Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Submission + - Lenovo Discovers and Removes Backdoor in Networking Switches (bleepingcomputer.com)

Submitted by Anonymous Coward
An anonymous reader writes: Lenovo engineers have discovered a backdoor in the firmware of RackSwitch and BladeCenter networking switches. The company released firmware updates earlier this week. The Chinese company said it found the backdoor after an internal security audit of firmware for products added to its portfolio following the acquisitions of other companies. Lenovo says the backdoor affects only RackSwitch and BladeCenter switches running ENOS (Enterprise Network Operating System).

The backdoor was added to ENOS in 2004 when ENOS was maintained by Nortel's Blade Server Switch Business Unit (BSSBU). Lenovo claims Nortel appears to have authorized the addition of the backdoor "at the request of a BSSBU OEM customer." In a security advisory regarding this issue, Lenovo refers to the backdoor under the name of "HP backdoor." The backdoor code appears to have remained in the firmware even after Nortel spun BSSBU off in 2006 as BLADE Network Technologies (BNT). The backdoor also remained in the code even after IBM acquired BNT in 2010. Lenovo bought IBM's BNT portfolio in 2014.

Submission + - Chrome Will Start Blocking Ads On February 15

Submitted by Anonymous Coward
An anonymous reader writes: In June, Google revealed that Chrome will stop showing all ads (including those owned or served by Google) on websites that display non-compliant ads "starting in early 2018." Now the company has committed to a date: Chrome's built-in ad-blocker will start working on February 15, 2018. Interestingly, this date does not appear to be tied to a specific Chrome version. Chrome 64 is currently scheduled to arrive on January 23 and Chrome 65 is slated to launch on March 6, suggesting Google will be turning on its browser's ad blocker remotely, and possibly gradually for select users.

Submission + - Inside China's Vast New Experiment in Social Ranking (wired.com)

Submitted by Anonymous Coward
An anonymous reader writes:

In 2014, the State Council, China’s governing cabinet, publicly called for the establishment of a nationwide tracking system to rate the reputations of individuals, businesses, and even government officials. The aim is for every Chinese citizen to be trailed by a file compiling data from public and private sources by 2020, and for those files to be searchable by fingerprints and other biometric characteristics. The State Council calls it a “credit system that covers the whole society.”

For the Chinese Communist Party, social credit is an attempt at a softer, more invisible authoritarianism. The goal is to nudge people toward behaviors ranging from energy conservation to obedience to the Party. Samantha Hoffman, a consultant with the International Institute for Strategic Studies in London who is researching social credit, says that the government wants to preempt instability that might threaten the Party. “That’s why social credit ideally requires both coercive aspects and nicer aspects, like providing social services and solving real problems. It’s all under the same Orwellian umbrella.”

The evil genius behind “social credit” is that it gives the impression of turning users into electronically empowered Big Brothers, when in fact it turns users into willing Winston Smiths.

Submission + - Twitter bans user over death threat, allows same threat from other account (wordpress.com) 1

Submitted by Andy Smith
Andy Smith writes: Twitter's position on censorship is in the spotlight after the far-right group Britain First was banned from using the service. The decision underscored Twitter's inconsistency, as the company took no action against U.S. President Trump who had controversially retweeted Britain First videos.

Twitter's enforcement of its rules needs to improve. Last week a Twitter user angered by the repeal of net neutrality laws posted a death threat against FCC chairman Ajit Pai. The user had two Twitter accounts, and posted the same threat on both accounts. I personally reported both accounts. One was banned, the other wasn't, and the user has continued using it to post death threats.

Submission + - Boeing Phantom Swift Electric Plane to be revealed December 19th (thedrive.com)

Submitted by Templer421
Templer421 writes: The design leverages two large fans buried in the aircraft's fuselage to provide vertical lift and a pair of swiveling wingtip fans for stability and control during hover and for propulsion during forward flight. The idea is to have one or two General Electric CT7-8 turbines produce power to drive all these fans electrically, although an early prototype might not include a full hybrid electric drive system. Boeing says this configuration is far more efficient than a normal helicopter and DARPA's original design goals included hitting speeds beyond 300 knots and carry 4,000lbs. A full size Phantom Swift would be similar in dimensions and weight to a Super King Air.

Submission + - Russia-linked Twitter accounts 'tried to divide UK' after terrorist attacks (theguardian.com)

Submitted by AmiMoJo
AmiMoJo writes: Fake social media accounts linked to Russia were used to influence and interfere with public debate in the aftermath of four terrorist attacks in the UK this year, researchers have found. At least 47 Russian Twitter accounts posted material after attacks at Westminster Bridge, Manchester Arena, London Bridge and Finsbury Park. Of the 47 accounts, eight were especially active, posting at least 475 tweets about the four attacks, which were reposted more than 153,000 times. The accounts intervened on both sides of polarised debates to ramp up the level of discord online, the research found.

Submission + - The Air Force is considering training enlisted airmen to be pilots (businessinsider.com)

Submitted by schwit1
schwit1 writes:

The Air Force has pursued a number of policies to correct that shortage, including quality-of-life improvements, opening positions for retired pilots, and drawing more active-duty pilots from the National Guard and Reserve. The force also has the option to recall retired pilots, but says it will not avail itself of it.

Now it appears the Air Force is considering a step it has long avoided: training enlisted airmen to be combat aviators.

A new six-month pilot-training program will consist of 15 officers and five enlisted airmen, Maj. Gen. Timothy Leahy, chief of the Second Air Force, told his commanders in a November 30 email, seen by Air Force Times.

Currently, the only Air Force personnel eligible to be pilots are commissioned officers, and achieving officer status requires a four-year college degree.

Some pilots have left the service after being “demoted” to piloting drones. UAV duty would be a great place for the Air Force to conduct a trial run for NCO pilots, because it could prove good for retention — and maybe even great for morale. Non-coms would get to do something the independent Air Force has never allowed, and “real” pilots wouldn’t get stuck with UAVs.

Besides, it shouldn’t take a captain or a major to fly a steel shack in the Nevada desert.

Submission + - Secure Apps Exposed to Hacking via Flaws in Underlying Programming Languages (bleepingcomputer.com)

Submitted by Anonymous Coward
An anonymous reader writes: Research presented this week at the Black Hat Europe 2017 security conference has revealed that several popular interpreted programming languages are affected by severe vulnerabilities that expose apps built on these languages to attacks. The author of this research is IOActive Senior Security Consultant Fernando Arnaboldi. The expert says he used an automated software testing technique named fuzzing to identify vulnerabilities in the interpreters of five of today's most popular programming languages: JavaScript, Perl, PHP, Python, and Ruby.

The researcher created his own fuzzing framework named XDiFF that broke down programming languages per each of its core functions and fuzzed each one for abnormalities. His work exposed severe flaws in all five languages, such as a hidden flaw in PHP constant names that can be abused to perform remote code execution, and undocumented Python methods that lead to OS code execution. Arnaboldi argues that attackers can exploit these flaws even in the most secure applications built on top of these programming languages.

Submission + - Gamer Streams Pay-Per-View UFC Fight by Pretending to Play It

Submitted by WheezyJoe
WheezyJoe writes: A Pay-Per-View UFC Match was streamed in its entirety on Twitch and other platforms by a gamer pretending he was "playing" the fight as a game. The gamer, appearing in the corner of the image holding his game controller, made off like he was controlling the action of the "game" when in fact he was re-broadcasting the fight for free.

A tweet showing Lester’s antics went viral, with over 63,000 retweets and 140,000 likes at the time of publication. Another clip shows him reacting wildly yelling “oooooooooooooooh!!!” and “damnnnnnn!” in response to the match.

Submission + - The world's astonishing dependence on fossil fuels hasn't changed in 40 years (qz.com)

Submitted by schwit1
schwit1 writes:

There are few ways to understand why. First, most of the world’s clean-energy sources are used to generate electricity. But electricity forms only 25% of the world’s energy consumption. Second, as the rich world moved towards a cleaner energy mix, much of the poor world was just starting to gain access to modern forms of energy. Inevitably, they chose the cheapest option, which was and remains fossil fuels.

So yes, we’re using much more clean energy than we used to. But the world’s energy demand has grown so steeply that we’re also using a lot more fossil fuels than in the past.

Maybe "Dependence" is a poor description of poor people using the ready availability of cheap energy to help lift themselves out of poverty.

Submission + - Nobel Laureate Joseph Stiglitz stumps for outlawing Bitcoin

Submitted by rmdingler
rmdingler writes: The Bitcoin is drawing harsh criticism from Wall Street investment firms and even a Nobel Laurate, who claims "Bitcoin is successful only because of its potential for circumvention," he told Bloomberg TV. "It doesn't serve any socially useful function."

Submission + - The Guardian newspaper asks readers for support, and it works (archive.is) 1

Submitted by AmiMoJo
AmiMoJo writes: Instead of using tote bags, tickets to live events, or other swag, The Guardian‘s membership program has grown to 800,000 supporters a year and a half after doubling down on its membership initiative. The key? A shift from a commercially focused plea to an emotional, service-based request. Rather than putting up a paywall or heavy advertising, The Guardian simply asks readers to make a contribution to the work they are doing, and it works. Could this be a new model in the post-print, post-advertising world?

Note: Original site seems to be having issues, archive link supplied.

Submission + - Soviet Engineers Dreamed Up The Internet In The 1950s, But Couldn't Get It Built (bbc.com) 2

Submitted by dryriver
dryriver writes: The BBC has an interesting story about how the Soviet Union could have built the first Internet — but didn't. As early as 1959 networking enthusiast Anatoly Kitov, aka "The Internet Colonel" (subtitled documentary about him here: https://www.youtube.com/watch?...) dreamed of a computer network much like today's Internet that would connect thousands of computers all around the Soviet Union. The Soviet Union already had computer networks at the time, but they were military. This new network would be about civilian communication, and making many aspects of the USSR's centrally planned economy run more efficiently due to the ease with which information — economic data in particular — could be sent back and forth between distant cities in Russia. Kitov's proposals went all the way to the top of country, were even taken seriously by trained technologist Leonid Brezhnev, but eventually went nowhere. Inspired by Kitov's efforts, Viktor Glushkov, one of the founders of Cybernetics, pursued the idea of a Soviet Internet from 1960 onward. Glushkov would push the idea of a Soviet internet called OGAS hard for 12 years, again writing proposals to top Soviet officials like Kitov had done before. OGAS was never built for 3 reasons. 1) With the technology available at the time, OGAS would have cost nearly 100 Billion in today's Dollars to build, and required a workforce of up to 300,000 men to put in place. The project was too expensive for the Soviet Union. 2) The Soviet Union ran on relatively inflexible economic plans put together by large bureaucratic institutions. A Soviet Internet — something totally new and unexplored at the time — did not fit into those plans easily. 3) Glushkov, the architect and visionary of the system, died in 1982 aged 58 after battling a long illness. With the visionary pushing the OGAS idea first ill and then deceased, OGAS lost steam and was eventually forgotten.

Submission + - SPAM: Bold Eagles: Angry Birds Are Ripping $80,000 Drones Out of the Sky

Submitted by schwit1
schwit1 writes: Daniel Parfitt thought he’d found the perfect drone for a two-day mapping job in a remote patch of the Australian Outback. The roughly $80,000 machine had a wingspan of 7 feet and resembled a stealth bomber.

There was just one problem. His machine raised the hackles of one prominent local resident: a wedge-tailed eagle.

Swooping down from above, the eagle used its talons to punch a hole in the carbon fiber and Kevlar fuselage of Mr. Parfitt’s drone, which lost control and plummeted to the ground.

“I had 15 minutes to go on my last flight on my last day, and one of these wedge-tailed eagles just dive-bombed the drone and punched it out of the sky,” said Mr. Parfitt, who believed the drone was too big for a bird to damage. “It ended up being a pile of splinters.”
Link to Original Source

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close