Earnest said. Police, fire and other emergency vehicles swarmed around the White House in the pre-dawn hours, with several clustered near the southeast entrance to the mansion. The White House was dark and the entire perimeter was on lockdown until around 5 a.m., when pass holders who work in the complex were allowed inside."
It's funny.  Laugh.

Americans Support Mandatory Labeling of Food That Contains DNA 351

Posted by timothy
from the pure-sugar-all-the-time dept.
HughPickens.com writes Jennifer Abel writes at the LA Times that according to a recent survey (PDF), over 80% of Americans says they support "mandatory labels on foods containing DNA," roughly the same number that support the mandatory labeling of GMO foods "produced with genetic engineering." Ilya Somin, writing about the survey at the Washington Post, suggested that a mandatory label for foods containing DNA might sound like this: "WARNING: This product contains deoxyribonucleic acid (DNA). The Surgeon General has determined that DNA is linked to a variety of diseases in both animals and humans. In some configurations, it is a risk factor for cancer and heart disease. Pregnant women are at very high risk of passing on DNA to their children."

The report echoes a well-known joke/prank wherein people discuss the dangers of the chemical "dihydrogen monoxide" also known as hydrogen oxide and hydrogen hydroxide. Search online for information about dihydrogen monoxide, and you'll find a long list of scary-sounding and absolutely true warnings about it: the nuclear power industry uses enormous quantities of it every year. Dihydrogen monoxide is used in the production of many highly toxic pesticides, and chemical weapons banned by the Geneva Conventions. Dihydrogen monoxide is found in all tumors removed from cancer patients, and is guaranteed fatal to humans in large quantities and even small quantities can kill you, if it enters your respiratory system. In 2006, in Louisville, Kentucky, David Karem, executive director of the Waterfront Development Corporation, a public body that operates Waterfront Park, wished to deter bathers from using a large public fountain. "Counting on a lack of understanding about water's chemical makeup," he arranged for signs reading: "DANGER! – WATER CONTAINS HIGH LEVELS OF HYDROGEN – KEEP OUT" to be posted on the fountain at public expense.
Medicine

New Nicotine Vaccine May Succeed Where Others Have Failed 178

Posted by Soulskill
from the willpower-also-an-effective-vaccine dept.
Zothecula writes: If you're a smoker who's trying to quit, you may recall hearing about vaccines designed to cause the body's immune system to treat nicotine like a foreign invader, producing antibodies that trap and remove it before it's able to reach receptors in the brain. It's a fascinating idea, but according to scientists at California's Scripps Research Institute, a recent high-profile attempt had a major flaw. They claim to have overcome that problem (abstract), and are now developing a vaccine of their own that they believe should be more effective.
Bug

Steam For Linux Bug Wipes Out All of a User's Files 329

Posted by Soulskill
from the big-oops dept.
An anonymous reader sends a report of a bug in Steam's Linux client that will accidentally wipe all of a user's files if they move their Steam folder. According to the bug report: I launched steam. It did not launch, it offered to let me browse, and still could not find it when I pointed to the new location. Steam crashed. I restarted it. It re-installed itself and everything looked great. Until I looked and saw that steam had apparently deleted everything owned by my user recursively from the root directory. Including my 3tb external drive I back everything up to that was mounted under /media. Another user reported a similar problem — losing his home directory — and problems with the script were found: at some point, the Steam script sets $STEAMROOT as the directory containing all Steam's data, then runs rm -rf "$STEAMROOT/"* later on. If Steam has been moved, $STEAMROOT returns as empty, resulting in rm -rf "/"* which causes the unexpected deletion.
Wireless Networking

Pirate Activist Shows Politicians What Digital Surveillance Looks Like 81

Posted by timothy
from the count-your-spoons-around-the-public-servants dept.
An anonymous reader writes How to make politicians really understand the dangers of mass digital surveillance and the importance of information security? Gustav Nipe, the 26-year old president of the Swedish Pirate Party's youth wing, tried to do it by setting up an open Wi-Fi network at the Society and Defence National Conference held in Sälen, Sweden, and collecting and analyzing the metadata of conference attendees who connected to it. Nipe set up an open wireless Internet access point named "Open Guest" and over 100 delegates used this particular unsecured Wi-Fi network to go online. The collected metadata showed that, among other sites, they visited those of daily Swedish newspaper Aftonbladet, Swedish private ads website Blocket, eBay, and tourism sites. "This was during the day when I suppose they were being paid to be at the conference working," Nipe noted for The Local.

Comment: Re:About KDE compatibility (Score 3, Informative) 84

by Dr.Dubious DDQ (#48792091) Attached to: KDE Frameworks 5.3 and Plasma 2.1 – First Impressions
To be honest, I wouldn't necessarily notice which aplications are KF5-native yet if I hadn't been watching what gets installed and replaced when I upgraded. (Actually, that's a misleading way of writing that -all of the kf5-native applications on my system are the "system" ones that you don't normally explicitly run like krunner, kwallet, the system-settings, some widgets e.g. the "NetworkManager", and so on).

I do have the development branch of kdeconnect installed, which I THINK is the kf5 port - it seems to work fine.

They've split the core system and applications development, so I assume that as KF5-native apps are released, they'll just replace the kf4 versions. I'm assuming most distributions will consider them "testing" or "unstable" versions for a while so you'd have to explicitly ask for them (for the first few versions) instead of having them just pop up without warning.

With the core libraries that they depend on in apparently pretty solid shape as of KF5.6 in my experience, I suspect the kf5-native applications will stabilize pretty quickly once they come out.

Comment: Re:Jesus. I'll stick to Win7, thanks. (Score 5, Informative) 84

by Dr.Dubious DDQ (#48790831) Attached to: KDE Frameworks 5.3 and Plasma 2.1 – First Impressions
If it's not clear to you, KF5 is the "next generation" stuff, not the current release (which is still KDE4). Also note that KDE Frameworks 5.6 is actually the current one. The improvement since the older 5.3 release in the article has been substantial, in my experience. (Ubuntu always seems to be a few releases behind everything, unless you intentionally install from a more up-to-date 3rd-party PPA.)

KDE4's apps still work under it, too. I'm using it fine, though I'm missing the "IM Presence" widget for kde-telepathy.

I actually haven't been seeing crashes or other serious problems so far since about the last couple of releeases (KF5.4), just missing "KF5-native" features from KDE4.

The Internet

FCC Says It Will Vote On Net Neutrality In February 81

Posted by Soulskill
from the when-all-the-astroturfing-is-accounted-for dept.
schwit1 sends this report from the Washington Post: Federal regulators looking to place restrictions on Internet providers will introduce and vote on new proposed net neutrality rules in February, Federal Communications Commission officials said Friday. President Obama's top telecom regulator, Tom Wheeler, told fellow FCC commissioners before the Christmas holiday that he intends to circulate a draft proposal internally next month with an eye toward approving the measure weeks later, said one official who spoke on the condition of anonymity because the agency's deliberations are ongoing. The rules are meant to keep broadband providers such as Verizon and Comcast from speeding up or slowing down some Web sites compared to others.

Comment: Re:Diabetic warning - diet change (theory...) (Score 1) 214

by swv3752 (#48706823) Attached to: New Year's Resolution for 2015

Go Low carb.

I had high blood glucose/prediabetes. Started Atkins (or as it is now known Atkins20) three months ago. Within a couple of days my Blood Glucose levels were in a normal range. (Still a bit high for a ketosis diet but normal.) My triglycerides and LDL levels dropped down to normal ranges, after three months. My HDL levels still need to go up, but working on those. I also dropped 4 inches off my waistline and 40 pounds. I feel like I have more energy and feel better in general.

Exercise probably also plays a part as I try to get in a couple of 10k step walks a week or ride the stationary bike for half an hour. I also do resistance lifting. They are latex surgical tubes with handles, and work pretty well. Woot has a couple of kits on sale if anyone is interested.

To the systems programmer, users and applications serve only to provide a test load.

Working...