Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Submission Summary: 0 pending, 38 declined, 13 accepted (51 total, 25.49% accepted)

Submission + - Cloudflare Leaks Sensitive User Data Across the Web

ShaunC writes: In a bug that's been christened "Cloudbleed," Cloudflare disclosed today that some of their products accidentally exposed private user information from a number of websites. Similar to 2014's Heartbleed, Cloudflare's problem involved a buffer overrun that allowed uninitialized memory contents to leak into normal web traffic. Tavis Ormandy, of Google's Project Zero, discovered the flaw last week. Affected sites include Uber, Fitbit, and OKCupid, as well as unnamed services for hotel booking and password management. Cloudflare says the bug has been fixed, and Google has purged affected pages from its search index and cache.

Submission + - TV News Broadcast Accidentally Activates Alexa, Initiates Orders (cw6sandiego.com)

ShaunC writes: Amazon's Echo digital assistant is supposed to make our lives easier, but one recent incident is causing headaches for some Echo owners. In San Diego, TV news anchor Jim Patton was covering a separate story about a child who accidentally ordered a doll house using her family's Echo. Commenting on the story, Patton said "I love the little girl, saying 'Alexa ordered me a dollhouse.'" Viewers across San Diego reported that in response to the news anchor's spoken words, their own Echo devices activated and tried to order doll houses from Amazon. Amazon says that anyone whose Echo inadvertently ordered a physical item can return it at no charge.

Submission + - Copyright Professor's Lecture Removed from YouTube over Sony Content-ID Claim (torrentfreak.com)

ShaunC writes: William Fisher, a professor of intellectual property law at Harvard, posted to YouTube a lecture titled "The Subject Matter of Copyright: Music." In discussing the complexities of music licensing and cover songs, Fisher played several short clips of music by Hendrix, Santana, and others. Sony responded by having the lecture removed from YouTube, ignoring any fair use protection in excerpting works for educational purposes. While the video was restored after public backlash, most YouTube users don't have Harvard Law School backing them up. Once again, a company has issued overreaching copyright claims with no penalty or consequence for harming an innocent party.

Submission + - Comcast Typo Penalizes Wrong Customer for Data Usage (arstechnica.com)

ShaunC writes: Soon after Comcast implemented its data caps in Tennessee, one customer began getting calls warning that he was approaching his monthly usage limit. The company's data cap meter was ticking up rapidly, even attributing 120GB of use — almost half of the monthly cap — to a period of time when he was out of the country. After months of back and forth and troubleshooting by the customer, Comcast finally admitted that a typo in a MAC address was causing another customer's usage to appear on his account. With data caps like Comcast's carrying a real financial cost in terms of overage fees, how can we trust providers to accurately track customers' bandwidth usage?

Submission + - US Tech Firms Recruiting High Schoolers (And Younger) (telegraph.co.uk)

ShaunC writes: Is there a glut of qualified American tech workers, or isn't there? Some companies like Facebook and Airbnb are now actively courting and recruiting high school students as young as 13 with promises of huge stipends and salaries. As one student put it, “it’s kind of insane that you can make more than the U.S. average income in a summer,” and another who attended a Facebook-sponsored trip said he'd "forego college for a full-time job" if it were offered. Is Silicon Valley taking advantage of naive young workers?
PHP

Submission + - PHP 5.2.0 Released

ShaunC writes: "The PHP Group and Zend have released PHP 5.2.0, and upgrades are encouraged. The 5.2.0 update offers several security fixes, including patches for a couple recently announced buffer overflows in input parsing. This release also includes a number of library upgrades, bug fixes, and default bundling of the popular JSON extension to help with AJAX development. See the full changelog for more details."

Slashdot Top Deals

Kill Ugly Processor Architectures - Karl Lehenbauer

Working...