Become a fan of Slashdot on Facebook


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - GPS Jammed Near the Kremlin (

stevegee58 writes: Russians have been noticing that their GPS doesn't work in Moscow near the Kremlin. Everyone from taxi drivers to Pokemon Go players suddenly notice that they're transported 18 miles away at the airport when they near the Kremlin.
While this may be an annoyance to the public it seems like a reasonable countermeasure to potential terrorist threats. Is it only a matter of time before other vulnerable sites such as the White House or the Capitol in Washington start doing the same?

Submission + - "Most serious" Linux privilege-escalation bug ever is under active exploit (

operator_error writes: Lurking in the kernel for nine years, flaw gives untrusted users unfettered root access.

By Dan Goodin — 10/20/2016

A serious vulnerability that has been present for nine years in virtually all versions of the Linux operating system is under active exploit, according to researchers who are advising users to install a patch as soon as possible.

While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild.

"It's probably the most serious Linux local privilege escalation ever," Dan Rosenberg, a senior researcher at Azimuth Security, told Ars. "The nature of the vulnerability lends itself to extremely reliable exploitation. This vulnerability has been present for nine years, which is an extremely long period of time."

The underlying bug was patched this week by the maintainers of the official Linux kernel. Downstream distributors are in the process of releasing updates that incorporate the fix. Red Hat has classified the vulnerability as "important."

Submission + - Anti-Vaccination Nurses in Australia Face Punishment writes: MedicalExpress reports that nurses and midwives promoting anti-vaccination messages in Australia could face punishment including being slapped with a caution and having their ability to practise medicine restricted. Serious cases could be referred to an industry tribunal, where practitioners could face harsher penalties such as having their registration suspended or cancelled. The Nursing and Midwifery Board of Australia released the vaccination standards in response to what it described as a small number of nurses and midwives promoting anti-vaccination via social media. The statement also urges members of the public to report nurses or midwives promoting anti-vaccination. Promoting false, misleading or deceptive information is an offence under national law and is prosecutable by the Australian Health Practitioner Regulation Agency. “The board will consider whether the nurse or midwife has breached their professional obligations and will treat these matters seriously,” the statement said. However Dr. Hannah Dahlen, a professor of midwifery at the University of Western Sydney and the spokeswoman for the Australian College of Midwives, worries the crackdown may push people with anti-vaccination views further underground. “The worry is the confirmation bias that can occur, because people might say: ‘There you go, this is proof that you can’t even have an alternative opinion.’ It might in fact just give people more fuel for their belief systems.”

Submission + - iPhone 7 Plus Qualcomm LTE Modem Significantly Outperforms Intel LTE Modem (

An anonymous reader writes: With the iPhone 7 and the iPhone 7 Plus, Apple elected to use LTE modems from two different sources, Qualcomm and Intel. The A1778 and A1784 iPhone models use a GSM-only Intel XMM7360 modem while the A1660 and 1661 iPhone models use a GSM/CDMA-compatible Qualcomm MDM9645M modem. Apple's decision has already caused some disappointment among customers because the GSM-only Intel modem is not compatible with as many carrier networks as the GSM/CDMA Qualcomm modem, and now independent testing conducted by Cellular Insights suggests there are some significant performance differences between the two modems, with the Qualcomm modem outperforming the Intel modem. Using an RS TS7124 RF Shielded Box, two RS CMW500, one RS CMWC controller, and four Vivaldi antennas, Cellular Insights created a setup to simulate LTE performance at different distances from a cellular tower using two iPhone 7 Plus devices, one with an Intel modem and one with a Qualcomm modem. The goal of the test was to measure the highest achievable LTE throughput starting at a Reference Signal Received Quality of -85dBm (a strong signal) and gradually reducing the power level to simulate moving away from a cellular tower where signal is weaker. Three LTE bands were tested: Band 12, Band 4 (the most common band in North America), and Band 7. In all three tests, both the iPhone 7 Plus models offered similar performance in ideal conditions, but as power levels decreased, Cellular Insights saw "unexplainable sharp dips in performance" in the Intel modem, finding a gap "north of 30%" in favor of the Qualcomm iPhone 7 Plus. In the charts, the Qualcomm modem maintains noticeably higher throughput speeds than the Intel modem as signal strength decreases. According to Cellular Insights, in every single test, the iPhone 7 Plus with a Qualcomm modem "had a significant performance edge" over the iPhone 7 Plus with an Intel modem.

Submission + - Ask Slashdot: Secure methods for baby monitoring

Szeraax writes: Big time nerd, first time father (well, first and second since I just had twins!). Ideally, I can track temperature and heart rate of my new family members without causing a security nightmare on my home network. I see lots of arm bands from China that claim security, but even their documentation pictures are pure chinese screen shots. That makes me immediately leary of the device. I can use a private WLAN on my router for the devices if needed. I can connect via bluetooth on phone or computer. Is my best bet to check vitals manually and plot results in LibreOffice calc? Are there monitoring devices that totally avoid the cloud rush of today? Should I just not even waste my time with the data?

Slashdot, what advice do you have for me?

Submission + - First New US Nuclear Reactor In 20 Years Goes Live (

An anonymous reader writes: The Tennessee Valley Authority is celebrating an event 43 years in the making: the completion of the Watts Bar Nuclear Plant. In 1973, the TVA, one of the nation's largest public power providers, began building two reactors that combined promised to generate enough power to light up 1.3 million homes. The first reactor, delayed by design flaws, eventually went live in 1996. Now, after billions of dollars in budget overruns, the second reactor has finally started sending power to homes and businesses. Standing in front of both reactors Wednesday, TVA President Bill Johnson said Watts Bar 2, the first US reactor to enter commercial operation in 20 years, would offer clean, cheap and reliable energy to residents of several southern states for at least another generation. Before Watts Bar 2, the last time an American reactor had fired up was in 1996. It was Watts Bar 1--and according to the Atlanta Journal-Constitution, it cost $6.8 billion, far greater than the original price tag at $370 million. In the 2000s, some American power companies, faced with growing environmental regulations, eyed nuclear power again as a top alternative to fossil fuels such as coal and oil. A handful of companies, taking advantage of federal loan guarantees from the Bush administration, revived nuclear reactor proposals in a period now known as the so-called "nuclear renaissance." Eventually, nuclear regulators started to green light new reactors, including ones in Georgia and South Carolina. In 2007, the TVA resumed construction on Watts Bar 2, according to the International Atomic Energy Agency. The TVA originally said it would take five years to complete. The TVA, which today serves seven different southern states, relies on nuclear power to light up approximately 4.5 million homes. Watts Bar 2, the company's seventh operating reactor, reaffirms its commitment to nukes for at least four more decades, Johnson said Wednesday. In the end, TVA required more than five years to build the project. The final cost, far exceeding its initial budget, stood at $4.7 billion.

Submission + - KickassTorrents Lawyer: 'Torrent Sites Do Not Violate Criminal Copyright Laws' (

An anonymous reader writes: Lawyers representing Artem Vaulin have filed their formal legal response to prosecutors’ allegations of conspiracy to commit criminal copyright infringement, among other charges. Vaulin is the alleged head of KickassTorrents (KAT). KAT was the world’s largest BitTorrent distribution site before it was shuttered by authorities earlier this year. Vaulin was arrested in Poland, where he now awaits extradition to the United States. “Vaulin is charged with running today’s most visited illegal file-sharing website, responsible for unlawfully distributing well over $1 billion of copyrighted materials,” Assistant Attorney General Leslie Caldwell said in a July 2016 statement. The defense’s new 22-page court filing largely relies on the argument that there is no such thing as secondary criminal copyright infringement. While secondary copyright infringement as a matter of civil liability was upheld by the Supreme Court in MGM v. Grokster in 2005, Vaulin and his associates have been charged criminally. “The fundamental flaw in the government’s untenable theory of prosecution is that there is no copyright protection for such torrent file instructions and addresses,” [the brief's author, Ira Rothken,] argued in his Monday motion to dismiss the charges against Vaulin. “Therefore, given the lack of direct willful copyright infringement, torrent sites do not violate criminal copyright laws.” “The extradition procedures have formally been started by the US in Poland,” Rothken told Ars. “We are in a submissions or briefing period, and our Polish team is opposing extradition.” Rothken also said that he has yet to be allowed to meet or speak directly with his client. For now, Rothken has been required to communicate via his Polish counterpart, Alek Kowzan. “Maybe they are afraid that Artem's extradition defense will be enhanced if American lawyers can assist in defending against the US extradition,” Rothken added. No hearings before US District Judge John Z. Lee have been set.

Submission + - ICANN recommends TLDs like .txt -- and .exe ( 1

fyngyrz writes: ICANN says, in part:

Given preliminary feedback that there is not a technical need to prevent file extensions as TLDs, as well as the lack of an authoritative source of common file extensions to draw from, staff determined that it is not workable to prevent common file extensions from being used as TLDs.

To summarize, it is the recommendation of the ICANN technical staff to allow applications for TLD strings that may also be commonly used for file extensions.

But will ICANN approve such applications? If so, we can all look forward to opportunities to click on...


Submission + - Google interview process big turn off for experienced engineers (

mysterious_mark writes: There's an article in the Business Insider discussing how the interview process at Google is really just geared for recent CS grads, and makes no sense for experienced engineers. Apparently the only criteria to work at Google is one's ability to do white board code problems, actual engineering experience counts for nothing. This may explain why the average engineer at Google is under 30, the problem is partly due to age discrimination, and also because older and more experienced engineers simply don't want to deal with the interview process.

Comment Irony at its finest! (Score 1) 216

So, let me get this straight. When Apple sues Samsung over the "rounded corners" look and feel thing (stupid as that is/was) they were telling the courts it was all bogus; fair use, an abuse of the system, etc., etc. Now that they are abusing the system to suppress what is an obvious fair use parody - and as such should be protected anyway - of their phone's appearance, that's all fine and dandy? Maybe the Note 7 isn't the only thing at Samsung overheating at the moment...

Submission + - All Tesla Vehicles Being Produced Now Have Full Self-Driving Hardware (

An anonymous reader writes: All current Tesla models that will be produced in its Fremont, California factory will come with self-driving hardware built-in capable of Level 5 autonomy, including the upcoming Tesla Model 3, the company announced tonight. According to the announcement, Tesla will manufacture all of its cars with the hardware necessary for Level 5 self-driving systems going forward, including the Model S, Model X and new Model 3. At the introduction of the Model 3, it wasn’t clear whether or not every Model 3 package would come standard with the hardware and software to handle Autopilot and any other self-driving features. That’s been cleared up now, but there’s a kicker. Just like on current Model S and Model X models, you can purchase the cars with the self-driving hardware included. But, in order to activate the software and actually use the Autopilot or upcoming advanced self-driving safety features, you will have to option it when you order the car, or pay more for it later. Elon Musk stated that the new hardware in all of Tesla’s cars going forward are Tesla’s own vision software, with a Tesla-developed neural net. The new hardware and software capabilities still need to undergo all of the testing required by Tesla’s own standards, as well as government approval before unleashing Level 5 autonomous cars onto the streets.

Submission + - Researchers Bypass ASLR Protection on Intel Haswell CPUs (

An anonymous reader writes: A team of scientists from two US universities has devised a method of bypassing ASLR (Address Space Layout Randomization) protection by taking advantage of the BTB (Branch Target Buffer), a component included in many modern CPU architectures.

The researchers discovered that by blasting the BTB with random data, they could run a successful collision attack that reveals the memory locations where apps execute code in the computer's memory, the very thing that ASLR protection was meant to hide.

While during their tests they used a Linux PC with a Intel Haswell CPU, researchers said the attack can be ported to other CPU architectures and operating systems where ASLR is deployed, such as Android, iOS, macOS, and Windows.

From start to finish, the collision attack only takes 60 milliseconds, meaning it can be embedded with malware or any other digital forensics tool and run without needing hours of intense CPU processing.

Submission + - Soros-linked corporation supplies voting machines to 16 States (

mi writes: Remember, how suspicious (and wrong!) it was for Diebold, whose management openly supported Bush, to be supplying voting machines? We even discussed it here over the years...

Well, a Soros-linked company from the UK is supplying 16 States with voting hardware this year. Will there be a comparable amount of suspicion?

Slashdot Top Deals

Your program is sick! Shoot it and put it out of its memory.