Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Submission + - Study Finds U.S. is an Oligarchy, Not a Democracy

An anonymous reader writes: Researchers from Princeton University and Northwestern University have concluded, after extensive analysis of 1,779 policy issues, that the U.S. is in fact an oligarchy and not a democracy. What this means is that, although 'Americans do enjoy many features central to democratic governance', 'majorities of the American public actually have little influence over the policies our government adopts.' Their study (PDF), to be published in Perspectives on Politics, found that 'When the preferences of economic elites and the stands of organized interest groups are controlled for, the preferences of the average American appear to have only a minuscule, near-zero, statistically non-significant impact upon public policy.'

Submission + - PayPal Giving Nonsense Answers about OpenSSL/Heartbleed Vulnerability

Jammerwoch writes: In the process of verifying that my critical accounts had patched their OpenSSL implementation and re-issued their SSL certificate before changing my password, I noticed that PayPal had not addressed issue: not on their blog, in their support pages, or anywhere on my account page. I also noticed that their SSL certificate was issued in February of 2014, before the vulnerability was discovered. So I contacted support to ask if they had addressed the vulnerability. The first response I got was this:

"Your PayPal account details were not exposed at any time in the past and remain secure. You do not need to take any additional action to safeguard your information."

Undaunted, I replied, asking specifically if they were (or had ever) used one of the vulnerable versions of OpenSSL (1.0.1 through 1.0.1f). The response I received was amusing, to say the least:

"I assure you that your password is not compromised. We do not use an Open SSL in our servers. The SSL certificate that we are using is hyper encrypted and beyond the versions of the usual SSL certificate. It is not affected by the ongoing HeartBleed issue."

Well! Now I'm completely reassured, knowign that they don't use "the Open SSL", and that their certificate is "hyper encrypted".


Submission + - EPIC Fail, NASA has NO ISS plan for Russian Nyet (house.gov) 2

Jay Tyler writes: NASA Administrator Mr. Bolden went before Congress. He again played the blame game with comments of "That's not my Job" and "I'm not responsible to the Media". The plain FACT is that NASA has no backup plan to deal with the Russian problem. A problem that was designed by the Administration, and excutated by Mr. Bolden requiring the US to pay 71millon dollars for a taxi seat to the ISS. If the Pirate Putin says Nyet to NASA we are screwed, we have no plan. Before Congress Mr. Bolden, begs, and exhorts, for over a Billon US taxpayer dollars for FY2015 with the HOPE, that one of the Commercial Crew companies might be able to launch astronauts maybe in 2017. Mr. Boldens fix is we have no plan!

Submission + - Yahoo DMARC implementation breaks most mailing lists

pdclarry writes: On April 8 Yahoo implemented a new DMARC policy that essentially bars any Yahoo user from accessing mailing lists hosted anywhere except on Yahoo and Google. While Yahoo is the initiator, it also affects Comcast, ATT, Rogers, SBGlobal and several other ISPs. Internet Engineering Council expert John R. Levine, specialing in email infrastructure and spam filtering claimed in a post “Yahoo breaks every mailing list in the world including the IETF's.” on the Internet Engineering Task Force (IETF) list.

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a two year old proposed standard previously discussed on Slashdot that is intended to curb email abuse, including spoofing an phishing. Unfortunately, as implemented by Yahoo, it claims most mailing list users as collateral damage. Messages posted to mailing lists (including listserv, mailman, majordomo, etc) by Yahoo subscribers are blocked when the list forwards them to other Yahoo (and other participating ISP's) subscribers. List members not using Yahoo or its partners are not affected and will receive posts from Yahoo users. And posts from non-Yahoo users are delivered to Yahoo members. So essentially those suffering the most are Yahoo's (comcast's, att's, etc) own customers. Hacker News has details about why DMARC has this affect on mailing lists. Their best proposed solution is to ban Yahoo email users from mailing lists and encourage them to switch to other ISPs. Unfortunately, it isn't just Yahoo, although they are getting the most attention.

Submission + - Theo De Raadt's Small Rant on OpenSSL (gmane.org) 1

raides writes: Theo De Raadt has been on a better roll as of late. Since his rant about FreeBSD plating catch up (here), he has something to say about OpenSSL. It is worth the 5 second read because it is how a few thousand of us feel about the whole thing and the stupidity that caused this panic. Enjoy

Submission + - The Blender Foundation is looking to make a 90 minute crowd funded movie. (blender.org)

Adam T Wilk writes: The Blender foundation who have made several short animations in the past are looking to build a 90 min movie with help from several animation studios around the world". It needs 500,000 euros to make it happen and as much advertising on the subject as possible. If you interested take look and perhaps give to the cause and see you name in the credits (or even more if you decide to go with the higher monthly payments)

Comment Re:Blender should file a Counter Claim against Son (Score 1) 306

> Sony claimed the Protected Work was *theirs*

That's the problem: Sony didn't claim anything. It was just some pattern matcher whithin the bowels of Google. Oops.

On the Sintel video from the BlenderFoundation account on YouTube:

This video contains content from Sony Pictures Movies & Shows, who has blocked it on copyright grounds.

That is an explicit claim associated with Sony Pictures Movies & Shows. To get that, Sony had to upload content to the YouTube content system saying "I own this content. Anyone matching it is in copyright violation."

Also, the content ID system does not support Creative Commons or similar license usage (can use with attribution, can/cannot monetize the content, etc.) and does not work with collaboration/team events on multiplayer games, podcasts or discussions.

Submission + - Blender Foundation's Sintel video taken down on Youtube for copyright violation (youtube.com) 2

An anonymous reader writes: As if the automated take downs on Youtube weren't already bad enough, today fans of the popular open source 3D software Blender were greeted by a copyright take down notice for their third open movie, Sintel, despite it being released under a creative commons license: "This video contains content from Sony Pictures Movies & Shows, who has blocked it on copyright grounds." It is believed that the take down was a result of Sony Electronics adding Sintel to their official 4k demo pool.

Submission + - UK Government pays Microsoft £5.5M for extended support of Windows XP. (computerweekly.com)

whoever57 writes: The UK Government has signed a contract worth £5.5M (almost $9M) for extended support and security updates for Windows XP for 12 months after April 8. The deal covers XP, Exchange 2003 and Office 2003 for users in central and local government, schools and the National Health Service. The NHS is in need of this deal because it was estimated last September that 85% of the NHS's 800,000 computers were running XP.

Comment Re:Read the summary a couple times (Score 1) 465

Actually, the Norman invasion resulted in Middle English (Chaucer) which incorporated several French words into Old English (e.g. Beowulf, which originated from the Anglo-Saxons migrating from Germany), accompanied with a shift in pronunciation. At the start of the Tudor period, this evolved into Early Modern English and had a more radical shift in the way the vowels were pronounced. This then evolved through Shakespeare and spread throughout the world into the English we know today. Even through Old, Middle, Early Modern and Modern English, pronunciation and dialectal phrases varied from region to region like they do today.

Comment Re:Are programmers really this naive? (Score 1) 465

The developers initially did not agree on the terms of the contract, including that one. Adriel was still in the process of negotiating the contract, so did not sign it before they decided to walk away from the project. This is why she gives more details than e.g. Zoe who did sign the contract.

The person from Pepsi was deliberately provoking the participants to create drama where it was not needed and offending the participants in the process. It would be the equivalent of the producers of MasterChief saying "Do gay people/women make better cooks?" to the contestants in order to provoke a reaction they can capture on camera, rather than the contestants competing on their own merit and capturing the dramas, interactions and comradery that occurs naturally.

It would have been more insightful to see e.g. the teams with women on them working better than the teams which are all men. Or seeing that both teams are equally good/bad, have their own high points and their own low points irrespective of the gender of the people involved.

It was interesting reading about how the YouTubers contributed their graphical skills and voice-over talents. That would have made interesting viewing -- especially seeing how it evolved and how the task delegation/brainstorming worked.

Submission + - AWS admits it scans Android apps to find secret keys (itnews.com.au)

AlbanX writes: Amazon Web Services admitted it decompiles Android apps to find out if its secret keys have been accidentally hard-coded within.

An Android app developer was contacted by AWS and told his credentials had been found within an app he developed. He was asked to remove them and use temporary creds within apps in the future.

Submission + - Western Digital 'MyCloud' Is Down 5 Days & Counting

Nemo the Magnificent writes: A friend of mine bought a Western Digital 'MyCloud' NAS server (non-RAID) a couple of weeks ago. WD implements the cloud service through its wd2go.com site. He reports that that site is down and has been since last Wednesday. No word on when it'll be back up. The only official announcements are daily repeats of this canned posting:

'Our My Cloud and My Book Live users are experiencing intermittent issues with WD servers that enable remote access when using these products. These issues include poor transfer speeds and/or inability to connect remotely. We sincerely apologize for this inconvenience and we are working very hard to resolve these issues and resume normal service as soon as possible. We thank you for your patience and will provide updates as they are available.'

Submission + - Nature Publishing Group Requires Authors to Waive "Moral Rights" to Works (chronicle.com)

cranky_chemist writes: Megan O'Neil has published a story on the Chronicle of Higher Education's website noting some unusual language in the license agreement between authors and Nature Publishing Group.

"Faculty authors who contract to write for the publisher of Nature, Scientific American, and many other journals should know that they could be signing away more than just the economic rights to their work, according to the director of the Office of Copyright and Scholarly Communication at Duke University.

Kevin Smith, the Duke official, said he stumbled across a clause in the Nature Publishing Group’s license agreement last week that states that authors waive or agree not to assert "any and all moral rights they may now or in the future hold" related to their work. In the context of scholarly publishing, "moral rights" include the right of the author always to have his or her name associated with the work and the right to have the integrity of the work protected such that it is not changed in a way that could result in reputational harm."

Nature Publishing Group claims the waivers are required to ensure the journal's ability to publish formal retractions and/or corrections.

However, the story further notes that Nature Publishing Group is requiring authors at institutions with open-access policies to sign waivers that exempt their work from such policies.

Submission + - You Got Your Web Browser In My Compiler (wordpress.com)

jones_supa writes: Microsoft Visual C++ compiler's static-analysis parallelism caused Bruce Dawson's machine to seriously get on its knees, so he rolled up his sleeves and dug deeper to investigate. It turns out that the MSVC++ compiler (cl.exe) causes the full Internet Explorer engine (mshtml.dll) to be loaded every time the static code analysis feature is used. However the actual slowdown isn't created by the weight of the IE engine but by the communication on the windowing system. In fact, about 65% of the traffic on the windowing system lock was from the VC++ compiler, mostly via mshtml.dll. But why? Well, here's what we know. The compiler loads mspft120.dll – the /analyze DLL. Then mspft120 loads msxml6.dll to load an XML configuration file. Then msxml6 loads urlmon.dll to open the stream, and finally urlmon loads mshtml.dll. Then mshtml.dll creates a window, because that’s what it does. If you run many copies of the compiler then you get many windows being opened, and over-subscribed CPUs, and madness ensues. Maybe nobody at Microsoft ever noticed that mshtml.dll was being loaded, or else they didn’t run enough parallel compiles for it to matter.

Slashdot Top Deals

Slowly and surely the unix crept up on the Nintendo user ...