Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

Submission + - Yahoo Includes Private Key in Source File For Axis Chrome Extension (threatpost.com)

Trailrunner7 writes: Yahoo on Wednesday launched a new browser called Axis and researchers immediately discovered that the company had mistakenly included its private signing key in the source file, a serious error that would allow an attacker to create a malicious, signed extension for a browser that the browser will then treat as authentic.

The mistake was discovered on Wednesday, soon after Yahoo had launched Axis, which is both a standalone browser for mobile devices as well as an extension for Firefox, Chrome, Safari and Internet Explorer. Yahoo is touting the browser's predictive search capability, which will guess what the user is trying to search for as she is typing and bring up thumbnail images of potential matches.

But that's not the thing that got the most attention. Within hours of the Axis launch, a writer and hacker named Nik Cubrilovic had noticed that the source file for the Axis Chrome extension included the private PGP key that Yahoo used to sign the file. That key is what the Chrome browser would look for in order to ensure that the extension is legitimate and authentic, and so it should never be disclosed publicly.

Space

Submission + - DARPA Funds "100 Year Starship" to Develop Human Interstellar Travel (gizmag.com)

Zothecula writes: Voyager 1, which is now in the outermost layer of the heliosphere that forms the boundary between the Solar System and interstellar space, is set to be the first man-made object to leave the Solar System. It has taken the car-sized probe over 35 years to reach its current point, but at its current speed of about 3.6 AU (334,640,905 miles) per year it would take over 75,000 years to reach our nearest star, Proxima Centauri. Despite the mind-boggling distances involved, DARPA has just awarded funding to form an organization whose aim is to make human interstellar travel a reality within the next century.
Science

Submission + - It Seems That Volcano-Triggered Mega Tsunamis Won't Obliterate New York (txchnologist.com)

MatthewVD writes: "In 2000, geologists told the BBC that the volcano Cumbre Vieja on the Canary Island of La Palma could eventually collapse into the Atlantic Ocean and unleash a tsunami, cinematic in scope, with 80-foot waves that would wipe out the U.S. East Coast. New models show that a smaller collapse , which is much more likely, would send waves only 16-18 feet to the U.S. — a much less catastrophic prospect."
Open Source

Submission + - Why Open Compute is a Win for Rackspace (datacenterknowledge.com)

1sockchuck writes: Cloud provider Rackspace is looking to the emerging open source hardware ecosystem to transform its data centers. The cloud provider spends $200 million a year on servers and storage, and sees the Open Compute Project as the key to reducing its costs on hardware design and operations. Rackspace is keen on the potential of the new Open Rack program, and its buying power is motivating HP and Dell to develop for the new standard — partly because Rackspace has also been talking with original design manufacturers like Quantra and Wistron, It's an early look at how open source hardware could have a virtuous impact on the server economy. “I think the OEMs were not very interested (in Open Compute) initially,” said Rackspace COO Mark Roenigk. “But in the last six months they have become really focused."
Microsoft

Submission + - MS Office for iOS & Android by November (bgr.com) 1

udas writes: "BGR posted an image of an iPad running Office in Feb, too. But Microsoft refuted its autheticity. BGR now claims they have a reliable source. It does make sense, given Microsoft's (lack of) Smartphone market share. If this does happen, I wonder what that means for Microsoft's push towards the phone / tablet market, and, in corollary to Nokia."

Submission + - £200 million coaching programme aims to accelerate SME growth (spwca.co.uk)

jackoliverca writes: "A new £200 million coaching programme aimed at helping up to 26,000 small and medium enterprises (SMEs) to reach their full potential, has been launched by the Government.

The Growth Accelerator scheme is aimed at companies with opportunities for rapid and sustainable growth, hoping to create 55,000 additional jobs and boost the economy.

Business secretary Vince Cable launched the new partnership, which will see private sector business experts working alongside the Government and businesses to identify and overcome growth restraints."

Moon

Submission + - Neil Armstrong gives rare interview (cpaaustralia.com.au) 1

pcritter writes: In a rare coup for accountant's association CPA Australia, CEO Alex Malley interviews Neil Armstrong, whose dad worked as an Auditor, bringing him back 4 decades to the pinnacle of the space race. Neil reveals that "I thought we had a 90 per cent chance of getting back safely to Earth on that flight but only a 50-50 chance of making a landing on that first attempt". The 4 part video series is now posted on CPA Australia's website.
Security

Submission + - Moxie Marlinspike Proposes New TACK Extension to TLS For Key Pinning (threatpost.com)

Trailrunner7 writes: Two independent researchers are proposing an extension for TLS to provide greater trust in certificate authorities, which have become a weak link in the entire public key infrastructure after some big breaches involving fraudulent SSL certificates.

TACK, short for Trust Assertions for Certificate Keys, is a dynamically activated public key framework that enables a TLS server to assert the authenticity of its public key. According to an IETF draft submitted by researchers Moxie Marlinspike and Trevor Perrin, a TACK key is used to sign the public key from the TLS server's certificate. Clients can "pin" a hostname to the TACK key, based on a user's visitation habits, without requiring sites modify their existing certificate chains or limiting a site's ability to deploy or change certificate chains at any time. If the user later encounters a fraudulent certificate on a "pinned" site, the browser will reject the session and send a warning to the user.

"Since TACK pins are based on TACK keys (instead of CA keys), trust in CAs is not required. Additionally, the TACK key may be used to revoke previous TACK signatures (or even itself) in order to handle the compromise of TLS or TACK private keys," according to the draft.

Education

Submission + - Google to fund British computer science teachers (pcpro.co.uk)

nk497 writes: "Last year, Eric Schmidt slammed British computer science teaching, saying the UK was wasting its computing heritage — since then, the Government has agreed to re-examine how the subject is taught. "Rebooting computer science education is not straightforward," Schmidt said. "Scrapping the existing curriculum was a good first step — the equivalent of pulling the plug out of the wall. The question is now how to power up." To help, Schmidt has now promised funding from Google to train 100 teachers as well as give classrooms Raspberry Pis, via charity Teach First."
Businesses

Submission + - Mobile workers work longer hours (computerworlduk.com)

Qedward writes: Last month it was reported on slashdot that a third of workers at a British telecoms company were 'more productive' working from home during a telecommuting experiment to prepare for the London 2012 Olympics.

A more recent study reveals almost two-thirds of mobile employees say they are working 50+ and 60+ hour weeks, with most also working weekends.

It also has security implications, with most mobile workers saying they well do anything to get an internet connection, including hijacking unsecure networks. The problem of needing a connection has also led to an increase in workers waking up through the night due to stress.

Submission + - FBI quietly forms secretive Net-surveillance unit (cnet.com)

An anonymous reader writes: "CNET has learned that the FBI has formed a Domestic Communications Assistance Center, which is tasked with developing new electronic surveillance technologies, including intercepting Internet, wireless, and VoIP communications."

"The big question for me is why there isn't more transparency about what's going on?" asks Jennifer Lynch, a staff attorney at the Electronic Frontier Foundation, a civil liberties group in San Francisco. "We should know more about the program and what the FBI is doing. Which carriers they're working with — which carriers they're having problems with. They're doing the best they can to avoid being transparent."

Submission + - Yahoo (yes, Yahoo) releases a new iOS browser

markjhood2003 writes: Fresh on the heels of Slashdot's discussion of the lack of browser choice on mobile devices comes the announcement of Yahoo's new web browser Axis. According to VentureBeat, the browser runs on iPad and iPhone as a separate standalone browser and as an extension for Chrome, Firefox, and Safari, with support for Android and Windows Phone coming soon. It actually appears to bring some innovation to mobile search, displaying results and queries on the same page for more productive navigation between the two.
Facebook

Submission + - Inside a Facebook Botnet (itworld.com)

itwbennett writes: "Curious about how some unlikely pages were rapidly racking up thousands of new followers, Dan Tynan set out to find out how easy it was to get a botnet to do his bidding. He bought 100 fake Facebook accounts for $20. Then, with a $50 piece of software called Codename:Like, he quickly added some new likers to his Facebook Fan page. One of the companies that caught Tynan's attention for getting over 7,000 followers in 2 days was Hey Dude Skin Care, which told Tynan that it 'fell victim to an outside social media agency. Hey Dude's expectation was that said agency would identify new and relevant followers for the brand.'"

Submission + - Autonomous Sound Responsive High Brightness LED Modules (saikoled.com)

Gibbs-Duhem writes: "This is a cool little art project on Kickstarter where a bunch of individual high power LED lights are souped up with built in audio analysis hardware and an onboard microphone. At scale, these modules put out over 250 lumens a piece, and can be assembled into enormous arrays in any shape or size for under $50 per module for a modern version of the color organs built in analog back in the day. By the same artists who put together quite a few other cool audio oriented high power LED lighting systems, and other sophisticated lights for use with artwork previously covered on Slashdot. As usual, schematics, design information, and board layouts are available for the project."
Botnet

Submission + - Four years' jail for Bredolab botnet author (computerworld.com.au)

angry tapir writes: "The creator of the Bredolab malware has received a four-year prison sentence in Armenia for using his botnet to launch DDoS attacks that damaged multiple computer systems owned by private individuals and organizations. G. Avanesov was sentenced by the Court of First Instance of Armenia's Arabkir and Kanaker-Zeytun administrative districts for offenses under Part 3 of the Article 253 of the country's Criminal Code — intentionally causing damage to a computer system with severe consequences."
Government

Submission + - Obama To Agencies: Optimize Web Content For Mobile (computerworld.com)

CWmike writes: "President Barack Obama has ordered all major government agencies to make two key services available on mobile phones within a year, in an effort to embrace a growing trend toward Web surfing on mobile devices. Obama, in a directive issued Wednesday, also ordered federal agencies to create websites to report on their mobile progress. The websites are due within 90 days. Innovators in the private sector and the government have used the Internet and powerful computers to improve customer service, but 'it is time for the federal government to do more,' Obama said in the memo. 'For far too long, the American people have been forced to navigate a labyrinth of information across different government programs in order to find the services they need.'"
Patents

Submission + - Apple and Samsung ordered talks fail - Trial date set (arstechnica.com)

Fluffeh writes: "Apple and Samsung just can't come to an agreement, even when the two CEO's are court ordered to hash it out over a two day period. US Judge Judy Koh had ordered the sit down prior to court proceedings between the two giants, but the talks resulted in nothing more than each side confirming it's position. Although Apple CEO Tim Cook said "I've always hated litigation and I continue to hate it" he also said "if we could get to some kind of arrangement where we'd be assured [they are inventing their own products] and get a fair settlement on the stuff that's occurred." Perhaps Tim is worried that Samsung is still the primary component supplier for mobile products, including the iPhone, iPad, and iPod touch or perhaps Apple has bitten off more than it really wants to chew with the litigation between the two getting to truly epic and global proportions."

Slashdot Top Deals