ShaunC writes: In a bug that's been christened "Cloudbleed," Cloudflare disclosed today that some of their products accidentally exposed private user information from a number of websites. Similar to 2014's Heartbleed, Cloudflare's problem involved a buffer overrun that allowed uninitialized memory contents to leak into normal web traffic. Tavis Ormandy, of Google's Project Zero, discovered the flaw last week. Affected sites include Uber, Fitbit, and OKCupid, as well as unnamed services for hotel booking and password management. Cloudflare says the bug has been fixed, and Google has purged affected pages from its search index and cache.
AdamnSelene writes: A report in Bloomberg describes a draft executive order that will hit the tech industry hard and potentially change the way those companies recruit workers from abroad. The H-1B, L-1, E-2, and B1 work visa programs would be targeted by requiring companies to prioritize higher-paid immigrant workers over lower-paid workers. In addition, the order will impose statistical reporting requirements on tech companies who sponsor workers under these programs. The order is expected to impact STEM workers from India the most.
Andreas Kolbe writes: The fundraising banners on Wikipedia this year are so effective that halfway through its December fundraising campaign, the Wikimedia Foundation has already exceeded its $25 million donations target for the entire month, reports The Register. A few weeks ago, Jimmy Wales promised that the Wikimedia Foundation would "stop the fundraiser if enough money were raised in shorter than the planned time". But there’s no sign of the Foundation doing that. When asked about this more recently, a Wikimedia Foundation spokesperson remained non-committal on ending the campaign early. The most recent audited accounts of the Wikimedia Foundation showed net assets of $92 million and revenue of $82 million. None of this money, incidentally, pays for writing or checking Wikipedia content – that's the job of unpaid volunteers – and only $2 million are spent on internet hosting every year.
kodiaktau writes: The national emergency alert system service that was schedule for 2PM ET went out on radio and terrestrial television but was missed by cable stations. Some online systems ran for brief periods, others continued for extended times.
snydeq writes: "Sustainable IT's Ted Samson raises questions regarding the purchasing of carbon offsets, a practice growing in popularity among tech companies such as Dell, Yahoo, and Google in an attempt to achieve 'carbon neutrality.' Essentially financial instruments, carbon offsets enable companies to invest money in sustainable endeavors in an attempt to counteract the carbon footprint they incur conducting their business. But as a recent article in the Wall Street Journal shows, measuring the value of these carbon offsets is tricky business, as some recipients of offsets say the results of their sustainable efforts would be achieved regardless of any one company's investment. 'The question of whether carbon offsets hold value just scratches the surface of the overall carbon-neutrality question,' Samson writes. 'For the time being, there isn't even a consistent approach to measuring an organization's carbon footprint in the first place. And if you don't know how much CO2 you're responsible for, how do you know how much offsetting is necessary to become neutral?'"
TechForensics writes: "Sorry, this is not a story; it is a suggestion to (is it possible?) improve Slashdot. Though I have been on/. for years I still don't know how to send a message directly to the editors.
I noticed in a recent story several/.ers who were also skydivers sort of got in touch. I thought, wow, there can't be many of those (though I am one), but wow, they might have a lot in common and really hit it off. The same could be true for other/.ers who share an outside interest.
My idea is simply to create sigs (special interest groups) within/. (not in such a way as to fragment the user base) but maybe just a link to click to add your name to a list of members interested. Members could see the names and perhaps email addresses of other members-- this might facilitate the creation of special interest mail lists, let people know who they might want to add as friends, etc. Ideally (and this is farfetched because it would probably be a pain to program) there could be a clickable icon beside member names which, if clicked, would present all member posts on a single page. (Yes, I know there are objections to / problems with that.)
But the idea of letting members join SIGS that may have mail lists, and making it apparent there are sigs that can be easily joined, has the happy possibility of creating friends across TWO strong interests. Would that not be A Good Thing.
joepez writes: Whether you agreed with his "science" or not, author Michael Crichton was often more entertaining than not. It was reported today (here) that Crichton passed away at age 66 from cancer at his home in Los Angeles. In case you didn't know Crichton was author of best selling books (and later movies) such as: "Jurassic Park" and "The Andromeda Strain".
ryanov writes: Michael Crichton, the author best known for Jurassic Park and as the creator of the hit TV series "ER", has died at age 66 after a private battle with cancer, according to a statement made by members of his family. "While the world knew him as a great story teller that challenged our preconceived notions about the world around us — and entertained us all while doing so — his wife Sherri, daughter Taylor, family and friends knew Michael Crichton as a devoted husband, loving father and generous friend who inspired each of us to strive to see the wonders of our world through new eyes," the statement goes on to say. Crichton's last book was "Next", released in 2006, on the subjects of modern genetics and law.
mjasay writes: "As if the proprietary software world needed any help, two business professors from Harvard and Stanford have combined to publish "Divide and Conquer: Competing with Free Technology Under Network Effects," a research paper dedicated to helping business executives fight the onslaught of open source software. The professors advise "the commercial vendor...to bring its product to market first, to judiciously improve its product features, to keep its product "closed" so the open source product cannot tap into the network already built by the commercial product, and to segment the market so it can take advantage of a divide-and-conquer strategy." The professors also suggest that "embrace and extend" is a great model for when the open source product gets to market first. Glad to see that $48,921 that Stanford MBAs pay being put to good use. Having said that, such research is perhaps a great, market-driven indication that open source is having a serious effect on proprietary technology vendors. If open source were innocuous to proprietary profits, there would be no market for such research."
spinoza15 writes: "I'm looking for suggestions from the Slashdot community on the best way to host/serve video files from an XP machine. I need something quick and simple to setup so I can link a URL in an email to my aging parents to show off our new little boy. I've done it before to setup a Debian box with Gallery and my own domain name but we've moved since then and space is at a premium (not to mention time to setup!) so another box is not an option. I've looked into online hosting, Google, etc. but I'm leary of the privacy policies and, let's face it, there's a certain amount of candid video that only grandparents should see (bath time anyone?:) that I wouldn't feel comfortable on any other machines but my own.
I've looked at VLC and I really like it however it streams and I'd rather the video get requested/started from the client side by clicking the URL. The other issue is that I purchased a lovely HD camcorder so I will probably have larger than normal files. My upload is rated at 1Mb/s so I'm not worried too much about bandwidth on my side.
Any thoughts or suggestions?"
I Don't Believe in Imaginary Property writes: "The MPAA is arguing in favor of its novel 'making available' theory of copyright infringement, saying that they shouldn't be required to show any proof of actual infringement. In their own words, they said that, 'Mandating such proof could thus have the pernicious effect of depriving copyright owners of a practical remedy against massive copyright infringement in many instances,' and that, 'It is often very difficult, and in some cases, impossible, to provide such direct proof when confronting modern forms of copyright infringement, whether over P2P networks or otherwise; understandably, copyright infringers typically do not keep records of infringement.' Fortunately, they're arguing this before the judge who has already found their argument to be unfounded. Unfortunately, they may have a new argument that doesn't rely upon the novel 'making available' theory."
Your soul writes: Nate Lawson, the co-designer of the Blu-ray content protection system, discussed the challenges of defending digital content, including the basic principles and mistakes of the design process, how much the hardware can help, the link between software protection and software security, and the role of security through obscurity.
Aaron Sheffield writes: From Wired.com
Apple has been granted a trademark for the shape of the iPod, essentially giving it exclusive rights to make a box with a screen and a wheel:
[T]he design of a portable and handheld digital electronic media device comprised of a rectangular casing displaying circular and rectangular shapes therein arranged in an aesthetically pleasing manner. [emphasis added]
Who decides that last point, we have no idea, but this will mean that Apple is likely to become much more aggressive in going after the knock-off iPod designs out there. One advantage of a trademark over a patent is that it doesn't expire. However, to keep a trademark, you need to defend it, which means lots of nasty letters to manufacturers. Otherwise, the shape of the iPod could end up like the name "Hoover" (now the English for vacuum cleaner).
Ridiculous? Perhaps. But if McDonald's can register "I'm going to McDonald's" and T-Mobile can lay claim to the color pink, then a pretty arrangement of shapes seems almost sensible.