Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - HAARP Comes Alive Once Again

Freshly Exhumed writes: News on Hackaday today informs that the famous HAARP antenna array is to be brought back into service for experiments by the University of Alaska. Built in the 1990s for the US Air Forceâ(TM)s High Frequency Active Auroral Research Program, the array is a 40-acre site containing a phased array of 180 HF antennas and their associated high power transmitters. Its purpose it to conduct research on charged particles in the upper atmosphere.

Submission + - Is Vodafone's new broadband service a man-in-the-middle attack? (vodafone.co.uk)

Duncan J Murray writes: Vodafone's recent entry into the competitive broadband ADSL and fibre market in the UK has been met with accusations that they are partaking in a man in a middle attack by providing certificates from contentcontrol.vodafone.co.uk. bored writes "Vodafone are performing a man-in-the-middle attack... Rather than subverting a wifi router, they have a proxy server which is intercepting your encrypted data requests, making the connection to the encrypted endpoint itself and getting you to send your requests to the Vodafone proxy server...."

Vodafone broadband also seems to be falling foul noscript's Application Boundary Enforcer designed to prevent DNS rebinding attacks, requiring system ABE rules to be disabled to access https addresses.

So far vodafone have responded by suggesting a security exception is created for each occurrence, and another reply from vodafone respond "I've double checked this with our Broadband team and this is how our routers are set up, we're unable to change any settings at our end."

Though we should not attribute to malice that which is adequately explained by stupidity, is this unwittingly compromising the security of vodafone broadband users?

Submission + - Techdirt asks judge to throw out suit over "Inventor of E-mail" (arstechnica.com)

walterbyrd writes: Michael Masnick, who founded the popular Techdirt blog, filed a motion today asking for a defamation lawsuit against him to be thrown out. Masnick was sued last month by Shiva Ayyadurai, a scientist and entrepreneur who claims to have invented e-mail in 1978 at a medical college in New Jersey.

In his motion, Masnick claims that Ayyadurai "is seeking to use the muzzle of a defamation action to silence those who question his claim to historical fame."

Submission + - SAP "named-user" license fees are due even for indirect users, court says (networkworld.com)

ahbond writes: Beverage firm Diageo could be on the hook for an additional £55 million in license fees because it gave Salesforce users access to data held in an SAP system. SAP's named-user licensing fees apply even to related applications that only offer users indirect visibility of SAP data, a U.K. judge ruled Thursday in a case pitting SAP against Diageo, the alcoholic beverage giant behind Smirnoff vodka and Guinness beer.

The consequences could be far-reaching for businesses that have integrated their customer-facing systems with an SAP database, potentially leaving them liable for license fees for every customer that accesses their online store.

"Business are signing up to an open-ended direct debit which they can't withdraw from. It's really not surprising that many are now choosing the certainty and low cost of Google and Amazon Web Services"

Submission + - A Source Code Typo Allowed an Attacker to Steal 370,000 Zerocoin ($592,000) (bleepingcomputer.com)

An anonymous reader writes: A typo in the Zerocoin source code allowed an attacker to steal 370,000 Zerocoin, which is about $592,000 at today's price. According to the Zcoin team, one extra character left inside Zerocoin's source code was the cause of the bug. The hacker exploited the bugs for weeks, by initiating a transaction and receiving the money many times over.

According to the Zcoin team, the attacker (or attackers) was very sophisticated and took great care to hide his tracks. They say the attacker created numerous accounts at Zerocoin exchanges and spread transactions across several weeks so that traders wouldn't notice the uneven transactions volume. The Zcoin team says they worked with various exchanges to attempt and identify the attacker but to no avail.

Out of the 370,000 Zerocoin he stole, the attacker has already sold 350,000. The Zcoin team estimates the attacker made a net profit of 410 Bitcoin ($437,000).

Submission + - Mozilla Thunderbird Finally Makes Its Way Back into Debian's Repos

prisoninmate writes: A year ago, we told you that, after ten long years, the Debian Project finally found a way to switch their rebranded Iceweasel web browser back to Mozilla Firefox, both the ESR (Extended Support Release) and normal versions, but one question remained: what about the Mozilla Thunderbird email, news, and calendar client? Well, that question has an official answer today, as the Mozilla Thunderbird packages appear to have landed in the Debian repositories as a replacement for Icedove, the rebranded version that Debian Project was forced to use for more than ten years do to trademark issues. Make sure you read the entire article to find out what steps you need to take if you want to migrate from Icedove to Mozilla Thunderbird.

Submission + - Software Goes Through 'Beta Testing.' Should Online College Courses? (Some Do) (edsurge.com)

jyosim writes: Coursera has recruited a volunteer corp of more than 2,500 beta testers to try out MOOCs before they launch. Other free online course providers have set up systems that catch things like mistakes in tests, or just whether videos are confusing.

Traditional colleges have shied away from checking online course content before going live, citing academic freedom. But some colleges are developing checklists to judge course design and accessibility.

“It would be lovely if universities would consider ways of adopting the practice of beta testing,” says Phillip Long, chief innovation officer and associate vice provost for learning sciences at the University of Texas at Austin. One factor, though, is cost. “How do you scale that at a university that has thousands of courses being taught,” he asks.

EdSurge asks: How much beta testing makes sense for courses, and what’s the best way to do it?

Submission + - Zuck: I'd Like To Teach The World To Use Facebook (In Perfect Harmony) 2

theodp writes: OK, it's not quite Ted Kaczynski-length, but Mark Zuckerberg's new Facebook Humanitarian Manifesto weighs in at a whopping 5,700+ words. In it, Zuck envisions the world being bettered by greater adoption of an AI-powered Facebook, which may evoke memories in some of the iconic "I'd Like to Buy the World a Coke" commercial (video, lyrics), which envisioned a world vastly improved by increased Coca-Cola consumption. Hey, everything old is new again!

Submission + - Mozilla will deprecate XUL add-ons before the end of 2017 2

Artem Tashkinov writes: Mozilla has published a plan of add-ons deprecation in future Firefox releases. Firefox 53 will run in multi process mode by default for all users with some exceptions. Most add ons will continue to function, however certain add ons have already ceased to function because they don't expect multi user mode under the hood. Firefox 54-56 will introduce even more changes which will ultimately break even more addons. Firefox 57, which will be preliminarily released on the 28th of Novermber, 2017, will only run WebExtensions: which means no XUL (overlay) add ons, no bootstrapped extensions, no SDK extensions and no Embedded WebExtensions. In other words by this date the chromification of Firefox will have been completed. If you depend on XUL add ons your only choice past this date will be Pale Moon.

Submission + - Scottish court awards damages for CCTV camera pointed at neighbour's house (boingboing.net)

AmiMoJo writes: Edinburgh's Nahid Akram installed a CCTV system that let him record his downstairs neighbours Debbie and Tony Woolley in their back garden, capturing both images and audio of their private conversations, with a system that had the capacity to record continuously for five days. A Scottish court has ruled that the distress caused by their neighbour's camera entitled the Woolleys to £17,000 in damages, without the need for them to demonstrate any actual financial loss. The judgment builds on a 2015 English court ruling against Google for spying on logged out Safari users, where the users were not required to show financial losses to receive compensation for private surveillance.

Submission + - Google Home gets shop-by-voice (betanews.com)

BrianFagioli writes: One alternative to Amazon's solution is Google Home. The search-giant's device is essentially the same concept as Echo — an always-listening assistant ready to serve you. Today, Google announces that its assistant-focused device is gaining a really great new feature — shopping. Consumers can leverage their voices to buy goods — no need to go to their laptop or smartphone.

"Starting today, you can shop for your everyday essentials — from paper towels to vitamins. You'll be able to order from participating Google Express retailers, including Costco, Whole Foods Market, Walgreens, PetSmart, Bed Bath & Beyond and more than 50 other national and locally available retailers. To get started, just say 'Ok Google, how do I shop?' or 'Ok Google, order paper towels'." says David Wang and Larry Adams, Product Managers, Google.

Submission + - McDonalds hires Project Ara design team to reinvent the drinking straw (fastcodesign.com)

An anonymous reader writes: McDonalds hired the creators of Google's Project Ara to reinvent the drinking straw. Their new invention, the "Suction Tube for Reverse Axial Widthdrawral" (STRAW for short) is a J-shaped device that allows the user to drink both layers of the company's dual-layer Chocolate Shamrock shake simultaneously, receiving an optimal mixture of chocolate and, um, shamrock. McDonalds announced the new product at a Facebook live event yesterday, including a keynote by McDonalds Senior Director of Menu Innovation Darci Forrest, and a silicon-valley style panel moderated by Austin Evans, including interviews with engineers from NK Labs and JACE. Computational fluid dynamics simulations, 3D printing, and extensive real-world testing (drinking shakes) were required to get the design ready for its eventual unveiling. McDonalds is producing a limited first run of 2000 of the straws, for distribution at restaurants across the US. Video Link, https://www.fastcodesign.com/3...">Fast Company Hands-On Review,
Engadget Review

Submission + - Your Digital Life Can Be Legally Seized at the Border 3

Toe, The writes: Quincy Larson from freeCodeCamp relates some frightening stories from U.S. citizens entering their own country, and notes that you don't have fourth and fifth amendment rights at the border. People can and have been compelled to give their phone password (or be detained indefinitely) before entering the U.S and other countries. Given what we keep on our phones, he concludes that it is now both easy and legal for customs and border control to access your whole digital life. And he provides some nice insights on how easy it is to access and store the whole thing, how widespread access would be to that data, and how easy it would be for the wrong hands to get on it. His advice: before you travel internationally, wipe your phone or bring/rent/buy a clean one.

Submission + - RSA conference attendees get hacked (esecurityplanet.com)

storagedude writes: Security testing company Pwnie Express scanned Wi-Fi access at the RSA conference and found multiple EvilAP attacks. What's worse, several attendees fell for these dummy Wi-Fi services that spoof well-known brands like Starbucks. The company also found a number of access points using outdated WEP encryption. So much for security pros...

Slashdot Top Deals