Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Comment Now this is (Score 2) 28

News for Nerds!

As an amateur radio operator for nearly 50 years, I cannot stand the chit-chat that goes on most frequencies. At least in the US, it's mostly old angry farts.

DX is kinda fun, since hams in other countries are often more constrained on what they can talk about and so it tends to be wham-bam-thank you-ma'am quick convos (QSOs) where it might be amazing to get any comms working. Summits on the Air, Islands on the Air, those are pretty cool, just because it's amazing how HF comms just works (well, sometimes %^).

Digital modes can be really cool too especially EME and other satellite stuff.

Cheers and 73 - Jon N7UV

Submission + - Businesses Secretly Pentest Partners Amid Software Supply Chain Fears (esecurityplanet.com)

Submitted by storagedude
storagedude writes: One casualty of supply chain attacks on the likes of SolarWinds and Kaseya has been trust between businesses and their partners.

Howard Taylor, CISO of Radware, calls it the "death of trust."

“People were shocked to discover that a long-trusted product had been compromised, creating vulnerabilities that bypassed thousands of its customers' carefully built security,” Taylor told eSecurity Planet.

As a result, some are now taking extra precautions such as hiring specialized companies to conduct penetration testing audits on externally facing partner resources. The process may include an in-depth search for IP addresses and ports inside their networks that may be communicating with suspect hosts. In other cases, businesses may go as far as scanning the dark web looking for any leakage of sensitive information from partners.

Some say there is nothing legally wrong with pentesting your business partners. But the mere presence of closet security testers secretly carrying out pentests on partner and customer internet-facing resources could have serious repercussions on relationships if discovered.

“Testing entities run the pentests and present the results to service providers and businesses,” said Taylor. “As they are guilty until proven innocent, they must address all the findings, including a myriad of false positives, that result from conducting tests without the full context of the environment.”

Taylor terms this "shadow compliance." And he says that it poses risks like negative impact on company reputation and lost productivity. Company reputation is not only of interest to current and potential customers, but it’s also important to market analysts, lenders, and insurance companies.

Taylor suggested that businesses should take the advent of potential snooping and testing by their partners as a reason to redouble their own cybersecurity efforts. Continuous monitoring of their cybersecurity posture by an outside entity can lower risk in the long term. Taylor urges businesses to allocate budget to hire a technically competent partner to proactively provide results and assist with the remediation of issues before vendors, supply chain associates, and customers find out and report them to you.

Steve Kerns, president of SKernal Security Consulting, sees legal risks for companies that secretly pentest their business partners. "[I]t could be dangerous to be pentesting other companies without their permission; you could be opening up your company to lawsuits,” he said.

Kerns always obtains permission before pentesting another company.

“I would suggest that companies ask partners and customers if they have had a pentest done on their internet-facing resources and what the results were, who did it (third party or internal) and when it was done,” said Kerns. “If they want to verify it, they should ask for permission first.”

Submission + - Tech Workers Paying to Get Taller (gq.com) 1

Submitted by joshuark
joshuark writes: A Las Vegas surgeon reports tech workers are paying $70K to $150K get surgery to increase their height by 3-inches. The doctor is paid to break their legs...or the femurs and then inserts adjustable metal nails that are slowly tweaked over time.

The doctor jokes that, "I joke that I could open a tech company," Debiparshad told GQ. "I got, like, 20 software engineers doing this procedure right now who are here in Vegas.

A new twist, borrow $70K to $150K from a loan shark in Las Vegas, and they'll break your legs later...

JoshK.

Submission + - U.S. appeals court rejects big tech's right regulate online speech (reuters.com)

Submitted by Hmmmmmm
Hmmmmmm writes: A U.S. appeals court on Friday upheld a Texas law that bars large social media companies from banning or censoring users based on "viewpoint," a setback for technology industry groups that say the measure would turn platforms into bastions of dangerous content.

The largely 2-1 ruling by the 5th U.S. Circuit Court of Appeals, based in New Orleans, sets up the potential for the U.S. Supreme Court to rule on the law, which conservatives and right-wing commentators have said is necessary to prevent "Big Tech" from suppressing their views.

"Today we reject the idea that corporations have a freewheeling First Amendment right to censor what people say," Judge Andrew Oldham, an appointee of former President Donald Trump, wrote in the ruling.

The Texas law was passed by the state's Republican-led legislature and signed by its Republican governor.

The Texas law forbids social media companies with at least 50 million monthly active users from acting to "censor" users based on "viewpoint," and allows either users or the Texas attorney general to sue to enforce the law.

Because the 5th Circuit ruling conflicts with part of a ruling by the 11th Circuit, the aggrieved parties have a stronger case for petitioning the Supreme Court to hear the matter.

In May, the 11th Circuit, based in Atlanta, found that most of a similar Florida law violates the companies' free speech rights and cannot be enforced.

Submission + - SPAM: Significant cybersecurity incident at Uber

Submitted by Hammeh
Hammeh writes: Reported by the verge and confirmed by Uber themselves on Twitter there is an ongoing large scale cyber incident at Uber:

The hacker appears to have made themselves known to Uber’s employees by posting a message on the company’s internal Slack system. “I announce I am a hacker and Uber has suffered a data breach,” screenshots of the message circulating on Twitter read. The claimed hacker then listed confidential company information they said they’d accessed, and posted a hashtag saying that Uber underpays its drivers.

The Slack message from the alleged hacker was so brazen that many Uber employees appear to have initially thought it was a joke, the Washington Post reports. Employee responses to the post included lighthearted emoji like sirens and popcorn, as well as the “it’s happening” GIF. One unnamed Uber employee told Yuga Labs security engineer Sam Curry that staff were interacting with the hacker thinking they were playing a joke.

The hacker claimed to the NYT to be 18 years old, and told The Post that they breached Uber for fun and is considering leaking the company’s source code. In a conversation with cybersecurity researcher Corben Leo, they also claimed to have gained access to Uber’s systems through login credentials obtained from an employee via social engineering, which allowed them to access an internal company VPN. From there, they found PowerShell scripts on Uber’s intranet containing access management credentials that allowed them to allegedly breach Uber’s AWS and G Suite accounts.


Link to Original Source

Submission + - Total submersion of Fukushima nuclear reactor building mulled (asahi.com)

Submitted by AmiMoJo
AmiMoJo writes: A government-authorized corporation said it is considering submerging the No. 3 reactor building at the Fukushima No. 1 nuclear power plant to retrieve melted nuclear fuel debris from the reactor. The Nuclear Damage Compensation and Decommissioning Facilitation Corp. (NDF) said Sept. 3 that the entire reactor building would be enveloped in a steel structure before being engulfed in water, according to the proposal. High radiation levels in the reactor building deny safe human access. The total submersion method, which has no precedent, would help reduce workers' exposure to radiation as water provides an effective shield against it.

Submission + - High School teachers accused in $708,000 cheating scandal (fox13news.com) 1

Submitted by Joe_Dragon
Joe_Dragon writes: HUDSON, Fla. — Three former Pasco County teachers have been arrested and thousands of student agricultural certifications have been invalidated following a multi-year cheating scandal at Hudson High School.

Robert "Rob" Edward Herrington, 38, of Port Richey, Harold "Jim" James Martin III, 47, of Hudson, and Kathleen "Kate" Rebecca Troutman, 31, of Bradford, Arkansas, are accused of masterminding a cheating scandal that put thousands of dollars in their pockets and pumped more than half a million dollars into the agricultural departments at Pasco County schools.

According to FDLE, Agriculture Education Services and Technology (AEST), a subsidiary of the Florida Farm Bureau, which provides certification exams for high school students hoping to work in the agriculture industry, received an anonymous phone call from a former Hudson High School student saying they had cheated on AEST certification exams last April.

Immediately following the accusation, AEST initiated a state-wide audit of its program between July 2018 and April 2021. Before it finished the audit, FDLE Tampa Bay Special Agent in Charge Mark Brutnell says AEST received a second phone call and a text message detailing allegations of cheating by teachers at Hudson High School.

The audit revealed that Hudson High School students took more certification exams than any other school in Florida, their students completed the tests in less than half the time of other students, and they had much higher pass rates, according to FDLE.

In the fall of 2020, Pasco Schools officials noted the higher-than-normal testing activity and pass rate and questioned one of the teachers about it. However, Pasco school officials were unable to prove any misbehavior because the district did not have access to the testing materials and data about test results.
Pasco teachers charged in cheating scandal

Haley Hinds reports.

"It’s important to note that for each completed AEST exam, the scheduling teacher receives a bonus from the Florida Department of Education of either $25 or $50 depending on the exam. In addition, the Florida Department of Education paid Pasco County School District between $400 and $800 for each certification passed to enhance their agriculture program. You should also know that the Pasco County School District purchased AEST exams for Hudson High School over this four-year period at a cost rate of $80,000," Brutnell stated.

Before being allowed to administer the exams, teachers are required to pass them using the same requirements as the students, taking the tests individually, without study guides or test materials and with a proctor present.

Brutnell says when FDLE agents began investigating they found that none of the mandatory requirements were followed.

"Not a single proctor was used in any of these tests," Brutnell said. "Instead, Harold Martin, Kate Troutman and Rob Herrington took the exams together and they used the exams, and I’ll coin it from their own mouth, as ‘study guides’ to be given to their students. These guides were the exact copies of the exams. Students were also allowed to use the ‘study guides’ during their exams. Our investigation has revealed that 284 students took exams using study guides."

READ: Florida student accused of cheating after her second SAT score seemed 'too improved'

The teachers are also accused of recruiting certain students to produce additional "study guides". As students were taking the test, Brutnell says the teachers would photograph the questions and answers with a cell phone. These photographs were then later used to produce and update the "study guides" which were passed around to the students for future tests in the AEST program.
Hudson High School cheating scandal press conference

Watch the FDLE’s full press conference about a cheating scandal that led to the arrest of three former Hudson High School teachers.

He said the teachers also gave students answers during exams and one teacher took the exam for students to ensure a passing grade.

‘If it gets any worse, exceptional student education, ESE students routinely had their exams taken for them. Often, ESE students were not even aware that they were scheduled to take the exam, but, yet, passed the exam."

As a result of this crime, AEST has said it will invalidate more than 1,000 certification exams taken by the students at Hudson High School.

"This was a cheating scandal," Brutnell shared. "Greed and cheating at the most barest level. And the fact that these ESE students were involved in that, really, personally, offends me."

READ: Lori Loughlin released from prison after serving 2 months for role in college admissions scandal

The Pasco County School District says two of the accused teachers resigned, and one has remained on unpaid leave.
Mugshots for Harold Martin III and Robert Herrington, who are accused in a $708,000 cheating scandal in Pasco County. Courtesy: Pasco County Sheriff's Office.

Mugshots for Harold Martin III and Robert Herrington, who are accused in a $708,000 cheating scandal in Pasco County. Courtesy: Pasco County Sheriff's Office. Note: Kathleen Troutman's mugshot was not immediately available.
Expand

"We are extremely disappointed in these teachers who were placed in a position of trust, and repeatedly chose to violate that trust," said Pasco Superintendent of Schools Kurt Browning. "They took advantage of students for personal gain, and that kind of behavior is shocking to teachers everywhere who sacrifice for their students every day."

Pasco County Schools and AEST say they have put in several internal controls to prevent a situation like this from happening again.

"It’s just a shame," Brutnell stated. "I feel bad for the kids who thought they got certification, and now they’re in the field of their dreams and now this could potentially be in question because three individuals wanted to throw some money in their pocket."

The teachers have been charged with organized scheme to defraud.

Arrangements are being made for students to retake their tests for free. Pasco County Schools is also working with the AEST and the Florida Department of Education to pay back that money.

Submission + - Impact of Computer Programming on Primary Mathematics Learning Questioned

Submitted by theodp
theodp writes: A new study on the Impact of Programming on Primary Mathematics Learning (abstract only, full article $24.95 on ScienceDirect) is generating some buzz on Twitter amongst K-12 CS educator types with its conclusions that: 1. Compared to traditional activities, programming did not benefit mathematics learning, 2. A negative though small effect of programming on mathematics learning was found, 3. High-road transfer from programming to mathematics is not self-evident, 4. Visual programming languages might distract students from mathematics activities.

From the Abstract: "The aim of this study is to investigate whether a programming activity might serve as a learning vehicle for mathematics acquisition in grades four and five. For this purpose, the effects of a programming activity, an essential component of computational thinking, were evaluated on learning outcomes of three mathematical notions: Euclidean division (N = 1,880), additive decomposition (N = 1,763) and fractions (N = 644). Classes were randomly assigned to the programming (with Scratch) and control conditions. Multilevel analyses indicate negative effects (effect size range 0.16 to 0.21) of the programming condition for the three mathematical notions. A potential explanation of these results is the difficulties in the transfer of learning from programming to mathematics."

The findings of the new study come 4+ years after preliminary results were released from the $1.5M 2015-2019 NSF-funded study Time4CS, a "partnership between Broward County Public Schools (FL), researchers at the University of Chicago, and [tech-bankrolled] Code.org," which explored whether learning CS using Code.org's CS Fundamentals curriculum may be linked to improved learning in math at the grade 3-5 level. While Time4CS researchers concluded that the 'quasi-experimental' study showed "No significant differences in FSA [Florida State Assessment] mathematics scores resulted between treatment and comparison groups," Code.org cites the study as one of "six different studies [that] show children who study computer science perform better in other subjects," apparently based upon the researchers' observation that "completing a higher percentage of non-grade-level assigned CS lessons was positively associated with FSA mathematics scores" [as opposed to the grade-level assigned CS lessons]. "Extra coding activities was one of the key ingredients for improved student [math] performance," explained Code.org in a 2018 Medium post.

Submission + - 4,000 Google cafeteria workers quietly unionized during the pandemic (washingtonpost.com)

Submitted by SpzToid
SpzToid writes: Google is famous for its cafeterias, which serve its legions of programmers and product managers everything from vegan poke to gourmet tacos — free.

But the cooks and servers behind those meals are generally contractors who work for other companies, and do not get the generous perks and benefits reserved for Google employees. So over the past few years, thousands of them have unionized, securing higher wages, retirement benefits and free platinum health care coverage.

Unite Here, a 300,000-member union hotel and food service workers, has been steadily working to unionize Silicon Valley cafeteria workers since 2018, experiencing the most success at Google. Employed by the contract companies Compass and Guckenheimer, those unionized now make up about 90 percent of total food services workers at Google, according to the union. Workers have unionized at 23 Google offices nationwide, including in Seattle and San Jose.

Now, the union is tackling new territory: the South. On Wednesday, Google workers in Atlanta employed by a different cafeteria company — Sodexo — presented their manager with a list of demands and said they plan to unionize.

Unionizing workers outside of major coastal cities and in the South may be a tougher sell, where union membership is the lowest in the United States and labor laws are generally weaker. Around 6 percent of workers in Georgia are unionized, compared with 18 percent in California and 24 percent in New York, according to the Bureau of Labor Statistics. Although inflation and housing prices have pushed up the cost of living nationwide, prices are still generally lower in the South than in large coastal cities.

On Friday, Sodexo and the union reached an agreement: Should a majority of workers choose to unionize, Sodexo would not try to block it.

“We are hopeful that we can quickly reach an agreement on a union contract that will bring these workers up to the same good standard enjoyed by union food workers at other Google cafeterias nationwide,” said D. Taylor, the president of Unite Here.

Sodexo has many unionized workplaces across the country, said Jane Dollinger, a spokeswoman for the company. “We believe there is a path forward through negotiations to address the differences in wages and benefits.”

Submission + - The Ethereum Merge - here's what to expect (trustswap.com)

Submitted by Ammalgam
Ammalgam writes: What is the Ethereum Merge? Ethereum is a blockchain, that is, a publicly viewable ledger where exchanges of digital coins are recorded.

Transactions on this chain are conducted in Ether.

Thousands of businesses and projects in the experimental world of decentralized finance now use the platform to offer lending, borrowing, and other sophisticated investment options. In addition, many nonfungible tokens — unique digital collectibles known as NFTs — are built on Ethereum.

At its core, the upcoming Merge will be a change to the way Ethereum verifies transactions. Here’s how this works.

Submission + - "Holy grail" homomorphic encryption could transform privacy—so what is it? (fastcompany.com)

Submitted by tedlistens
tedlistens writes: First described in the late ’70s, homomorphic encryption—a method for analyzing encrypted data without ever decrypting it—has only in the past decade begun attracting millions of dollars from venture capital and agencies like the NSA. And it’s still not easy to do. Given the math involved, the process is often slow and storage-intensive, impractical for wide-scale, real-world use. But homomorphic encryption received a jolt of fresh attention last week when a French startup said it had achieved major breakthroughs in FHE to make the process “scalable.” Alex Pasternack at Fast Company looks at what that would mean, and how the technology leverages clever math to promise a new era of privacy.

Comment Good idea (Score 4, Insightful) 166

Given that evaporation is a significant factor in water loss in open canals they should be covered anyway. Heck, open reservoirs should be covered, some improvement on the experiment LADWP did at Van Norman with the plastic balls. https://www.sciencealert.com/h...
Covering with solar panels is fine as well - they're cheap and perhaps the power generated could help offset the cost of pumping the water. Here in AZ we have the massive Central Arizona Project canal which pulls water from the Colorado River and pumps it uphill to PHX, and worst yet, to Tucson. 30' wide, 170 miles long just to get to PHX, that's a lot of surface area in a desert landscape with exceedingly high evaporation rates. Just need to be covered no matter what.

Slashdot Top Deals

Trap full -- please empty.

Close