roger_that - Slashdot User

Submission + - Feds Walk Into A Building, Demand Everyone's Fingerprints To Open Phones

Submitted by Anonymous Coward on Monday October 17, 2016 @09:00PM

An anonymous reader writes: Forbes reports that the Department of Justice was issued a search warrant to gather the fingerprints of all the people present at a California residence, including residents and visitors.
The memorandum included "authorization to depress the fingerprints and thumbprints of every person who is located at the SUBJECT PREMISES during the execution of the search and who is reasonably believed by law enforcement to be the user of a fingerprint sensor-enabled device that is located at the SUBJECT PREMISES and falls within the scope of the warrant."

Submission + - KDE Plasma 5.8 LTS Desktop Officially Released

Submitted by prisoninmate on Tuesday October 04, 2016 @08:06AM

prisoninmate writes: KDE will celebrate 20 years of activity on October 14, 2016, and they've just released the first LTS (Long Term Support) version of the KDE Plasma desktop environment. Prominent new features of KDE Plasma 5.8 LTS include support for desktop widgets, a new system-wide search functionality that promises to let users easily search their KDE desktops for everything they want, including apps, music, videos, files, folders, etc., a new tool to get hot new stuff for your KDE Plasma desktop, such as wallpapers, widgets, desktop effects, or window styles, and infinite customization possibilities. Moreover, KDE Plasma 5.8 LTS comes with a unified look for the default Breeze theme so that, no matter what type of application you're using (Qt4, GTK2, GTK3, or Qt5), it will look the same, mobile phone notifications, along with the ability to use your smartphone as a PC remote, transfer files or mute music during calls, all with the new KDE Connect plasmoid. There 's also Right-to-Left (RTL) language support, simplified global shortcuts, improvements to many applets, and much better Wayland support. KDE Plasma 5.8 LTS will receive nine point releases until 2018.

Submission + - Microsoft ends Tuesday patches (helpnetsecurity.com)

Submitted by Anonymous Coward on Thursday September 22, 2016 @10:52AM

An anonymous reader writes: Yesterday was a big day for Patch Tuesday. It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches will be bundled together and users will no longer be able to pick and choose which updates to install. Furthermore, these new ‘monthly update packs’ will be combined, so for instance, the November update will include all the patches from October as well.

Submission + - Malware Counts Word Docs to Evade Detection (threatpost.com) 2

Submitted by msm1267 on Thursday September 22, 2016 @10:20AM

msm1267 writes: A new macro-based malware has been spotted that goes to novel lengths to avoid detection. Once a computer is compromised, the malware will count the number of Word documents stored on the local drive; if it's more than two, the malware executes. Otherwise, it figures it's landed in a virtual environment or is executing in a sandbox and stays dormant.

A typical test environment consists of a fresh Windows computer image loaded into a VM. The OS image usually lacks documents and other telltale signs of real world use.

If no Microsoft Word documents are found, the VBA macro's code execution terminates, shielding the malware from automated analysis and detection. Alternately, if more than two Word documents are found on the targeted system, the macro will download and install the malware payload.

Submission + - U.S. drone case tests rights to air space (yahoo.com)

Submitted by turkeydance on Wednesday September 21, 2016 @07:50PM

turkeydance writes: LONDON/WASHINGTON (Thomson Reuters Foundation) — When a small town American roofer took legal action against a neighbor for shooting down his drone, the local dispute sparked a case that could help shape the newest frontier of property rights law – who owns the air.

Drone owner David Boggs filed a claim for declaratory judgment and damages in the Federal Court after his neighbor William Merideth from Hillview in the southern state of Kentucky blasted his $1,800 drone with a shotgun in July last year.

Boggs argued to the District Court in Kentucky that the action was not justified as the drone was not trespassing nor invading anyone's privacy, while Merideth — who dubs himself the "drone slayer" — said it was over his garden and his daughter.

After a year of counter argument, a decision on which court jurisdiction should hear the complaint is expected within weeks and this could set new precedents for U.S. law.

Comment Re:If only there were a decentralized network (Score 2) 36

by roger_that on Tuesday September 06, 2016 @06:50AM (#52833351) Attached to: 'Catastrophic' DDoS Attack Hits Linode Servers Over Labor Day Weekend

Do you mean something like, say, The Internet?

Submission + - September 19th SpaceX Launch will be visible across California, Nevada. (reddit.com)

Submitted by Bruce Perens on Tuesday August 30, 2016 @12:42PM

Bruce Perens writes: The nighttime launch of a SpaceX Falcon 9 containing Iridium satellites at 9:49 PM PST Monday September 19th from Vandenberg AFB SLC-4 is likely to be visible across California and in some Nevada locations. Although Vandenberg has a landing pad for the Falcon under construction, this will probably be a drone-ship landing and some California observers might see two of the landing burns.

Submission + - An unsecured database leaves off-the-grid energy customers exposed (zdnet.com)

Submitted by Zack Whittaker on Tuesday August 30, 2016 @12:31PM

Zack Whittaker writes: Thousands of remote villagers in Guatemala and South Africa are living off the grid, but their personal information isn't. Chris Vickery, lead security researcher of the MacKeeper security research team, discovered an unprotected database with no password over two months ago . Anyone who knew the database was there could access more than 40 gigabytes of customer data.

The database, run by Guatemala-based energy startup Kingo, has exposed the personal information of more than 18,800 customers, both in its home country and in South Africa.

Este artículo está disponible en español.

Submission + - Fabric fixes itself with help from squid proteins (acs.org)

Submitted by ckwu on Tuesday August 30, 2016 @12:20PM

ckwu writes: Mending ripped clothes could take just a few seconds and some water, thanks to a new self-healing coating based on a squid protein. The protein comes from the teeth ringing the suction cups of squid. When severed, the protein can fuse back together under water. To form the 1-micron-thick coating, researchers dip patches of cotton, linen, and wool into solutions containing a polymer and the squid protein. To mend a tear, they simply sprinkle warm water on the coated fabric and press the torn edges together. The repaired textiles remained just as flexible and strong as they were before the damage. What's more, the researchers can incorporate enzymes into the coating to break down toxins, offering the wearer protection against environmental hazards.

Submission + - Facebook recommended that this psychiatrist's patients friend each other (fusion.net)

Submitted by Presto Vivace on Tuesday August 30, 2016 @12:08PM

Presto Vivace writes: Facebook’s ability to figure out the “people we might know” is sometimes eerie. Many a Facebook user has been creeped out when a one-time Tinder date or an ex-boss from 10 years ago suddenly pops up as a friend recommendation. How does the big blue giant know? ... While some of these incredibly accurate friend suggestions are amusing, others are alarming, such as this story from Lisa*, a psychiatrist who is an infrequent Facebook user, mostly signing in to RSVP for events. Last summer, she noticed that the social network had started recommending her patients as friends—and she had no idea why. ... “I haven’t shared my email or phone contacts with Facebook,” she told me over the phone.

What could possibly go wrong?

Submission + - Google Login Bug Allows Credential Theft

Submitted by Trailrunner7 on Tuesday August 30, 2016 @09:59AM

Trailrunner7 writes: Attackers can add an arbitrary page to the end of a Google login flow that can steal users’ credentials. or alternatively, send users an arbitrary file any time a login form is submitted, due to a bug in the login process.

A researcher in the UK identified the vulnerability recently and notified Google of it, but Google officials said they don’t consider it a security issue. The bug results from the fact that the Google login page will take a specific, weak GET parameter.

Using this bug, an attacker could add an extra step to the end of the login flow that could steal a user’s credentials. For example, the page could mimic an incorrect password dialog and ask the user to re-enter the password. Woods said an attacker also could send an arbitrary file to the target’s browser any time the login form is submitted.

In an email interview, Woods said exploiting the bug is a simple matter.

“Attacker would not need to intercept traffic to exploit – they only need to get the user to click a link that they have crafted to exploit the bug in the continue parameter,” Woods said.

Google told Woods they don't consider this a security issue.

Submission + - Okta May Have Solved the Password Mess—for Your Employer, Not You (backchannel.com)

Submitted by mirandakatz on Tuesday August 30, 2016 @09:48AM

mirandakatz writes: Today, most of us have more passwords than ever, and are increasingly spending time in what writer Scott Rosenberg calls "authentication hell," struggling to remember whether we capitalized the name of our first pet when inputting our security questions. One company says it's making serious headway on solving this problem, and trying to create a definitive single sign-on system. The problem? They're only doing it for your employer, and it might be a long time before individuals are liberated from password purgatory.

Submission + - Proposed 'social media ID, please' law met with anger (computerworld.com)

Submitted by dcblogs on Thursday August 25, 2016 @08:11AM

dcblogs writes: A plan by the U.S. government to require some foreign travelers to provide their social media IDs on key travel documents is being called by critics “ludicrous,” an “all-around bad idea,” “blatant overreach,” “desperate, paranoid heavy-handedness,” “preposterous,” “appalling,” and “un-American." That's just a sampling of the outrage. Some 800 responded to the U.S. request for comments about a proposed rule affecting people traveling from “visa waiver” countries to the U.S., where a visa is not required. This includes most of Europe, Singapore, Chile, Japan, South Korea, Australia and New Zealand. Travelers will be asked to provide their Twitter, Facebook, Instagram, LinkedIn, Google+, and whatever other social ID you can imagine to U.S. authorities. It’s technically an “optional” request, but since it’s the government asking, critics believe travelers will fear consequences if they ignore it. People who are traveling from a country where a visa is required, such as India or China, get a security vetting when they apply for a visa at a U.S. consulate, so this proposal doesn’t apply to them. In a little twist of irony, some critics said U.S. President Obama’s proposal for foreign travelers is so bad, it must have been hatched by Donald Trump.

Submission + - What NASA could teach Tesla about the limits of autopilot (scientificamerican.com)

Submitted by DirkDaring on Thursday August 25, 2016 @07:46AM

DirkDaring writes: Tesla's autopilot along with Uber, Google and others has gotten seemingly weekly attention in the news for cars which drive by themselves. But another rather large organization has already been down this path for a very long time — NASA. They found that the more foolproof the automation’s performance becomes the harder it is for an on-the-loop supervisor (or driver) is to monitor it, which is the opposite of what Tesla is aiming their autopilot to be.

Submission + - Domino's to Deliver Pizza by Drone (roboticstrends.com)

Submitted by Anonymous Coward on Wednesday August 24, 2016 @09:47PM

An anonymous reader writes: Pizza lovers everywhere rejoice. Flirtey and Domino’s are developing pizza delivery drones, successfully demoing the system today in Auckland, New Zealand.

The companies say pizza-by-drone deliveries to customer homes could begin later in 2016 from a select New Zealand Domino’s store. And, yes, the drone delivery system keeps your pizza or breadsticks pipping hot.

Flirtey’s staff help Domino’s workers safely load the delivery drones at the store. The drones then fly at around 200 feet in the air and the customer is notified as the delivery is approaching. The deliveries are then made to customer’s home by safely lowering the package out of the air.

Slashdot Top Deals