Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - Google Discloses Windows Bug After Microsoft Delays Patch Tuesday (bleepingcomputer.com)

An anonymous reader writes: For the second time in three months, Google engineers have disclosed a bug in the Windows OS without Microsoft having released a fix before Google's announcement. The bug in question affects the Windows GDI (Graphics Device Interface) (gdi32.dll). According to Google, the issue allows an attacker to read the content of the user's memory using malicious EMF files. The bad news is that the EMF file can be hidden in other documents, such as DOCX, and can be exploited via Office, IE, or Office Online, among many.

According to a bug report filed by Google's Project Zero team, the bug was initially part of a larger collection of issues discovered in March 2016, and fixed in June 2016, via Microsoft's security bulletin MS16-074. Mateusz Jurczyk, the Google engineer who found the first bugs, says the MS16-074 patches were insufficient, and some of the issues he reported continued to remain vulnerable. He later resubmitted the bugs in November 2016.

The 90-days deadline for fixing the bugs expired last week, and the Google researcher disclosed the bug to the public after Microsoft delayed February's security updates to next month's Patch Tuesday, for March 15.

Submission + - HAARP Comes Alive Once Again

Freshly Exhumed writes: News on Hackaday today informs that the famous HAARP antenna array is to be brought back into service for experiments by the University of Alaska. Built in the 1990s for the US Air Forceâ(TM)s High Frequency Active Auroral Research Program, the array is a 40-acre site containing a phased array of 180 HF antennas and their associated high power transmitters. Its purpose it to conduct research on charged particles in the upper atmosphere.

Submission + - Is Vodafone's new broadband service a man-in-the-middle attack? (vodafone.co.uk)

Duncan J Murray writes: Vodafone's recent entry into the competitive broadband ADSL and fibre market in the UK has been met with accusations that they are partaking in a man in a middle attack by providing certificates from contentcontrol.vodafone.co.uk. bored writes "Vodafone are performing a man-in-the-middle attack... Rather than subverting a wifi router, they have a proxy server which is intercepting your encrypted data requests, making the connection to the encrypted endpoint itself and getting you to send your requests to the Vodafone proxy server...."

Vodafone broadband also seems to be falling foul noscript's Application Boundary Enforcer designed to prevent DNS rebinding attacks, requiring system ABE rules to be disabled to access https addresses.

So far vodafone have responded by suggesting a security exception is created for each occurrence, and another reply from vodafone respond "I've double checked this with our Broadband team and this is how our routers are set up, we're unable to change any settings at our end."

Though we should not attribute to malice that which is adequately explained by stupidity, is this unwittingly compromising the security of vodafone broadband users?

Submission + - Techdirt asks judge to throw out suit over "Inventor of E-mail" (arstechnica.com)

walterbyrd writes: Michael Masnick, who founded the popular Techdirt blog, filed a motion today asking for a defamation lawsuit against him to be thrown out. Masnick was sued last month by Shiva Ayyadurai, a scientist and entrepreneur who claims to have invented e-mail in 1978 at a medical college in New Jersey.

In his motion, Masnick claims that Ayyadurai "is seeking to use the muzzle of a defamation action to silence those who question his claim to historical fame."

Submission + - SAP "named-user" license fees are due even for indirect users, court says (networkworld.com)

ahbond writes: Beverage firm Diageo could be on the hook for an additional £55 million in license fees because it gave Salesforce users access to data held in an SAP system. SAP's named-user licensing fees apply even to related applications that only offer users indirect visibility of SAP data, a U.K. judge ruled Thursday in a case pitting SAP against Diageo, the alcoholic beverage giant behind Smirnoff vodka and Guinness beer.

The consequences could be far-reaching for businesses that have integrated their customer-facing systems with an SAP database, potentially leaving them liable for license fees for every customer that accesses their online store.

"Business are signing up to an open-ended direct debit which they can't withdraw from. It's really not surprising that many are now choosing the certainty and low cost of Google and Amazon Web Services"

Submission + - A Source Code Typo Allowed an Attacker to Steal 370,000 Zerocoin ($592,000) (bleepingcomputer.com)

An anonymous reader writes: A typo in the Zerocoin source code allowed an attacker to steal 370,000 Zerocoin, which is about $592,000 at today's price. According to the Zcoin team, one extra character left inside Zerocoin's source code was the cause of the bug. The hacker exploited the bugs for weeks, by initiating a transaction and receiving the money many times over.

According to the Zcoin team, the attacker (or attackers) was very sophisticated and took great care to hide his tracks. They say the attacker created numerous accounts at Zerocoin exchanges and spread transactions across several weeks so that traders wouldn't notice the uneven transactions volume. The Zcoin team says they worked with various exchanges to attempt and identify the attacker but to no avail.

Out of the 370,000 Zerocoin he stole, the attacker has already sold 350,000. The Zcoin team estimates the attacker made a net profit of 410 Bitcoin ($437,000).

Submission + - Mozilla Thunderbird Finally Makes Its Way Back into Debian's Repos

prisoninmate writes: A year ago, we told you that, after ten long years, the Debian Project finally found a way to switch their rebranded Iceweasel web browser back to Mozilla Firefox, both the ESR (Extended Support Release) and normal versions, but one question remained: what about the Mozilla Thunderbird email, news, and calendar client? Well, that question has an official answer today, as the Mozilla Thunderbird packages appear to have landed in the Debian repositories as a replacement for Icedove, the rebranded version that Debian Project was forced to use for more than ten years do to trademark issues. Make sure you read the entire article to find out what steps you need to take if you want to migrate from Icedove to Mozilla Thunderbird.

Submission + - Shakey Milestone Event Shakes a Few Good Stories Loose from Robotics Pioneers (ieee.org)

Tekla Perry writes: Members of the Shakey the Robot team and other pioneers in robotics gathered at the Computer History Museum this week to celebrate the naming of Shakey as an IEEE Milestone, and talk about Shakey's development and more contemporary topics in robotics research. The discussion touched on why Shakey has no arms, the sometimes bizarre experience of being DOD-funded, whether humans or robots belong in space, and how modern robots deal with drunks in hotel hallways. Along with the human luminaries, Shakey's grandchild, Relay, made a brief appearance.

Submission + - EU Moves To Bring In AI Laws, But Rejects Robot Tax Proposal (newatlas.com)

An anonymous reader writes: The European Parliament has voted on a resolution to regulate the development of artificial intelligence and robotics across the European Union. Based on a raft of recommendations drafted in a report submitted in January to the legal affairs committee, the proposed rules include establishing ethical standards for the development of artificial intelligence, and introducing an insurance scheme to cover liability for accidents involving driverless cars. Not every element in the broad-ranging report was accepted by the Parliament though, with a recommendation to institute a "robot tax" roundly rejected. The robot tax proposal was designed to create a fund that manages the repercussions and retraining of workers made redundant through the increased deployment of industrial and service robots. But those in the robotics industry were supportive of the Parliamentary rejection, with the International Federation of Robotics suggesting to Reuters a robot tax would have been harmful to the burgeoning industry, stifling innovation and competitiveness. The European Parliament passed the resolution comfortably with 396 votes to 123, with 85 abstentions.

Submission + - Malta IT Law Association says new Law is Threat to Internet Freedom in Malta (daphnecaruanagalizia.com)

An anonymous reader writes: The Malta IT Law Association has stated that the Maltese government’s nebulous bill (it's similar to what Russia and China do) to change the law governing the press and the Internet is “a serious threat to Internet freedoms”.

It will become a crime to operate an unlicensed website.

Submission + - Japan Unveils Next-Generation, Pascal-Based AI Supercomputer (nextplatform.com)

kipperstem77 writes: With all of those CPUs and GPUs, Tsubame 3.0 will have 12.15 petaflops of peak double precision performance, and is rated at 24.3 petaflops single precision and, importantly, is rated at 47.2 petaflops at the half precision that is important for neural networks employed in deep learning applications. When added to the existing Tsubame 2.5 machine and the experimental immersion-cooled Tsubame-KFC system, TiTech will have a total of 6,720 GPUs to bring to bear on workloads, adding up to a total of 64.3 aggregate petaflops at half precision. (This is interesting to us because that means Nvidia has worked with TiTech to get half precision working on Kepler GPUs, which did not formally support half precision.)

Submission + - The Untold Story of Atari Founder Nolan Bushnell's Visionary 1980s Tech Incubato (fastcompany.com)

deej1097 writes: In the annals of Silicon Valley history, Nolan Bushnell's name conjures up both brilliant success and spectacular failure. His two landmark achievements were founding Atari in 1972—laying the groundwork for the entire video game industry—and starting Chuck E. Cheese's Pizza Time Theatre in 1977. But there’s another highlight of Bushnell's bio that has long gone undocumented: pioneer of the high-tech incubator.

Submission + - How Atari's Nolan Bushnell pioneered the tech incubator in the 1980s (fastcompany.com)

harrymcc writes: After Nolan Bushnell founded Atari and Chuck E. Cheese in the 1970s, he had so many ideas for new tech products that he started a tech incubator called Catalyst to spin them off into startups. Catalyst's companies were involved in robotics, online shopping, navigation, electronic game distribution, and other areas that eventually became big businesses--but they did it with 1980s technology. Over at Fast Company, Benj Edwards tells this remarkable, forgotten story.

Submission + - The future of wifi is here, and it's artisanal (backchannel.com)

mirandakatz writes: Wifi is growing up, fast—we're now seeing an influx of new "mesh" systems that use a system of devices to provide more consistent wifi to you in your home. At Backchannel, Steven Levy offers a guide to these new products, from Eero to Plume and Google Wifi, writing that "our relationship with wireless has changed for good. From this point on our data flow will be better, but we will have to become network administrators in the process. The amateur stage of home wifi is over, and, like it or not, we’re doomed to become pros...Inevitably, we will spend a multiple of the amount we used to drop on a new router once the old one petered out. The New Wifi is the $5 latte to the standard cup of coffee. And it’s just as tasty and essential."

Submission + - Software Goes Through 'Beta Testing.' Should Online College Courses? (Some Do) (edsurge.com)

jyosim writes: Coursera has recruited a volunteer corp of more than 2,500 beta testers to try out MOOCs before they launch. Other free online course providers have set up systems that catch things like mistakes in tests, or just whether videos are confusing.

Traditional colleges have shied away from checking online course content before going live, citing academic freedom. But some colleges are developing checklists to judge course design and accessibility.

“It would be lovely if universities would consider ways of adopting the practice of beta testing,” says Phillip Long, chief innovation officer and associate vice provost for learning sciences at the University of Texas at Austin. One factor, though, is cost. “How do you scale that at a university that has thousands of courses being taught,” he asks.

EdSurge asks: How much beta testing makes sense for courses, and what’s the best way to do it?

Submission + - Zuck: I'd Like To Teach The World To Use Facebook (In Perfect Harmony) 2

theodp writes: OK, it's not quite Ted Kaczynski-length, but Mark Zuckerberg's new Facebook Humanitarian Manifesto weighs in at a whopping 5,700+ words. In it, Zuck envisions the world being bettered by greater adoption of an AI-powered Facebook, which may evoke memories in some of the iconic "I'd Like to Buy the World a Coke" commercial (video, lyrics), which envisioned a world vastly improved by increased Coca-Cola consumption. Hey, everything old is new again!

Submission + - Woolly Mammoth On Verge of Resurrection, Scientists Reveal (theguardian.com)

An anonymous reader writes: The woolly mammoth vanished from the Earth 4,000 years ago, but now scientists say they are on the brink of resurrecting the ancient beast in a revised form, through an ambitious feat of genetic engineering. Speaking ahead of the American Association for the Advancement of Science (AAAS) annual meeting in Boston this week, the scientist leading the “de-extinction” effort said the Harvard team is just two years away from creating a hybrid embryo, in which mammoth traits would be programmed into an Asian elephant. “Our aim is to produce a hybrid elephant-mammoth embryo,” said Prof George Church. “Actually, it would be more like an elephant with a number of mammoth traits. We’re not there yet, but it could happen in a couple of years.” The creature, sometimes referred to as a “mammophant”, would be partly elephant, but with features such as small ears, subcutaneous fat, long shaggy hair and cold-adapted blood. The mammoth genes for these traits are spliced into the elephant DNA using the powerful gene-editing tool, Crispr. Until now, the team have stopped at the cell stage, but are now moving towards creating embryos – although, they said that it would be many years before any serious attempt at producing a living creature.

Submission + - FCC Chairman Wants It To Be Easier To Listen To Free FM Radio On Your Smartphone (recode.net)

An anonymous reader writes: Your smartphone has an FM radio in it, only it’s unlikely that you’re able to use it. That’s because in the U.S., less than half of phones actually have the FM tuner turned on. But FCC Chairman Ajit Pai, who just recently assumed the top position at the regulatory agency under President Trump, thinks that should change. In remarks made to the North American Broadcasters Association yesterday, Pai said that it’s a public safety issue. Both the former head of the Federal Emergency Management Association and an FCC advisory panel on public safety have advocated for turning on the FM radio capabilities in smartphones, since radio is a reliable source of information when internet or cellphone networks go down in severe weather. Although Pai thinks smartphones should have the FM chip turned on, he doesn’t think the government should mandate it: "As a believer in free markets and the rule of law, I cannot support a government mandate requiring activation of these chips. I don’t believe the FCC has the power to issue a mandate like that, and more generally I believe it’s best to sort this issue out in the marketplace."

Submission + - Mozilla will deprecate XUL add-ons before the end of 2017 2

Artem Tashkinov writes: Mozilla has published a plan of add-ons deprecation in future Firefox releases. Firefox 53 will run in multi process mode by default for all users with some exceptions. Most add ons will continue to function, however certain add ons have already ceased to function because they don't expect multi user mode under the hood. Firefox 54-56 will introduce even more changes which will ultimately break even more addons. Firefox 57, which will be preliminarily released on the 28th of Novermber, 2017, will only run WebExtensions: which means no XUL (overlay) add ons, no bootstrapped extensions, no SDK extensions and no Embedded WebExtensions. In other words by this date the chromification of Firefox will have been completed. If you depend on XUL add ons your only choice past this date will be Pale Moon.

Slashdot Top Deals