Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

LastPass Bugs Allow Malicious Websites To Steal Passwords ( 126

Earlier this month, a Slashdot reader asked fellow Slashdotters what they recommended regarding the use of password managers. In their post, they voiced their uncertainty with password managers as they have been hacked in the past, citing an incident in early 2016 where LastPass was hacked due to a bug that allowed users to extract passwords stored in the autofill feature. Flash forward to present time and we now have news that three separate bugs "would have allowed a third-party to extract passwords from users visiting a malicious website." An anonymous Slashdot reader writes via BleepingComputer: LastPass patched three bugs that affected the Chrome and Firefox browser extensions, which if exploited, would have allowed a third-party to extract passwords from users visiting a malicious website. All bugs were reported by Google security researcher Tavis Ormandy, and all allowed the theft of user credentials, one bug affecting the LastPass Chrome extension, while two impacted the LastPass Firefox extension [1, 2]. The exploitation vector was malicious JavaScript code that could be very well hidden in any online website, owned by the attacker or via a compromised legitimate site.

Comment The classic blunder... (Score 1) 406

If Ivey and his associate hadn't won SO MUCH in such a short time, and instead had a strategy of losing back some of the winnings (or not using their tactic to win quite as much), they might have actually gotten away with this. It's always suspicious when someone goes on a hot run, especially when it is over multiple visits. I've met Ivey (from my poker days), he's clearly a really talented guy - but he's also a degenerate gambler, and his greed did him in.

Comment So much hate (Score 5, Interesting) 330

I didn't want one either. So much so that when my wife surprised me with an Apple watch for Christmas last year, I could hardly hide my disappointment. Thinking "I really didn't *want* one of these"...

But having used a smart watch for a while now, I absolutely love it. Why?

1. The haptic feedback. I run my phone on silent 24/7, which meant that I was constantly having to double-check that I didn't miss a message while walking around. There's no missing or mistaking the prominent tap from the watch so this problem is solved. No more missed messages and no more randomly checking my phone.
2. The weather. I wouldn't have predicted this one, but having the current weather conditions plus the day's high/low temps on the watch face is super useful. I probably look at my watch for the weather conditions almost as often as I look at it for the time.
3. The general freedom of not needing my phone in my hand. In lots of small ways throughout the day, a well-functioning smart watch is another one of those "living in the future" joys. Sending messages by voice without even pulling out your phone, pausing/resuming podcasts while mowing the lawn, getting haptic navigation directions while having an uninterrupted conversation... a good smart watch is clearly a step forward.

As a former skeptic turned believer, it's a shame to see so many people dumping on these devices without having the chance to really see what they offer.

Comment Re:Real people just don't like dealing with Hipste (Score 3, Insightful) 371

Sorry, I only take comments like this seriously when written by someone with an actual user account, instead of an AC. Then they're being "professional" and standing by their words. In all seriousness, I have experienced virtually no hipsterism in engineering culture over the course of 2 decades in the industry. Those that were about style over substance usually didn't even make it through getting their engineering degree. If you look at computer languages through the lens of "C++ is a proven technology" then you're ignoring other advances that make other solutions more appropriate. This comes from a place of not-understanding, rather than something being objectively better for any task. I started as a C++ developer for the first half of my career, and while I still occasionally maintain some older C++ software, most innovative work is done in modern languages now. Also, have you ever heard of a buffer overflow? There are lots of good reasons not to write certain things in C++, one of them being that it's easy to make a mistake and create a security nightmare. You might have heard of this when watching "business news".

Comment Re:Twitch is not exactly a money maker (Score 4, Informative) 142

A couple things:

- As someone else mentioned, Twitch Turbo users simply removes adds for the viewer, but does NOT affect the channel operator's ad revenue. Users get the "Turbo" icon in chat
- Channel subscribers get access to subscriber emotes in chat (usable across all of Twitch) in addition to the subscriber icon for that channel, and sub-only chat (if applicable - generally only streamers that have very high simultaneous viewers enable this, to keep chat usable for subscribers).
- "Transcodes", i.e. quality options of low/medium/high in addition to "Source", can become available when a channel reaches a certain threshold of simultaneous viewers. While having partnership can mean the streamer always has them, it is NOT required for transcodes to become available.

Comment Re:Anandtech Fucked Up (Score 4, Insightful) 183

If they tested all the cards in the same case, then they did nothing wrong in their testing. Maybe it wouldn't be 57dB for the 290 in another PC case, but it would be lower for all the other cards too. Perhaps it wouldn't necessarily be a linear drop across all the cards, but you can't simply say their choice of case invalidates their findings that this card is REALLY loud compared to other cards. Plenty of people will own cases with "horrible acoustic profile[s]".

Comment Re:Desktops becoming more relevant, mobile is a ni (Score 1) 249

You wrote all those paragraphs without sufficiently addressing tablets, e.g. IPad, which has far more in common with "mobile platforms" than desktops (at least, Apple's does, though Windows 8 is a different beast, time will tell).
Needless to say, there's a convergence appearing, and the distinction between desktop and mobile may virtually disappear in time. Your efficiency arguments make logical sense from a techie perspective but are not necessarily pragmatic for the broader population. I think your analysis is much more in line with the present and past, but not really a vision of the future. In fact, the suggestion that desktops will "always be the best value and experience at home" comes off to me as rather myopic.
As the parent reply suggested, your piece is very close to satire. You are blinded by your own workflow and think that people 'tire of 15" ' laptop screens and such. But that's just you projecting your own preferences on the broader public, and it's exactly the kind of thinking that stifles creativity. I realize I'm coming off a bit harsh here - but it's clear from your posts that you are thinking in a bubble.

Flying Robots Flip, Swarm and Move In Formation At UPenn 122

techgeek0279 writes "The University of Pennsylvania's General Robotics, Automation, Sensing and Perception (GRASP) Laboratory has released a video of flying nano quadrotor robots. Inspired by swarming habits in nature, these agile robots avoid obstructions and perform complex maneuvers as a group."

Video Adverts On the Printed Page 153

An anonymous reader writes "Prepare yourself. A staple of near-future sci-fi—magazine video ads—are now a thing of the present. And which high-tech magazine is leading the charge? Wired? Popular Mechanics? Nope. Successful Farming. The advertisement itself is for a pesticide that protects crops against nematodes. You can see a video of the video here."

Submission + - Gmail is down

Ghazgkull writes: According to the official Gmail blog the Gmail web app is down today. "We know many of you are having trouble accessing Gmail right now — we are too, and we definitely feel your pain." According to the blog, Gmail users can still access their mail via IMAP or POP.

Yahoo Revives Pay-Per-Email, With Charitable Twist 287

holy_calamity writes "Yahoo research have started a private beta of a scheme that resurrects the idea of charging people to send email to cut spam. Centmail users pay $0.01 for each message they send, with the money going to a charity of their choice. The hope is that the feel good effect of donating to charity will reduce the perceived cost of paying for mail and encourage mass adoption, making it possible for mail filters to build in recognition of Centmail stamps."
The Military

Better Living Through Nukes? 432

perkonis writes "So, you've got 23,000 nukes laying about and no one to use them on. What to do with them? Well, you blow up stuff for fun and profit. Some of the ideas range from good on paper (such as mining oil shale) to just downright bad (such as making a new Panama Canal). Making a big ditch by blowing up nukes — what could possibly go wrong?"

Afghan Student Gets 20 Years For Blasphemy 618

Invisible Pink Unicorn writes "Despite nationwide public support for his initial death sentence, a three-judge appeals court has reduced the sentence of Sayed Parwez Kambakhsh to 20 years in prison. Kambakhsh was charged with circulating an article on women's rights that he found online. From the article: 'Family members have said Kambakhsh was beaten and threatened with death until he signed a confession and that local journalists who expressed support for him were warned they would be arrested if they persisted.'"

Slashdot Top Deals

Mathematicians practice absolute freedom. -- Henry Adams