Ed Goforth - Slashdot User

Submission + - Serious Network Function Vulnerability Found In Glibc 1

Submitted by Anonymous Coward on Tuesday January 27, 2015 @02:54PM

An anonymous reader writes: A very serious security problem has been found and patched in the GNU C Library (Glibc). A heap-based buffer overflow was found in __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to make an application call to either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the program. The vulnerability is easy to trigger as gethostbyname() can be called remotely for applications that do any kind of DNS resolving within the code. Qualys, who discovered the vulnerability (nicknamed "Ghost") during a code audit, wrote a mailing list entry with more details, including in-depth analysis and exploit vectors.

Feed Google News Sci Tech: The Internet of Things just got a watchdog: FTC issues official report - Ars Tec (google.com)

From feed by feedfeeder on Tuesday January 27, 2015 @01:32PM

Firstpost

The Internet of Things just got a watchdog: FTC issues official report
Ars Technica
On Tuesday morning at the annual State of the Net conference in Washington DC, Federal Trade Commission Chairwoman Edith Ramirez gave a keynote address announcing the FTC's latest initiative: watching the Internet of Things for privacy violations.
Internet of Things: A security threat to business by the backdoor?ZDNet
FTC: The Internet of things is already here — and it needs to be securedWashington Post (blog)
FTC Staffers Recommend Minimizing Internet of Things Data CollectionMultichannel News
The Hill-Times of India-PC Pro
all 98 news articles

Submission + - How not to waste your money on the second wave of 802.11ac wireless gear (networkworld.com)

Submitted by alphadogg on Tuesday January 27, 2015 @12:51PM

alphadogg writes: The best way to avoid wasting your money on Wave 2 of 802.11ac access points is to not buy them right away, and the second-best is to not overreact to their presence on your network. Wave 2 APs have been on the market for about a year, dating back to last January’s release of the Asus RT-AC87U, but the technology hasn’t yet become commonplace among enterprise users.

Submission + - Kepler Discovers Solar System's Ancient 'Twin' (discovery.com)

Submitted by astroengine on Tuesday January 27, 2015 @12:40PM

astroengine writes: Astronomers have found a star system that bears striking resemblance to our inner solar system. It’s a sun-like star that plays host to a system of five small exoplanets — from the size of Mercury to the size of Venus. But there’s something very alien about this compact ‘solar system’; it formed when the universe was only 20 percent the age it is now, making making it the most ancient star system playing host to terrestrial sized worlds discovered to date.

Comment Re:You don't know the Linux desktop market. (Score 1) 87

by Ed Goforth on Tuesday July 08, 2014 @10:51AM (#47407181) Attached to: KDE Releases Frameworks 5

Not quite sure what you're trying to say there, but I've used 5 & 6 and both have Gnome as the default.

Thankfully, still version 2.xx

That's exactly what I was trying to say, but somehow the word "Gnome" didn't make it from brain to keyboard.

Comment Re:You don't know the Linux desktop market. (Score 2) 87

by Ed Goforth on Monday July 07, 2014 @08:34PM (#47404155) Attached to: KDE Releases Frameworks 5

Are you sure that you're looking at the right Wikipedia page? I was curious about the GP's claims, too, so I checked out the reference. I don't see the content warning that you're talking about, [snip]

It has the "content warning" right at the top of the article:

This article is written like a personal reflection or opinion essay that states the Wikipedia editor's particular feelings about a topic, rather than the opinions of experts. Please help improve it by rewriting it in an encyclopedic style. (December 2007)

It's the boilerplate from "{{Essay-like|date=December 2007}}" according to the Edit page.

For the record, I do use and prefer KDE, but every copy of CentOS 5 or 6, since it's the default. I do have some CentOS 5 servers where I use KDE inside of VNC. But the KDE that's part of CentOS 6 is very unstable in my experience with plasma-desktop crashing frequently.

Submission + - The Good News About Cell Phone Upgrade Turnover (wsj.com)

Submitted by retroworks on Saturday September 21, 2013 @05:21PM

retroworks writes: Slashdot has recently covered the bad news about demand for cell phones in poor countries -the effects of conflict metal mining (coltan/tantalum). Today, a Wall Street Journal op-ed cites an opposite effect. Without negating the "resource curse" in economies stuck in mining, professor Daniel Fletcher (UC Berkeley, Blum Center for Development Studies) points out the blessings of tinkerers. "New phones with larger screens and better cameras ... the push for more powerful devices — and manufacturers' willingness to respond to demand— is on track to improve the lives of millions of people living in extreme poverty. ... the latest, greatest smartphones are driving a dramatic decrease in cost and increase in functionality that will benefit people whose total annual income is often less than the cost of a single phone. The reason for this odd coupling between affluent smartphone purchasers and the poor is simple: The enormous capabilities of smartphones are being repurposed and redirected for use in the developing world."

Is it possible to be proud to be an "e-waste exporter?" Or is this simply an excuse to externalize the costs of WEEE recycling, and to ship the wealthy's junk as "toxics along for the ride?" See photos covering both sides of the emerging markets recycling story in new book by Adam Minter, Junkyard Planet, or read an excerpt in Bloomberg BusinessWeek..

Submission + - Red Hat Updates Software, But Not to the Latest Open Source Versions (eweek.com)

Submitted by darthcamaro on Thursday September 12, 2013 @06:50PM

darthcamaro writes: Red Hat Enterprise Linux 6 has now been out for three years, and in that time, Red Hat has not iterated major releases of MySQL or PHP among other key components. Sure they provide backports and security fixes but not new version. That is now starting to change with the release today of Red Hat Software Collections 1.0, but there is still a catch, it's not really the latest and greatest releases. For example, PHP 5.4 instead of the newer PHP 5.5. Why is that?
"For a language/database to be included in Red Hat Software Collections, it must be deemed stable enough for everyday production usage," Mike Guerette, manager, Red Hat Enterprise Linux Developer Relations said.

Of course it's all open source, so you can always just go out and get PHP 5.5 or MySQL 5.6 and run it your own right?

Submission + - Engineers aim to make cleaner-burning cookstoves for developing world (washington.edu)

Submitted by vinces99 on Thursday September 12, 2013 @06:11PM

vinces99 writes: About 3 billion people, or 42 percent of the world’s population, rely on burning materials such as wood, animal dung or coal in stoves for cooking and heating their homes. Often these stoves are crudely designed, and poor ventilation and damp wood can create a smoky, hazardous indoor environment day after day. A recent study in The Lancet estimates that 3.5 million people die each year as a result of indoor air pollution from open fires or rudimentary stoves in their homes. More than 900,000 people die from pneumonia alone, which has been linked to indoor air pollution. University of Washington engineers hope to make a dent in these numbers by designing a cookstove that meets a stringent set of emission and efficiency standards while still being affordable and attractive to families who cook over a flame each day. The team has received a $900,000 grant from the U.S. Department of Energy to design a better cookstove, which researchers say will use half as much fuel and cut emissions by 90 percent.

Submission + - What Do the Latest NSA Leaks Mean for Bitcoin? (vice.com) 1

Submitted by Daniel_Stuckey on Thursday September 12, 2013 @04:00PM

Daniel_Stuckey writes: Last week, we learned that the National Security Agency has led an aggressive effort to “break widely used Internet encryption technologies.” The Office of the Director of National Intelligence claims it “would not be doing its job” if it didn't try to counter the encryption used by terrorists and cyber-criminals. There is speculation that many protocols or crypto implementations have been compromised, deliberately weakened, or have had backdoors inserted. In doing so, the NSA has made the Internet less safe for us all, perhaps including those that wish to take advantage of Bitcoin's privacy benefits.

Bitcoin is an open source cryptocurrency; a peer-to-peer (decentralized) electronic cash system. It's also the most powerful distributed computing project in the world. Those two factors have already brought it under government scrutiny.

Submission + - It's Official: Voyager 1 is an Interstellar Probe (discovery.com)

Submitted by astroengine on Thursday September 12, 2013 @02:06PM

astroengine writes: After a 35-year, 11-billion mile journey, NASA’s Voyager 1 spacecraft left the solar system to become the first human-made object to reach interstellar space, new evidence from a team of scientists shows. “It’s kind of like landing on the moon. It’s a milestone in history. Like all science, it’s exploration. It’s new knowledge,” long-time Voyager scientist Donald Gurnett, with the University of Iowa, told Discovery News. The first signs that the spacecraft had left the solar system's heliopause was a sudden drop in solar particles and a corresponding increase in cosmic rays in 2012, but this evidence alone wasn't conclusive. Through indirect means, scientist analyzing oscillations along the probe's 10-meter (33-foot) antennas were able to deduce that Voyager was traveling through a less dense medium — i.e. interstellar space.

Submission + - Ask Slashdot: Can We Still Trust FIPS?

Submitted by someSnarkyBastard on Thursday September 12, 2013 @01:06PM

someSnarkyBastard writes: It has already been widely reported that the NSA has subverted several major encryption standards but I have not seen any mention of how this affects the FIPS 140-2 standard. Can we still trust these cyphers? They have been cleared for use by the US Government for Top-Secret clearance documents; surely the government wouldn't backdoor itself right?...Right?

"Farming" Amoebas Discovered 49

Posted by samzenpus on Thursday January 20, 2011 @02:41PM from the rise-of-amoeba-agriculture dept.

Researchers from Rice University have found a type of amoeba that practices a sort of "primitive farming behavior." When their bacteria food become scarce, the Dictyostelium discoideum will group together and form a "fruiting body" that will disperse bacteria spores to a new area. From the article: "The behavior falls short of the kind of 'farming' that more advanced animals do; ants, for example, nurture a single fungus species that no longer exists in the wild. But the idea that an amoeba that spends much of its life as a single-celled organism could hold short of consuming a food supply before decamping is an astonishing one. More than just a snack for the journey of dispersal, the idea is that the bacteria that travel with the spores can 'seed' a new bacterial colony, and thus a food source in case the new locale should be lacking in bacteria." It's good to know that even a single celled creature is not immune to the pull of Farmville.

DSL Installation Fail 371

Posted by samzenpus on Wednesday January 19, 2011 @07:39PM from the job-well-done dept.

An anonymous reader writes "Here's an example of fine Qwest workmanship. In our business park, they just installed a DSL connection for our neighbors, for which we share an exterior utility space. They left: a DSL modem stuffed in a cardboard box, wrapped in a Wal-Mart bag, sitting outside in what will be below-zero (F) temps, on top of a bank of ten natural gas meters in some of the driest air of the year. They also left it plugged into an exposed exterior power outlet above a snowbank, with network cables running around the building, through snowbanks, coupled and protected by zip-lock baggies, and into our neighbors office. Not to mention the hack-job of patching the phone cable directly into the demarcation box. And if you're wondering — I was told upon calling them that this is not their problem, and I need to contact my primary phone service provider."

Malicious Online Retailer Ordered Held Without Bail 225

Posted by timothy on Tuesday December 07, 2010 @08:49PM from the fair-enough dept.

Zaphod_85 writes "You may remember the New York Times story from a couple of weeks ago regarding Vitaly Borker, an online retailer intentionally harassing customers in order to gain linking points in Google's PageRank algorithm. Now, not only has Google altered their algorithm in order to prevent this tactic from being effective (Though according to Katherine Noyes at PCWorld, this tactic may never actually have been benefiting the website in the first place), Now Mr. Borker has the Feds to deal with. He is being charged with cyberstalking, wire fraud, mail fraud, and making interstate threats, and faces up to 50 years in prison if convicted on all counts. Given his disturbing behavior that brought about the charges, a federal judge has ordered he be held without bail while he awaits trial."

Slashdot Top Deals