samzenpus - Slashdot User

Submission + - Over 650 Tb Of Data Up For Grabs From Publicly Exposed Mongodb Database

Submitted by itwbennett on Wednesday December 16, 2015 @09:47PM

itwbennett writes: A scan performed over the past few days by John Matherly, the creator of the Shodan search engine, has found that there are at least 35,000 publicly accessible and insecure MongoDB databases on the Internet, and their number appears to be growing. Combined they expose 684.8 terabytes of data to potential theft. Matherly originally sounded the alarm about this issue back in July, when he found nearly 30,000 unauthenticated MongoDB instances. He decided to revisit the issue after a security researcher named Chris Vickery recently found information exposed in such databases that was associated with 25 million user accounts from various apps and services, including 13 million users of the controversial OS X optimization program MacKeeper, as reported on Slashdot on Wednesday.

Submission + - Do Tax Breaks for Data Centers Make Sense? Michigan Says Yes (datacenterfrontier.com)

Submitted by 1sockchuck on Wednesday December 16, 2015 @01:40PM

1sockchuck writes: Does it make sense for state to offer tax incentives to lure huge data center projects? After an extended debate, legislators in Michigan have approved tax breaks for a $5 billion data center in Grand Rapids. The project from Switch, which previously built the SuperNAP in Las Vegas, brought the debate into stark relief due to the size of the project — an estimated 2 million square feet of data center space. States competing for projects often find themselves in a bind, since the highly-automated facilities create a limited number of permanent jobs, but many states already offer juicy incentives. Michigan ultimately sought a middle path, tying the tax breaks to job creation goals. If the data center jobs don't materialize, the breaks disappear.

Submission + - The FAA to facilitate American commercial participation in the ESA Moon Village (examiner.com) 1

Submitted by MarkWhittington on Wednesday December 16, 2015 @01:12PM

MarkWhittington writes: While NASA remains fixated on its Journey to Mars, quietly, the FAA is positioning itself as the lead United States Government agency for a return to the moon. According to a story in Space News, “FAA’s Commercial Space Transportation Advisory Committee (COMSTAC) unanimously approved a recommendation that the FAA’s Office of Commercial Space Transportation begin discussions with ESA on ways American companies could participate in what’s known as ‘Moon Village.’” The “Moon Village” is a European concept for an international moon base where various countries and private entities would collocate habitats for mutual support and benefit.

Submission + - LizardSquad Copycats Planning DDoS Attacks on Xbox & PSN for Christmas (softpedia.com) 1

Submitted by Anonymous Coward on Wednesday December 16, 2015 @10:07AM

An anonymous reader writes: Last year, on Christmas, the LizardSquad hacking group took down PSN and Xbox Live for many hours via DDoS attacks. This year, another group, called Phantom Squad, is planning the same thing. The group has been launching small test attacks on PSN, Xbox, Reddit, SWOTR, and other game servers over the past few days.

Submission + - North Carolina town talks back (newsobserver.com)

Submitted by mdsolar on Wednesday December 16, 2015 @09:55AM

mdsolar writes: Usually what happens in Woodland stays in Woodland, a town 115 miles east of Raleigh with one Dollar General store and one restaurant.

But news of the Northampton County hamlet’s moratorium on solar farms blew up on social media over the weekend after a local paper quoted a resident complaining to the Town Council that solar farms would take away sunshine from nearby vegetation. Another resident warned that solar panels would suck up energy from the sun.

As outlandish as those claims seem, town officials say the Internet got it wrong.

Submission + - Dallas Buyers Club case struck down by Federal Court (businessinsider.com.au)

Submitted by thegarbz on Wednesday December 16, 2015 @04:28AM

thegarbz writes: After a previous court ruling covered on Slashdot where Dallas Buyers Club was forced to post a $600,000AU bond and accused of speculative invoicing, it appears they have once again failed to make a case for damages in the Australian Federal Court. After asking for a reduced bond of $60,000AU in exchange for details of only 10% of the original alleged pirates, and after dropping the request for punitive damages, Justice Perram concluded that the damages sought were still unrealistic severely limiting the liability of the alleged pirates if the case manages to go ahead. Dallas Buyers Club now has 60 days to respond before the case is terminated.

Submission + - Developer claims 'PS4 officially jailbroken' (networkworld.com)

Submitted by colinneagle on Monday December 14, 2015 @04:31PM

colinneagle writes: If you have a PS4 and want to run homebrew content, then you might be happy to know developer CTurt claimed, “PS4 is now officially jailbroken.” Over the weekend, CTurt took to Twitter to make the announcement. He did not use a jail vulnerability, he explained in a tweet. Instead, he used a FreeBSD kernel exploit.

Besides posting “an open source PlayStation 4 SDK” on GitHub, CTurt analyzed PS4’s security twice and explained PS4 hacking. CTurt updated the open source PS4 SDK yesterday; he previously explained that Sony’s proprietary Orbis OS is based on FREEBSD. In the past he released the PS4-playground, which included PS4 tools and experiments using the Webkit exploit for PS4 firmware version 1.76. To put that in context, Sony released version 3.0 in September. However, CTurt claimed the hack could be made to work on newer firmware versions.

Other PS4 hackers are reportedly also working on a kernel exploit, yet as Wololo pointed out, it is unlikely there might be more than proof-of-concept videos as the developers continue to tweak the exploit. Otherwise, Sony will do as it has in the past and release a new firmware version. In October 2014, developers nas and Proxima studied the PSVita Webkit exploit, applied it to the PS4, and then released the PS4 proof-of-concept. Shortly thereafter. Sony pushed out new firmware as a patch.

Submission + - Lightbulb DRM: Philips Locks Purchasers Out Of 3rd-Party Bulbs With New Firmware (techdirt.com)

Submitted by sandbagger on Monday December 14, 2015 @04:28PM

sandbagger writes: Purchasers of the Philips Hue "smart" ambient lighting system are finding out that the new firmware pushed out by the manufacturer has cut off access to previously-supported lightbulbs. Welcome to the internet of things!

Submission + - Yahoo burned through $3B on M&A, which are all worthless 1

Submitted by mrspoonsi on Monday December 14, 2015 @04:13PM

mrspoonsi writes: On Monday morning, Eric Jackson, manager of hedge fund SpringOwl, sent a brutal 99-page presentation to Yahoo's board, outlining his case for why the company should drop Marissa Mayer as CEO and find new management. Jackson points out that Yahoo has burned through $3 billion on M&A in the past three years since Mayer took the reins, which contributes to $10 billion in what Jackson calls Yahoo's misallocated capital. The value of all of those startups Yahoo has acquired, Jackson says, is worth nothing at Yahoo's current stock price. Jackson also points out that Yahoo has a history of buying up startups run by former Google APM members. While at Google, Mayer started the company's elite associate product-manager program. Of the 49 acquisitions Yahoo has made under Mayer's leadership, six were startups founded by ex-Googlers. The total cost of these six acquisitions is $319 million, according to Jackson's slide deck. Yahoo bought Polyvore in July for $230 million. Polyvore, a social commerce site that lets users make artistic collages of clothes and accessories...But Jackson does not mince words when it comes to Yahoo's decision to spend shareholder money acquiring Polyvore and companies like it.

"It's not acceptable to pay $230M for zombie companies run by former APM members," he says, pointing out that Polyvore had raised $22 million in VC funding, was 8 years old, and had gone through multiple pivots. For all intents and purposes, it looked like a goner until Yahoo bought it.

Submission + - Leaded Gas, CFCs, and Dangerous Mobility: The Deadly Invention Trifecta (hackaday.com)

Submitted by szczys on Monday December 14, 2015 @12:32PM

szczys writes: Leaded Gas did a great job of keeping engines from knocking thanks to tetraethyl lead. Unfortunately the fumes from the chemical are highly poisonous. R-12 is a refrigerant that revolutionized the cold storage of vaccines. It turned out to be the first of the chlorofluorocarbons which are well known (and no banned) for damaging the environment. Both are the creations of one inventor: Thomas Migley, Jr.

Two deadly inventions seem like more than enough for one person, yet his story ends with a third. Stricken with Polio he invented a system to help him get in and out of bed on his own. A tragic accident ended his life when he was caught and strangled in the system.

Submission + - Tor Hires Former EFF Chief as Executive Director (cio.com)

Submitted by itwbennett on Monday December 14, 2015 @09:59AM

itwbennett writes: Shari Steele, a 20-year veteran of the Electronic Frontier Foundation (EFF), has been hired as executive director of the Tor Project, the widely used anonymity tool that frequently comes up in debates over encryption and privacy. Steele, who started at EFF as a staff attorney, then legal director and eventually executive director, comes on board at a time when Tor has been embroiled in controversy. In November, the organization accused the FBI of paying Carnegie Mellon University $1 million for information on security issues that later facilitated arrests related to online drug markets.

Submission + - Microsoft Open Sources and Forkes Windows Live Writer into Open Live Writer

Submitted by SmartAboutThings on Wednesday December 09, 2015 @07:23PM

SmartAboutThings writes: Windows Live Writer is a blogging tool that Microsoft originally released back in 2006, and it still remains popular today, which has prompted Microsoft to promise that it will make it open source earlier this year. Now the company has officially open-sourced and forked Windows Live Writer into Open Live Writer, having put its repositories on GitHub already.

Submission + - FBI admits it uses stingrays, zero-day exploits (arstechnica.com)

Submitted by Anonymous Coward on Wednesday December 09, 2015 @04:07PM

An anonymous reader writes: The head of the FBI's science and technology division has admitted what no other agency official has acknowledged before—the FBI sometimes exploits zero-day vulnerabilities to catch bad guys.

The admission came in a profile published Tuesday of Amy Hess, the FBI's executive assistant director for science and technology who oversees the bureau's Operational Technology Division. Besides touching on the use of zero-days—that is, attack code that exploits vulnerabilities that remain unpatched, and in most cases are unknown by the company or organization that designs the product—Tuesday's Washington Post article also makes passing mention of another hot-button controversy: the FBI's use of stingrays. As reporter Ellen Nakashima wrote: ...

Submission + - Mauna Kea protests may end astronomy as we know it

Submitted by StartsWithABang on Wednesday December 09, 2015 @01:16PM

StartsWithABang writes: If you want to explore the Universe, you need a telescope with good light gathering power, a high-quality camera to make the most out of each photon, and a superior observing location, complete with dark skies, clear nights, and still, high-altitude air. There are only a few places on Earth that have all of these qualities consistently, and perhaps the best one is atop Mauna Kea on Hawaii. Yet generations of wrongs have occurred to create the great telescope complex that's up there today, and astronomers continue to lease the land for far less than it's worth despite violating the original contract. That's astronomy as we know it so far, and perhaps the Mauna Kea protests signal a long awaited end to that.

Submission + - Top Democratic senator will seek legislation to 'pierce' through encryption (dailydot.com)

Submitted by Patrick O'Neill on Wednesday December 09, 2015 @12:57PM

Patrick O'Neill writes: Sen. Dianne Feinstein (D-Calif.) will seek legislation requiring the ability to "pierce" through encryption to allow American law enforcement to read protected communications with a court order. She told the Senate Judiciary committee on Wednesday that she would seek a bill that would give police armed with a warrant based on probable cause the ability to read encrypted data. "I have concern about a PlayStation that my grandchildren might use," she said, "and a predator getting on the other end, and talking to them, and it's all encrypted. I think there really is reason to have the ability, with a court order, to be able to get into that."

Slashdot Top Deals