Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Why You Should Care About The Supreme Court Case On Toner Cartridges (consumerist.com)

rmdingler writes: A corporate squabble over printer toner cartridges doesn’t sound particularly glamorous, and the phrase “patent exhaustion” is probably already causing your eyes to glaze over. However, these otherwise boring topics are the crux of a Supreme Court case that will answer a question with far-reaching impact for all consumers: Can a company that sold you something use its patent on that product to control how you choose to use after you buy it?

Here’s the background: Lexmark makes printers. Printers need toner in order to print, and Lexmark also happens to sell toner.

Then there’s Impression Products, a third-party company makes and refills toner cartridges for use in printers, including Lexmark’s.

Submission + - SPAM: Quicken Bill Pay is No Longer Safe to Use 1

Bruce Perens writes: I don't usually make security calls, but when a company makes egregious and really clueless security mistakes, it's often the case that the only way to attract their attention and get the issue fixed is to publicize it. This one is with Quicken Bill Pay, a product of Metavante (not Intuit). It's from personal observation rather than an expert witness case, and the company has been unresponsive through their customer support channel.
Link to Original Source
Social Networks

Reddit To Transform Into a Social Network With New Profile Pages (digitaljournal.com) 130

An anonymous reader quotes a report from Digital Journal: Reddit has announced it has begun trialling a radical new profile page design that's reminiscent of Facebook and Twitter. It will evolve the discussion board site towards being a social network by enabling users to post directly to their new profile page. At present, posts on Reddit have to be directed into a specific sub-Reddit community. You can't simply write a post and have it appear across the network which can make it difficult to get your voice heard. Unless you've got some reputation in a relevant sub-Reddit, your posts may end up going unnoticed. That could soon change. Last night, Reddit announced it's working on a drastic revision of its user profile page experience. The site has commenced testing of an early version of the design. According to a report from Reuters, just three "high-profile" users currently have access to the feature. When the new pages are eventually opened up to all, they'll showcase the user's profile picture and description. Below the header, posts from the user will be publicly displayed. The user will be able to add new posts to their page, without submitting to a sub-Reddit. Users will be able to follow each other to stay informed of new posts, effectively creating a social network atmosphere above the discussion boards.

Comment Abandoning Time-Worn Processes Leads to Atrophy (Score 5, Insightful) 158

Scientists determined that those people who made use of machine washing rather than hand washing had diminished hand strength and neurological motor communication necessary for fine motor control. Seamstresses who bought thread rather than using the spinning jenny were similarly impaired. But worst off were teamsters who used the internal combustion trucks rather than teams of horses and used forklifts and other mechanical devices rather than loading their vehicles by hand. Their overall body strength was much reduced.

Submission + - EFF needs your help to stop Congress dismantling Internet privacy protections! (eff.org)

Peter Eckersley writes: Last year the FCC passed rules forbidding ISPs (both mobile and landline) from using your personal data without your consent for purposes other than providing you Internet access. In other words, the rules prevent ISPs from turning your browsing history into a revenue stream to sell to marketers and advertisers. Unfortunately, members of Congress are scheming to dismantle those protections as early as this week. If they succeed, ISPs would be free to resume selling users' browsing histories, pre-loading phones with spyware, and generally doing all sorts of creepy things to your traffic.

The good news is, we can stop them. We especially need folks in the key states of Alaska, Colorado, Maine, Montana, Nevada, Ohio, and Pennsylvania to call their senators this week and tell them not to kill the FCC's Broadband Privacy Rules.

Together, we can stop Congress from undermining these crucial privacy protections.

Advertising

Google Wants To Create Promotions That Aren't Ads For Its Voice-Controlled Assistant (businessinsider.in) 49

Earlier this month, some Google Home users noticed what appeared to be audio ads for Disney's "Beauty and the Beast" movie. After some intense backlash, the company released a statement claiming that the ad was not an ad, but that it was simply "timely content" that Disney didn't pay for. Google's UK director of agencies, Matt Bush, has since spoken out about the company's plans with advertising via the voice-controlled Assistant. Business Insider reports: Bush explained Google isn't looking to offer brand integrations in voice for the time being, since it didn't have enough data to come up with an ad product that adds value for consumers. "We want businesses to have a phenomenal mobile experience and then building on that have a phenomenal voice experience," Bush told Business Insider at Advertising Week Europe. "That might not be, in the early instances, anything that has to do with commercials at all. It might just be something something that adds value to the consumer without needing to be commercialized." Bush explained that the consumer experience with voice is very different from that of text search because the use cases for voice navigation differ depending on the device the function is used on and the context the user finds themselves in. "We don't want to start putting in commercial opportunities that we think users don't want to interact with," Bush said "We don't want anything to come in-between the user and their access to the information they're actually looking for. If a brand can add value in that space, fantastic." Bush cited mobile search ads as successful executions of using context and personal user insights, but voice promotions are unlikely to take the same form. "It's unlikely to be what you see from search as it currently stands, where you might have three or four ads as the top results of a search," he said.

Comment Re:Granular permissions to apps (Score 4, Informative) 64

Since Android 6 apps install with no/limited permission, the first time it wants your location (or to access your camera, a file etc) a pop-up from the OS asks to grant it.

I like that feature because it allows me to see why the app needs this or that permission.

Submission + - How the Internet Gave Mail-Order Brides the Power (backchannel.com)

mirandakatz writes: For decades, the mail-order bride system in the Philippines went something like this: Western men picked Filipinas out of catalogues, and the women had little to no information about the men they were agreeing to marry. The internet has changed all of that. As Meredith Talusan reports at Backchannel, technology has empowered Filipinas to be choosy about the Western men they pursue—and indeed, when it comes to online dating, they now hold much of the power. As Talusan writes, "in one sense, the leveling of dating power between Filipinas and Westerners is the fulfillment of the global internet’s promise to equalize relations between disparate places and people. Yet even as Filipinas and Westerners face off as equals online, the world of dating exposes the ultimate limitations of the web."

Submission + - SPAM: New hobby of PVS-Studio team: fixing potential vulnerabilities in open source

Andrey_Karpov writes: The topic of vulnerabilities detected in various open source projects is extremely popular nowadays. The news about that can be found on different sites (example: Adobe fixes 8 Security Vulnerabilities in Adobe Flash Player & Shockwave Player). However, it is of no use to discuss these vulnerabilities (CVE) from a programmers' point of view. It is more important to prevent these vulnerabilities at the stage of writing the code, rather than worry that some leak was found again. Therefore, the Common Weakness Enumeration list (CWE) is of greater interest to the developers.

This list (CWE) presents systematized errors that may cause vulnerabilities. There are different factors that influence the fact, if an error turns into a vulnerability or not. In other words, a defect sometimes can be exploited, and sometimes not, depending on luck.

What is significant, is that by eliminating the errors, given in CWE, a programmer protects the code from a great number of potential vulnerabilities in advance. Static analyzers can be great assistants in this case.

PVS-Studio has always been able to detect a large number of various weaknesses (potential vulnerabilities) in the program code. However, historically, we positioned PVS-Studio as a tool to search for errors. As I've already said, there is a trend in the software development to look for vulnerabilities in the code, although it's just the same. We started rebranding of our tool. Common Weakness Enumeration (CWE) was the first thing we looked at and wrote an article where provided a draft of a table, presenting the comparison of PVS-Studio diagnostics and CWE. We also demonstrated a couple of potential vulnerabilities in Apache HTTP Server.

That was not the end. We got interested in fixing potential vulnerabilities in various projects. Moreover, we decided to compile these small actions on making the world a better place, into small weekly reports. The first one covered the defects in C# projects (CoreFX, MSBuild).

The second would be interesting for the community of C and C++ programmers. It is about errors in such projects as FreeBSD, GCC, Clang.

Some may say that nor every project requires testing for the potential vulnerabilities from the CWE point of view. I agree. But it's useful to find bugs and fix them in any case. Plus it demonstrates that PVS-Studio can be used to look for security issues.

Submission + - Critical Cisco Flaw Found Buried in Vault 7 Documents

Trailrunner7 writes: Hundreds of models of Cisco switches are vulnerable to a remote-code execution bug in the company’s IOS software that can be exploited with a simple Telnet command. The vulnerability was uncovered by company researchers in the CIA hacking tool dump known as Vault 7.

The bug is a critical one and an attacker who is able to exploit it would be able to get complete control of a target device. The flaw lies in the Cluster Management Protocol (CMP) that’s used in IOS, and Cisco said it’s caused by the incorrect processing of CMP-specific Telnet options, as well as accepting and processing these commands from any Telnet connection.

“An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device,” the Cisco advisory says.

Submission + - Windows 10 will download some updates even over a metered connection

AmiMoJo writes: Until now Windows 10 has allowed users to avoid downloading updates over metered (pay-per-byte) connections, to avoid racking up huge bills. Some users were setting their ethernet/wifi connections as metered in order to prevent Windows 10 from downloading and installing updates without their permission. In its latest preview version of the OS, Microsoft is now forcing some updates necessary for "smooth operation" to download even on these connections. As well as irritating users who want to control when updates download and install, users of expensive pay-per-byte connections could face massive bills.

Slashdot Top Deals

You can observe a lot just by watching. -- Yogi Berra

Working...