LeadSongDog - Slashdot User

Submission + - 36000 SAP Systems Exposed Online, Most Open To Attacks (helpnetsecurity.com)

Submitted by dinscott on Tuesday August 02, 2016 @08:45AM

dinscott writes: ERPScan released the first comprehensive SAP Cybersecurity Threat Report, covering product security, implementation security, and security awareness.

Among the interesting findings is that of the 36,000 services found online, 69 percent should not be exposed directly to the Internet as they are designed for internal use only, have critical vulnerabilities or require additional network filtration. Also, that countries where the highest number of SAP security presentations were delivered are characterized by more secure SAP system installations than countries where researchers did not present their studies — a win for those who preach SAP security.

Submission + - Japan is about to test out plans for a real-life space elevator (sciencealert.com)

Submitted by PeterHolland765 on Tuesday August 02, 2016 @06:31AM

PeterHolland765 writes: The idea of a space elevator to lift us into orbit is one of the oldest concepts in sci-fi, but thanks to the efforts of scientists in Japan, we might soon be seeing this fantastic feat of engineering become a reality at last.

Comment Re:Whining for the sake of whining (Score 1) 675

by LeadSongDog on Monday August 01, 2016 @10:52AM (#52621497) Attached to: The Chip Card Transition In the US Has Been a Disaster

The problem with accepting cash is that you need to find numerate cashiers to count it who will work for an insulting fraction of what they count without skimming any. Even outside the US this is getting to be difficult.

Comment Re:Issues with chip cards (Score 1) 675

by LeadSongDog on Monday August 01, 2016 @10:44AM (#52621425) Attached to: The Chip Card Transition In the US Has Been a Disaster

s/don\'t care too much about stopping fraud so long as they don't actually have to absorb the losses from fraud/love fraud so long as they profit from it/
Fixed that for ya

Comment Most popular products (open class) (Score 1) 367

by LeadSongDog on Thursday July 28, 2016 @05:10PM (#52602439) Attached to: The Most Popular Product Of All Time

Would it be trash bags? Not even close. Sheets of toilet paper? No, too anthropocentric. Ant eggs? No, too terrestrial-centric. Neutrons? No, but getting warmer....

Submission + - eMotorWerks Brings Voice Control to JuiceNet Electric Vehicle Charging Platform (emotorwerks.com)

Submitted by Anonymous Coward on Thursday July 28, 2016 @04:40PM

An anonymous reader writes: eMotorWerks has integrated Alexa into their EV charging stations for free. You can now charge your EV with voice commands through Amazon Exho

Submission + - Blue Origin crash tests space capsule (cnn.com)

Submitted by Seth Decker on Thursday July 28, 2016 @04:24PM

Seth Decker writes:

Submission + - DNC Email Hack Strengthens Case For Paper Ballots (usatoday.com)

Submitted by YIAAL on Thursday July 28, 2016 @09:19AM

YIAAL writes: In USA Today, a writer argues that the DNC hack raises questions about the security of voting machines, as well as computers used to tabulate votes, record voter registries, etc.:
Are paper ballots really a superior technology to voting machines? Absolutely. When you vote electronically, the only data recorded is the vote itself. Compare that to a paper ballot where you mark an "X" next to the candidate’s name. When you cast a paper ballot, all sorts of other information is captured along with your vote: The color of ink you used, individual variations in handwriting, even the condition of the paper you’re writing on. Changing that across large numbers of ballots without being obvious is hard, and requires physical access to the ballots; doing it on a computer is a matter of a few keystrokes, and can be done from Minsk or Shanghai.

What do Slashdot readers think? Is paper a more secure technology than computerized voting?

Submission + - Razormind's DeOS crowdsale raises $1.9m of Bitcoin in first week (ibtimes.co.uk)

Submitted by Anonymous Coward on Wednesday July 27, 2016 @08:22PM

An anonymous reader writes: IBTimes just reported that Razormind is cashing in on the war between hardforked Ethereum and old chain Ethereum Classic.

Originally expected to die within hours — Ethereum Classic has instead gained mainstream adoption among exchanges such as Poloniex, Kraken, and Bitfinex to name but a few and is now traded under ETC.

Just the Friday before the hardfork, Razormind started a crowdsale for DeOS their direct rival to Ethereum, meant to be a publically owned and run global blockchain. They envision it being used to register and verify ownership of property, identity, and to run smart contracts for financial transactions.

The anxiety over the hardfork originates in the downfall of the DAO project. The flagship project of the Ethereum Foundation which recapitalized them after their own crowdfunding ran out; the DAO failed spectacularly when $70 million dollars were lost due to a hack. One industry experts agree was easily preventable by DAO authors Slock.it whose CEO is Stephan Tual — a close personal friend and business partner of Vitalik Buterin.

Accompanying the hack was rather a terse letter from 'the attacker' claiming their action was legal and they would sue if a hardfork occurred. This threat has not materialised to date. This letter was shortly followed by an announcement by Stephan Tual of Slock.it that "
over 70% of the DAO funds are now directly under the control of Slock.it and Ethereum Foundation"

to reassure the community. This had the additional effect of raising the question of how a decentralized, unhackable, secure DAO could suddenly have all it's funds centralized to so few people so quickly.

While Ethereum was vulnerable, and shortly before the much opposed hard fork and throughout it Vitalik Buterin and Consensys were meeting in London with r3cev to perform yet another hard fork of Ethereum to sell a permissioned version strictly for the banks. Approaching the banks could be interpreted as trying to 'cash out' before the situation worsens and before the hard work begins of moving to Proof of Stake within six months for both chains to prevent them becoming obsolete.

Amidst all this Razormind put forward DeOS with very little fuss and almost no publicity. They have let known they are opening offices in London, have vetted at least one exchange to start trading DEOS immediately, are known to be in talks with banks in Canada, and recently announced a 5 million EURO investment into two blockchain banks in Europe.

Submission + - Xen vulnerability allows hackers to escape Qubes OS VM, own the host (dom0)

Submitted by Noryungi on Wednesday July 27, 2016 @03:37PM

Noryungi writes: Qubes OS certainly has an intriguing approach to security, but a newly discovered Xen vulnerability allow a hacker to escape a VM and own the host. If you are running Qubes, make sure you update the dom0 operating system to the latest version.

Submission + - SPAM: Class of Large but Very Dim Galaxies Discovered

Submitted by schwit1 on Wednesday July 27, 2016 @12:17PM

schwit1 writes: Astronomers have now detected and measured a new class of large but very dim galaxy that previously was not expected to exist.
‘Ultradiffuse’ galaxies came to attention only last year, after Pieter van Dokkum of Yale University in New Haven, Connecticut, and Roberto Abraham of the University of Toronto in Canada built an array of sensitive telephoto lenses named Dragonfly. The astronomers and their colleagues observed the Coma galaxy cluster 101 megaparsecs (330 million light years) away and detected 47 faint smudges.

“They can’t be real,” van Dokkum recalls thinking when he first saw the galaxies on his laptop computer. But their distribution in space matched that of the cluster’s other galaxies, indicating that they were true members. Since then, hundreds more of these galaxies have turned up in the Coma cluster and elsewhere.

Ultradiffuse galaxies are large like the Milky Way — which is much bigger than most — but they glow as dimly as mere dwarf galaxies. It’s as though a city as big as London emitted as little light as Kalamazoo, Michigan.

More significantly, they have now found that these dim galaxies can be as big and as massive as the biggest bright galaxies, suggesting that there are a lot more stars and mass hidden out there and unseen than anyone had previously predicted.

Submission + - Analog Devices will acquire Linear Technology (linear.com)

Submitted by edesio on Wednesday July 27, 2016 @10:31AM

edesio writes: NORWOOD, MA and MILPITAS, CA, July 26, 2016 — Analog Devices, Inc. (NASDAQ:
ADI) (“Analog Devices”) and Linear Technology Corporation (NASDAQ: LLTC) (“Linear
Technology”) today announced that they have entered into a definitive agreement
under which Analog Devices will acquire Linear Technology in a cash and stock
transaction that values the combined enterprise at approximately $30 billion(1)
.
Upon completion of the acquisition, Analog Devices will be the premier global
analog technology company with approximately $5 billion in anticipated annual
revenues.

Submission + - NIST Will Ban SMS for Two-Factor Authentication

Submitted by Trailrunner7 on Tuesday July 26, 2016 @10:03AM

Trailrunner7 writes: The move toward two-factor authentication and two-step verification for high-value services has been a positive one for user security, but many of those services use SMS as the channel for the second step in the authentication process, a method that the United States government is preparing to recommend against using.

The National Institute of Standards and Technology has published draft guidance that recommends against companies and government agencies using SMS as the channel for out-of-band verification. Many services that have deployed 2FA or 2SV as part of the authentication process use SMS to deliver short codes that users then enter into an app or site. However, text messaging isn’t considered a secure channel and NIST is now saying that the use of SMS as a channel for out-of-band verification won’t be permitted in future versions of its Digital Authentication Guideline.

Submission + - Bacteria-Inspired Robots To Perform Medical Procedures Inside Human Body (thestack.com)

Submitted by Anonymous Coward on Tuesday July 26, 2016 @09:57AM

An anonymous reader writes: Researchers in Switzerland are collaborating to develop a range of micro-robots which can be introduced into the human body to treat a variety of conditions, delivering drugs and performing minor operations. The scientists hope that the small bots could help reduce the number of operations currently required for certain procedures, such as clearing clogged arteries. The bots are flexible and soft, with no motor, and made using a biocompatible hydrogel and magnetic nanoparticles. An electromagnetic field is applied to orientate the nanoparticles, then a polymerisation process is used to solidify the hydrogel. The scientists were inspired by the bacterium which causes African trypanosomiasis, otherwise known as sleeping sickness. This matter uses a thread-like material called a flagellum to push itself around the body, and hides it away on entering the bloodstream as part of its survival mechanism.

Submission + - Crashing Browsers Remotely via Insecure Search Suggestions (nightwatchcybersecurity.com)

Submitted by Anonymous Coward on Tuesday July 26, 2016 @09:22AM

An anonymous reader writes: Intercepting insecure search suggestion requests from browsers, and returning very large responses leads to browser crashes (but not RCE). Affected browsers are FireFox on the desktop and Android, and Chrome on desktop and Android – other Chromium and FireFox derived browsers maybe affected. Internet Explorer and Safari are not affected. The issue is exploitable remotely, albeit not easily.

Slashdot Top Deals