Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Can Tech Workers Skip The Olympics As Easily As Athletes? ( 93

netbuzz writes: [Network World reports:] "Golfer Jordan Spieth announced this morning that he will not play in the Olympics, citing Zika, meaning the world's top four players in his sport have now opted out of going to Brazil. They're self-employed and answer to no one. But what of the rank-and-file employees who work for major technology companies sending large contingents to Brazil? Are they being asked -- or compelled -- to ignore the risks? Conversely, could women of child-bearing age be denied the opportunity to go at an employer's discretion?" Major vendors like Cisco and GE say they're not making anyone go, though at least one expert says that doing so wouldn't necessarily be a violation of employment law. When asked if anyone declined to go, a Cisco spokesperson said via email: "We're not in a position to confirm whether employees have opted out (that is between them and their manager), but we provide for that option." GE provided a similar response, saying, "No GE employees have opted out of going, but GE employees are free to opt out at any time." Patricia Pryor, an attorney at Jackson Lewis P.C. in Cincinnati who has addressed these issues in a piece for The National Law Review earlier this year, was asked by Network World as well. She says: "Employers are wise to be flexible with travel requirements to Zika-infested areas when they can and when doing so is reasonable. However, there are some jobs where the purpose of the job/or the essential functions of the job require travel to these areas. If it is not reasonable or possible to delay travel to the area, an employer generally can require employees to travel."
The Military

Stuxnet/Cyberwar Documentary Reviewer: 'The U.S. Has Pwned Iran' ( 138

Slashdot reader alphadogg quotes an article from Network World: The new documentary about Stuxnet, "Zero Days", says the U.S. had a far larger cyber operation against Iran called Nitro Zeus that has compromised the country's infrastructure and could be used as a weapon in any future war. Quoting unnamed sources from inside the NSA and CIA, the movie says the Nitro Zeus program has infiltrated the systems controlling communications, power grids, transportation and financial systems, and is still ready to "disrupt, degrade and destroy" that infrastructure if a war should break out with Iran...

For the more technically inclined, the film contains some riveting interviews with researchers at Symantec who devoted their lives to unraveling the code line by line to figure out what it did, how it did it, who created it and what the target was. It was also a bit chilling in that after they figured out that governments were behind the worm they worried that the researchers themselves might be targeted to keep them silent. One Friday night, says Symantec researcher Eric Chien, he said to his research partner Liam O Murchu, "I'm not suicidal. If I should show up dead on Monday, it wasn't me."

In the film former NSA and CIA director Gen. Michael Hayden says "This stuff is hideously over classified."

Do We Need A Better Private Browsing Mode? ( 126

Network World's Alan Zeichi recently argued "We need a better Private Browsing mode." Slashdot reader Miche67 writes: As this writer says, Chrome's Incognito Mode "doesn't offer strong protection at all." [Incognito mode "only prevents Chrome from saving your site visit activity. It won't stop other sources from seeing your browsing activity."] And Firefox's Private Browsing with Tracking Protection -- while stronger than Chrome -- is an all-or-nothing option. "You can't turn it off for sites you trust, but have it otherwise enabled by default."
The submission ends, "Every single link to non-trusted websites should open, by default, in a Private/Incognito window. C'mon, browser makers, get this done." This raises two questions. How do Slashdot's readers browse? And do you think we need a better private mode for web browsing?

Researchers Add Software Bugs To Reduce the Number of Software Bugs ( 73

Reader alphadogg writes: Researchers are adding bugs to experimental software code in order to ultimately wind up with programs that have fewer vulnerabilities. The idea is to insert a known quantity of vulnerabilities into code, then see how many of them are discovered by bug-finding tools. By analyzing the reasons bugs escape detection, developers can create more effective bug-finders, according to researchers at New York University in collaboration with others from MIT's Lincoln Laboratory and Northeastern University. They created large-scale automated vulnerability addition (LAVA), which is a low-cost technique that adds the vulnerabilities."The only way to evaluate a bug finder is to control the number of bugs in a program, which is exactly what we do with LAVA," says Brendan Dolan-Gavitt, a computer science and engineering professor at NYU's Tandon School of Engineering.

Microsoft Targets The iMac With New All-In-One Surface PCs, Reports Say ( 140

New submitter Miche67 writes: Two reports say Microsoft is working on an all-in-one (AIO) PC under the Surface brand. If that's true, it would put it in competition with HP and Dell, which have their own AIO lines, as well as put it in competition with Apple's iMac. Network World reports: "Both DigiTimes and Windows Central picked up on the story, each citing their own sources. DigiTimes, a Taiwan-based publication with connections to the PC industry over there (but also a very mixed record of accuracy) said the new devices would come in the third quarter of this year. Windows Central, which is a little better when it comes to rumors, said it did not have a solid release date." Business Insider was able to find a patent filing by Microsoft for a desktop PC that supports the rumored AIO design. "The device is evidently targeting a 'modern and elegant' design and is meant to be something akin to a premium appliance or furniture," Windows Central wrote. Intel's release date of the new Kaby Lake line of processors around Q3 of this year complicates things. While Kaby Lake is said to be more mobile-friendly with less power consumption and heat, they would make for a good choice for an AIO machine. However, it would be pushing it for Microsoft to release its AIO machines in the same quarter that Kaby Lake is due. On a semi-related note, a programmer at Building 88 recently confirmed that Microsoft will release Surface 5 devices next year powered by Kaby Lake processors. He posted pictures of four device holders marked "2017" on his Twitter account.

Businesses Lose $3.1 Billion to Email Scams, FBI Warns ( 18

Business have lost over $3 billion because of compromised e-mail accounts, the FBI reports, citing "a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments." 22,143 business have been affected -- 14,302 within the U.S. -- with a total dollar loss of $3,086,250,090, representing an increase of 1,300% since January of 2015.

Using social engineering or "computer intrusion techniques," the attackers target employees responsible for wire transfers (or issuing checks) using five scenarios, which include bogus invoices or executive requests for a wire transfer of funds, with some attackers even impersonating a corporate law firm. "Victims report that IP addresses frequently trace back to free domain registrars," warns the FBI's Internet Crime Complaint Center, which also urges businesses to avoid free web-based e-mail accounts.

Apple Explains Why iMessage Isn't Coming To Android ( 157

An anonymous reader quotes a report from Network World: Ahead of Apple's WWDC keynote this year, one of the more bizarre and sketchy rumors we saw take shape claimed that Apple was planning to deliver iMessage to Android. As is typically the case, the rumor mill took this somewhat ridiculous rumor and ran with it. The only problem is that some people were so busy trying to figure out the ramifications of iMessage hitting Android that they didn't take a step back and try and figure out if this is something Apple would even contemplate in the first place. Remember, every move Apple makes is strategic and geared towards making more money, either via device sales or software. That being the case, iMessage on Android would not only be a free app, but it would also eliminate a user-experience advantage of iOS. Interestingly enough, Walt Mossberg of The Verge asked a senior Apple executive about the rumor whereupon the nameless executive all but indicated that iMessage will never be coming to Android. Walt Mossberg writes: "First, he said, Apple considers its own user base of 1 billion active devices to provide a large enough data set for any possible AI learning the company is working on. And, second, having a superior messaging platform that only worked on Apple devices would help sales of those device -- the company's classic (and successful) rationale for years."

Is the 'Secret' Chip In Intel CPUs Really That Dangerous? ( 245

New submitter Miche67 writes: A recent Boing Boing blog post by Damien Zammit is stirring up fears, claiming Intel's x86 processors have a secret control mechanism that no one can audit or examine. And because of that, he says it could expose systems to undetectable rootkit attacks that cannot be killed.
Blogger Andy Patrizio, after talking with an Intel spokesperson, says the developer's argument has holes and he doesn't think Zammit will persuade Intel to replace the system with a free, open source option.

So, what we have is an open source crusader scaring the daylights out of people on a giant what-if scenario that even he admits couldn't happen in our lifetimes.

An Intel spokesperson told the publication: While the Intel Management Engine is proprietary and Intel does not share the source code, it is very secure. Intel has a defined set of policies and procedures, managed by a dedicated team, to actively monitor and respond to vulnerabilities identified in released products. In the case of the Intel Management Engine, there are mechanisms in place to address vulnerabilities should the need arise.


Woman Uses 'Hey Siri' To Call An Ambulance and Help Save Her Child's Life ( 208

An anonymous reader quotes a report from Networkworld: When Apple released the iPhone 6s, it included a great new Siri feature which enables users to activate the intelligent assistant via voice. Dubbed 'Hey Siri,' the feature is particularly convenient because the iPhone 6s' M9 motion co-processor is 'always listening' and thereby lets users use 'Hey Siri' even when the device isn't connected to a power source. Recently, Stacey Gleeson of Australia used the 'Hey Siri' feature to successfully call an ambulance while she was tending to her daughter Giana who had stopped breathing. "I picked her up and sat down with her on the floor," Gleeson said in an interview. "And as I checked her airways, I looked over and remembered my phone." Thinking quick on her feet, Gleeson said, "Hey Siri, call the ambulance." Fortunately, Gleeson managed to resuscitate her daughter while the ambulance was in route. And while it's impossible to know for sure, it's entirely possible that the time Gleeson saved by not having to call an ambulance manually helped save her daughter's life. "Saving me the trouble of having to physically dial emergency services was a godsend," Gleeson said.
The Internet

Qualcomm's Connected Car Reference Platform To Connect Smart Cars To Everything ( 110

An anonymous reader writes: Qualcomm wants to supply the next generation of autonomous and connected cars with networking to connect everything inside and outside of the cars. That means 5G, WiFi, Bluetooth, GNSS, DSRC, V2X, OABR, CAN, etc. ... [Networkworld reports: "Qualcomm today announced its Connected Car Reference Platform intended for the car industry to use to build prototypes of the next-generation connected car. Every category from economy to luxury car will be much smarter than the connected luxury car of today, creating a big opportunity for Qualcomm to supply semiconductors to automakers and suppliers. Qualcomm described the following features of the Connected Car Reference Platform in its release:

Scalability: Using a common framework that scales from a basic telematics control unit (TCU) up to a highly integrated wireless gateway, connecting multiple electronic control units (ECUs) within the car and supporting critical functions, such as over-the-air software upgrades and data collection and analytics.
Future-proofing: Allowing the vehicleâ(TM)s connectivity hardware and software to be upgraded through its life cycle, providing automakers with a migration path from Dedicated Short Range Communications (DSRC) to hybrid/cellular V2X and from 4G LTE to 5G.
Wireless coexistence: Managing concurrent operation of multiple wireless technologies using the same spectrum frequencies, such as Wi-Fi, Bluetooth and Bluetooth Low Energy.
OEM and third-party applications support: Providing a secure framework for the development and execution of custom applications."]

Open Source

CoreOS Launches Torus, a New Open Source Distributed Storage System ( 26

CoreOS on Wednesday launched Torus, an open source project that provides storage primitives designed for cloud-native apps and can be deployed like a containerized app via Kubernetes. With Torus, startups and enterprises get access to the same kind of technologies that web-scale companies such as Google already use internally. NetworkWorld reports: Torus is deployed by Kubernetes, side by side with the apps to which it provides storage, and it uses Kubernetes's Flexvolume plugin to allow dynamic mounting of volumes for nodes in the cluster. This allows, for example, PostgreSQL to run atop Torus storage volumes. Torus also demonstrates how CoreOS is working on what happens around containers, not only what happens inside them. A key part of Torus is etcd, a distributed key/value store used by CoreOS to automatically keep configuration data consistent across all machines in a cluster. In Torus, etcd is used to store and replicate metadata for all the files and objects stored in the pool.
The Internet

Tor Browser 6.0: Ditches SHA-1 Support, Uses DuckDuckGo For Default Search Results ( 53

The version 6.0 of Tor Browser, a free software for enabling anonymous communication, is now available to download. The new version introduces several changes, including disabling SHA-1 support, and removing Mac Gatekeeper issue. Another big change is that Tor now uses DuckDuckGo for search results by default. The Tor Project, people behind Tor, add that the "updater is not relying on the signature alone, but is checking the hash of the downloaded update file as well before applying it." More details on NetworkWorld.

FCC Formalizes Massive Fines For Selling, Using Cell-Phone Jammers ( 135

An anonymous reader quotes a report from Network World: Two years ago the FCC announced its intention to fine a Chinese electronics maker $34.9 million and a Florida man $48,000 for respectively selling and using illegal cell-phone jammers. Today the agency has issued press releases telling us that those fines have finally been made official, without either of the offending parties having bothered to mount a formal defense of their actions. From the press release announcing the fine against CTS. Technology: "[...] The company's website falsely claimed that some jammers had been approved by the FCC, and advertised that the company could ship signal jammers to consumers in the United States." The company did not respond to the FCC's allegations, although the agency does report that changes were made to its website that appear to be aimed at complying with U.S. law. Next up is Florida man, Jason R. Humphreys, who is alleged to have used a jammer on his commute: "Mr. Humphreys' illegal operation of the jammer continued for up to two years, caused interference to cellular service along Interstate 4, and disrupted police communications." Last Fall, a Chicagoan was arrested for using a cell-phone jammer to make his subway commute more tolerable.

DARPA Extreme DDOS Project Transforming Network Attack Mitigation ( 21

coondoggie quotes a report from Networkworld: Researchers with the Defense Advanced Research Projects Agency (DARPA) have quickly moved to alter the way the military, public and private enterprises protect their networks from high-and low-speed distributed denial-of-service attacks with a program called Extreme DDoS Defense (XD3). The agency has since September awarded seven XD3 multi-million contracts to Georgia Tech, George Mason University, Invincea Labs, Raytheon BBN, Vencore Labs (two contracts) and this week to the University of Pennsylvania to radically alter DDOS defenses. One more contract is expected under the program. [DARPA says the XD3 program looks to develop technologies that: Thwart DDos attacks by dispersing cyber assets (physically and/or logically) to complicate adversarial targeting, disguise the characteristics and behaviors of those assets to confuse or deceive the adversary, blunt the effects of attacks that succeed in penetrating other defensive measures by using adaptive mitigation techniques on endpoints such as mission-critical servers.]

NASA's Planet Hunter Spots Record 1,284 New Planets, 9 In A Habitable Zone ( 83

coondoggie quotes a report from Network World: NASA's planet hunting space telescope Kepler added a record 1,284 confirmed planets to its already impressive discoveries of extraterrestrial worlds. [This batch of planets is the largest single account of new planets since Kepler launched in 2009 and more than doubles the number of confirmed planets realized by the space telescope so far to more than 2,300.] The discoveries were a result of an automated technique implemented in a publicly available custom software package called Vespa, which lets scientists analyze thousands of signals Kepler has identified to determine which are most likely to be caused by planets and which are caused by non-planetary objects such as stars. "Vespa computed the reliability values for over 7,000 signals identified in the latest Kepler catalog which identified 4,302 potential planets and verified the 1,284 planets with 99% certainty," said the Princeton researchers that developed Vespa. NASA said, based on their size, nearly 550 of the validated planets could be rocky like Earth. Nine of which orbit in their sun's habitable zone.

FTC Orders Apple, Google, Microsoft, BlackBerry, Samsung To Divulge Mobile Security Practices ( 74

coondoggie quotes a report from Networkworld: The Federal Trade Commission today said it issued a 10-page letter to eight leading players in the mobile communications arena requiring them to tell the agency how they issue security updates to address vulnerabilities in smartphones, tablets, and other mobile devices. Apple, BlackBerry, Google, HTC America, LG Electronics, Microsoft, Motorola Mobility, and Samsung must provide the following: The factors that they consider in deciding whether to patch a vulnerability on a particular mobile device, detailed data on the specific mobile devices they have offered for sale to consumers since August 2013, the vulnerabilities that have affected those devices, and whether and when the company patched such vulnerabilities.

Nvidia GPU-Powered Autonomous Car Teaches Itself To See And Steer ( 54

An anonymous reader quotes a report from Network World discussing Nvidia's project called DAVE2, where their engineering team built a self-driving car with one camera, one Drive-PX embedded computer and only 72 hours of training data: Neural networks and image recognition applications such as self-driving cars have exploded recently for two reasons. First, Graphical Processing Units (GPU) used to render graphics in mobile phones became powerful and inexpensive. GPUs densely packed onto board-level supercomputers are very good at solving massively parallel neural network problems and are inexpensive enough for every AI researcher and software developer to buy. Second, large, labeled image datasets have become available to train massively parallel neural networks implemented on GPUs to see and perceive the world of objects captured by cameras. The Nvidia team trained a convolutional neural network (CNN) to map raw pixels from a single front-facing camera directly to steering commands. Nvidia's breakthrough is the autonomous vehicle automatically taught itself by watching how a human drove, the internal representations of the processing steps of seeing the road ahead and steering the autonomous vehicle without explicitly training it to detect features such as roads and lanes.
Open Source

Almost Two-Thirds of Software Companies Contributing To Open Source, Says Survey ( 30

Reader alphadogg writes: Open source's march toward preeminence in business software continued over the past year, according to a survey released by open source management provider Black Duck Software and venture capital firm North Bridge. Roughly two-thirds of respondents to the survey -- which was administered online and drew 1,300 respondents -- said that their companies encouraged developers to contribute to open-source projects, and a similar proportion said that they were actively engaged in doing so already. That's a 5% increase from the previous year's survey.

NASA Gives Solar Ionic Propulsion A Monster Boost ( 52

coondoggie quotes a report from Network World: NASA this week took a giant step toward using solar electric power for future space missions by awarding a $67 million contract to Aerojet Rocketdyne to develop an advanced electric propulsion system. Network World writes, "Specifically, Aerojet Rocketdyne will develop and deliver an integrated electric propulsion system -- known as the Advanced Electric Propulsion System (AEPS) -- consisting of a thruster, power processing unit (PPU), low-pressure xenon flow controller, and electrical harness. Such a system would deploy large solar arrays that can be used to convert sunlight into electrical power that ionizes atoms of xenon which is the propellant for the spacecraftâ(TM)s thrusters. In addition, such a power plant could potentially increase spaceflight fuel efficiency by 10 times over current chemical propulsion technology and more than double thrust capability compared to current electric propulsion systems, NASA said." NASA's plan is to use this propulsion system on its future Asteroid Redirect Mission, as well as on its mission to Mars.

RIP Prince, A Legendary Musician With A Complicated Internet History ( 196

alphadogg writes: Reflecting on the popular musician's uneasy relationship with the Internet and social media upon the 57-year-old surprising death. In 2010, Prince "famously shuttered his website," proclaiming that "The Internet is completely over... All these computers and digital gadgets are no good. They just fill your head with numbers and that can't be good for you." In 2014, The Guardian ran a story titled "Prince quits the Internet," after the singer deleted his social media accounts. He filed a lawsuit against his fans, which was later dropped, for sharing bootlegged copies of his music online. He even banned fans from taking smartphone photos at his concerts in 2013. Prince did seem to open up to the Internet to some degree in the past couple years. Prince's HTNRUN album was posted on Jay Z's Tidal music site last year. In Silicon Valley, Prince is being remembered as a social innovator and a passionate advocate for Black youth," inspiring YesWeCode, Van Jones' initiative to teach 100,000 low-income kids to write code, and hackathons across the country to expose kids in underserved communities to computer science. Bob Brown from Networkworld writes, "News of Prince's death Thursday briefly crashed the TMZ news site. From there, fans flocked to the Internet and social media to mourn this music star who did his darnedest to stay off the grid." RIP Prince.

Slashdot Top Deals