Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Submission + - Mars Exploration Rover - Opportunity - 13th Anniversary

Submitted by cusco
cusco writes: January 25, 2004 the second Mars Exploration Rover landed on the Red Planet. Opportunity completed its 90-day mission without any major issues, and NASA requested funding for a mission extension. The mission has since been extended over a dozen times, and today marks the beginning of the 13th year of it's '90-day' mission. http://www.jpl.nasa.gov/missio...

The solar panels provide a maximum of 140 watts of power. The computer has 128 mb of RAM. Each of the six wheels has its own motor, and four of them are steerable. It landed wrapped in air bags and bounced 26 times before coming to a rest in Eagle Crater, within 25 kilometers of its initial target area. Designed to travel less than 100 meters a day, Opportunity has driven over 43 kilometers and returned over 200,000 photographs. It's currently on the rim of Endeavor Crater, traveling towards a water-cut gully a kilometer away. http://mars.nasa.gov/mer/missi...

Opportunity is now officially a teenager! Happy Birthday! http://www.jpl.nasa.gov/video/...

Comment Re:And people who back up to a network share, or r (Score 1) 236

I created a backup / warm spare system based on read-only rsync pull to a remote server that keeps several de-duplicated copies, and makes each backup bootable as a VM. I called it Clonebox.

Do you have a HOWTO or similar? I want to set up something like this with a new server (best practices from the start, so I hope)

Comment Re:They are totally different stories (Score 1) 430

by anybody_out_there (#53281825) Attached to: Is Technology A Bigger Story Than Donald Trump?

I would just question the underlying assumption that improvements in communities will always makes our lives better. That's traditionally been that case in the past, but it doesn't necessarily follow that it will always be the case in the future. We could be reaching a point of either diminishing returns or even a point when communities actually could have a detrimental effect on our lives.

The city is a good example. It's improved our lives in many ways, but it's also created a whole new class of problems, headaches, and population overload. Are we really quantifiably happier today than we were 100 years ago? Well, we certainly have much easier access to many more jobs and benefit from its conveniences. But has it made our overall lives that much BETTER?

Now, get off of my lawn :-)

Submission + - Could Less Gassy Livestock Be a Cash Cow? (bloomberg.com)

Submitted by schwit1
schwit1 writes: The hamburgers and cheese that come from U.S. cattle may be favorite fare at many summer cookouts, but the methane the same cows produce is significantly less appetizing.

That's especially the case for sustainable investors looking for a low-emission place to park their cash. "Enteric fermentation," or livestock's digestive process, accounts for 22 percent of all U.S. methane emissions, and the manure they produce makes up 8 percent more, according to the U.S. Environmental Protection Agency.

Adding some Beano to their diet won't cut it?

Submission + - 10 Year-Old Teaches Hackers a Valuable Lesson In Privacy (csoonline.com)

Submitted by itwbennett
itwbennett writes: At r00tz Asylum, a kids-only gathering at DEF CON, 10-year-old Evan Robertson presented his first-place winning school science fair project, which showed how quickly people will hand over their privacy for a little free Wi-Fi. Robertson set up a Wi-Fi hotspot with terms-of-service that would allow him to access or modify connecting devices 'in any way.' In his science fair experiment, 76 people at local malls and stores connected to his hotspot, and 40 of them (52%) accepted the TOS to gain access. And, proving that security pros aren't all quite as privacy-minded as you might expect them to be, Robertson later set up his hotspot at BSides San Antonio, where 41 people connected to his hotspot, and 20 of them accepted the TOS.

Submission + - Banks still not sanitizing user input.

Submitted by BarbaraHudson
BarbaraHudson writes: Recently I tried once again to use my bank's mobile app. I had deleted it a couple of times in the past because I could never get it to work. The bank had all sorts of excuses — "Maybe your card hasn't been activated for online banking", "You need to download the latest version", "We'll need to reset your password", "We'll issue you a new card", etc. New card, password reset both did nothing.

Turns out that entering the card number as shown on the card will never work. The card format is 9999 9999 9999 9999 (spaces between each group of 4 digits). They failed Rule 00; sanitize input.

Entering the number in that format will always fail. In this case they failed to remove spaces before testing whether the card number was valid. The android code to remove the embedded spaces is pretty generic one-liner:

String cardNo = edittext.getText().toString().replace(" ", "");

Looking at the online forums, others have had the same problem for the app's entire existence.

Having figured that out, I was immediately locked out for "too many failures to answer the security question". Of course, it never presented a security question, because the bozo who wrote the program incremented some "bad answer" counter on every login attempt, even if they never got to the point of seeing a security question. It also locks you out of using web banking on the same account..

Locking someone out of their account is now easy as pie, because it also works if the user enters their name instead of their card number. (If you have 5 John Smiths, you'll lock them all out, since access is granted based on both the user name and password matching if the account number isn't entered). Just load up an android app for the bank (I won't disclose which bank until 45 days have passed since notifying them today), enter their name and a bogus password a few times, and every John Smith is locked out. And of course, if the so-called developers are failing to do such basic input sanitation, it makes me pretty sure there are other intern-level programmer bugs are awaiting exploitation elsewhere.

Adding frustration is that they cannot do a password reset over the phone unless you have already signed up for telephone banking. Now why would anyone sign up for telephone banking when an app or the web is supposed to be more convenient? The excuse I was given is that they need it to establish my identity. So why not just text me an sms or email code that I can enter when requesting a password reset?

Lets hope other banks didn't use the same app geniuses.

Submission + - Elio Motors Locks-in $7300 Base Price For Their Ultra-Efficient 3-Wheel Car (fortune.com)

Submitted by slinches
slinches writes: Elio Motors has locked in the base price of $7300 for non-refundable reservation holders for their 84mpg 3-wheel "autocycle". Reservations can be made for as little as $100 or as much as $1000 with higher values getting priority delivery when they go into production. The price is above the $6800 target that had been quoted for the last few years, but those who are willing to make a binding commitment to purchase a vehicle can sign an additional online form to knock their price back down to $7000. The locked-in prices will be available until they reach a total of 65,000 reservations (~57,000 have been made to date).

The startup car company is attempting to disrupt the auto industry by producing an efficient, affordable vehicle similar to what VW did with the $1699 Beetle in 1968, but at an even more affordable price (the Beetle cost $11,768 in 2016 dollars)

The vehicle itself, while technically a motorcycle under federal law, is controlled like a car with a steering wheel and pedals. Most states have enacted legislation exempting such vehicles from the extra license endorsements or helmet requirements that motorcycles and trikes normally need. Standard features of the base model include an enclosed cabin with A/C, heat, cruise control and power windows & door lock.

Submission + - Visual Studio 2015 c++ compiler secretly inserts telemetry code into binaries (infoq.com) 4

Submitted by edxwelch
edxwelch writes: Reddit user "sammiesdog" discovered recently that the Visual Studio 2015 c++ compiler was inserting calls to a Microsoft telemetery function into binaries.
"I compiled a simple program with only main(). When looking at the compiled binary in Ida, I see a calls for telemetry_main_invoke_trigger and telemetry_main_return_trigger. I can not find documentation for these calls, either on the web or in the options page."
Only after the discovery did Steve Carroll, the dev manager for Visual C++, admit to the feature and posted a work around. The "feature" is to be removed in Update 3 of the product.

Submission + - Killing two Schrödinger's cats with one stone... (yale.edu)

Submitted by slew
slew writes: If it wasn't enough that inside a box, you can have a half alive, half dead cat, apparently you can split a quantum mechanical "cat" into two boxes and through the wonders of quantum entanglement, you might be able kill two cats with one stone...

Okay, they didn't use real cats, or boxes (just a microwaves in a resonator cavity), but they performed an actual experiment, not just a thought experiment.

Apparently, this entertaining research might have some actual practical uses for circuit quantum electrodynamics (cQED) in some sort of boring (yawn) quantum computer error correction capacity, someday... But I'm still waiting for the real cat experiment...

Submission + - Schneier: security claims are unfalsifiable (schneier.com)

Submitted by Anonymous Coward
An anonymous reader writes: "While the claim that countermeasures are sufficient is always subject to correction, the claim that they are necessary is not. Thus, the response to new information can only be to ratchet upward: newly observed or speculated attack capabilities can argue a countermeasure in, but no possible observation argues one out."

As a consequence "Once we go wrong we stay wrong and errors accumulate, and we have no systematic way to rank or prioritize measures."

Original paper: http://research.microsoft.com/...

Submission + - When DNA Implicates the Innocent (scientificamerican.com)

Submitted by schwit1
schwit1 writes: The criminal justice system’s reliance on DNA evidence, often treated as infallible, carries significant risks.

In December 2012 a homeless man named Lukis Anderson was charged with the murder of Raveesh Kumra, a Silicon Valley multimillionaire, based on DNA evidence. The charge carried a possible death sentence. But Anderson was not guilty. He had a rock-solid alibi: drunk and nearly comatose, Anderson had been hospitalized—and under constant medical supervision—the night of the murder in November. Later his legal team learned his DNA made its way to the crime scene by way of the paramedics who had arrived at Kumra's residence. They had treated Anderson earlier on the same day—inadvertently “planting” the evidence at the crime scene more than three hours later. The case, presented in February at the annual American Academy of Forensic Sciences meeting in Las Vegas, provides one of the few definitive examples of a DNA transfer implicating an innocent person and illustrates a growing opinion that the criminal justice system's reliance on DNA evidence, often treated as infallible, actually carries significant risks.

Slashdot Top Deals

You knew the job was dangerous when you took it, Fred. -- Superchicken

Close