Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Submission + - We Are All Intuitive Physicists, Scientists Say (gizmodo.com)

An anonymous reader writes: Human beings are very good at acting on the fly: swerving to avoid an obstacle in the road, ducking to keep from being hit, or reflexively catching a fly ball. We can do this because the brain is constantly running simulations of the physics involved as we scan our environment, according to a new series of brain imaging studies.

Submission + - PGP Short-ID Collision Attacks Continued, Now Targeted Linus Torvalds

An anonymous reader writes: Enrico Zini wrote:

There are currently at least 3 ways to refer to a GPG key: short key ID (last 8 hex digits of fingerprint), long key ID (last 16 hex digits) and full fingerprint. The short key ID used to be popular, and since 5 years it is known that it is computationally easy to generate a GnuPG key with an arbitrary short key id.

LWN.net wrote in June 3, 2016:

Gunnar Wolf urges developers to stop using "short" PGP key IDs as soon as possible. The impetus for the advice originates with Debian's Enrico Zini, who recently found two keys sharing the same short ID in the wild.

After contacted the owner, it turned out that one of the keys is a fake. In addition, labelled same names, emails, and even signatures created by more fake keys. Weeks later, more developers found their fake "mirror" keys on the keyserver, including the PGP Global Directory Verification Key. Gunnar Wolf wrote:

We don't know who is behind this, or what his purpose is. We just know this looks very evil.

Now, a fake key (fake: 0x6211aa3b00411886, real: 0x79be3e4300411886) of Linus Torvalds was found in the wild, scroll the page and you'll two of them. It looked like that every single key from the Linux kernel community have been forged successfully, another example is Greg Kroah-Hartman (fake:0x27365dea6092693e, real: 0x38dbbdc86092693e). LWN reader "rmayr" commented:

so it seems somebody is actually constructing a database of fake keypairs with "well-known" short IDs. Something is going on here...

Submission + - Microsoft Introduces DigiSeniors for the Bill Gates Generation

theodp writes: "Let's talk tech and senior citizens!" begins the Sway presentation for Microsoft's new DigiSeniors program. "390,000+ Chicago residents (14.8%) are at least 60 or older," Microsoft notes, explaining that "older adults face many unique hurdles in adopting new technologies: Physical challenges, learning difficulties, high vulnerability to scams, deceit, and manipulation." And while the age group that Microsoft aims to make Windows 10-savvy includes the likes of Bill Gates, Paul Allen, Steve Ballmer, and Charles Simonyi, Microsoft chose a photo of two centenarians in a hospital room (the relatives of a Microsoft exec) to illustrate what 60+ looks like. No word if the initiative was inspired by Steve Ballmer's loss of $2B of his Microsoft retirement money to a racist businessman.

Submission + - Researchers orbit a muon around an atom, confirm physics models are broken (arstechnica.com)

schwit1 writes: The proton's charge radius shouldn't change, and yet it appears to.

This “proton radius puzzle” suggests there may be something fundamentally wrong with our physics models. And the researchers who discovered it have now moved on to put a muon in orbit around deuterium, a heavier isotope of hydrogen. They confirm that the problem still exists, and there's no way of solving it with existing theories.

Submission + - Microsoft Accidentally Leaks Secure Boot Key (threatpost.com)

KLOP5 writes: Two researchers posted a report under pseudonyms this week revealing how Microsoft inadvertently published a Secure Boot key, now allowing self-signed UEFI updates to be installed on a machine as though they had been signed by Microsoft. The Secure Boot policy was originally created for testing purposes. "It’d be impossible in practise for MS to revoke every bootmgr earlier than a certain point, as they’d break install media, recovery partitions, backups, etc,” the researchers wrote in their report. The key could be used to put low-level firmware inside the UEFI of a computer, and would survive operating system formats and storage hardware changes.

Submission + - DEA regularly mines Americans' travel records to seize millions in cash (usatoday.com)

turp182 writes: FTA:
Federal drug agents regularly mine Americans’ travel information to profile people who might be ferrying money for narcotics traffickers — though they almost never use what they learn to make arrests or build criminal cases.

Instead, that targeting has helped the Drug Enforcement Administration seize a small fortune in cash.

http://www.usatoday.com/story/...

Slashdot Top Deals

"Being against torture ought to be sort of a bipartisan thing." -- Karl Lehenbauer

Working...