Please create an account to participate in the Slashdot moderation system


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - AVTECH Shuns Security Firm and Leaves All Products Vulnerable Without a Patch (

An anonymous reader writes: AVTECH, a Taiwanese CCTV equipment manufacturer, has failed to respond to Search-Lab, a Hungarian security firm, who spent more than a year trying to inform the company about 14 security bugs affecting the firmware of ALL its products. Almost a year after it first contacted the hardware maker, Search-Lab published a public advisory about the vulnerabilities it discovered, warning sysadmins that their AVTECH products may be in danger of exploitation and remote takeover.

Search-Lab says their researchers is not the only one that spotted these issues. Currently, the term "AVTECH" is the second most popular search term on Shodan, where anyone can find more than 130,000 of these devices available online. Taking into account the recent attacks from IoT botnets, AVTECH is now on the same level of incompetence and indifference as other CCTV hardware makers such as AVer, Dahua, and TVT, all Chinese and Taiwanese companies.

A list of confirmed affected firmware versions is available here, proof of concept exploitation code is available on GitHub, and an exploitation video is available here.

Submission + - SPAM: US Sues Palantir for Discrimination - Against Asians 1

jeffb (2.718) writes: The US Department of Labor is suing Palantir Technologies, a large private US big-data analysis company, for alleged racial discrimination against Asian job applicants. The lawsuit claims that Palantir hired 14 non-Asians and 11 Asians out of a pool of more than 1160 "qualified" applicants, where 85% of the applicants in that pool were Asian.

I'm sure Slashdot readers will have a number of questions about this. For example:
  • How did DoL or Palantir reliably categorize applicants as "Asian" or "non-Asian"?
  • How did DoL categorize applicants as "qualified"?
  • How do these proportions (percentage of Asian applicants, percentages hired) compare to other companies in this space?

Link to Original Source

Submission + - SPAM: Temporary tattoos to treat chronic conditions

mi writes: A temporary tattoo — its "paint" consisting of drug-loaded nanoparticles — may some day help control a chronic disease, according to scientists at Baylor College of Medicine and Rice University.

That could be a plus for patients with autoimmune diseases like multiple sclerosis, one focus of study at the Beeton lab. “Placed just under the skin, the carbon-based particles form a dark spot that fades over about one week as they are slowly released into the circulation,” Beeton said.

Link to Original Source

Submission + - "The Internet is Oreos", ISP Claims To FCC (

Rick Schumann writes:

Ars Technica first spotted the crumbly filing, from small (and much-loathed) provider Mediacom.

Mediacom’s comment is in response to the same proceeding that Netflix commented on earlier this month. However, while Netflix actually addressed data and the ways in which their customers use it, Mediacom went for the more metaphor-driven approach.

The letter literally starts out under the header, “You Have to Pay Extra For Double-Stuffed,” and posits that you, the consumer, are out for a walk with $2 in your pocket when you suddenly develop a ferocious craving for Oreo (®) cookies.

Submitter Rick Schumann adds:

Of course their analogy is highly questionable, since transmitting data over a network doesn't actually consume anything, now does it? You eat the cookie, the cookie is gone, but you transmit data over a network, the network is still there and can transmit data endlessly. Mediacom's assertion that the Internet is like a cookie you eat, is like saying copying a file on your computer somehow diminishes or degrades the original file, which of course is rediculous.

Submission + - Switzerland Votes For Legal State Surveillance In Referendum

Mickeycaskill writes: Secret service agents are able to legally hack computers in Switzerland after the country voted for a law that allowed them to do so in order to prevent terrorist attacks.

Switzerland practices ‘direct democracy’, a model which allows citizens to propose a referendum to be held on any law.

Two thirds of voters came out in favour of the law despite critics warnings that it could lead to arbitrary surveillance. It is likely this was galvanized by the spate of terrorist attacks that have occurred in Europe this year.

“It gives Switzerland modern tools to respond to current threats,” Defence Minister Guy Parmelin said.

Submission + - SPAM: California Enacts Law Requiring IMDb to Remove Actor Ages on Request

schwit1 writes: California Gov. Jerry Brown on Saturday signed legislation that requires certain entertainment sites, such as IMDb, to remove – or not post in the first place – an actor’s age or birthday upon request.

The law, which becomes effective January 1, applies to database sites that allow paid subscribers to post resumes, headshots or other information for prospective employers. Only a paying subscriber can make a removal or non-publication request. Although the legislation may be most critical for actors, it applies to all entertainment job categories.

The purpose of the law is to prevent age discrimination. How soon will it get struck down for violating free speech?

Link to Original Source

Submission + - Double KO! Capcom's Street Fighter V installs hidden rootkit on PCs (

An anonymous reader writes: A fresh update for Capcom's Street Fighter V for PCs includes a knock-out move: a secret rootkit that gives any installed application kernel-level privileges.

This means any malicious software on the system can poke a dodgy driver installed by SFV to completely take over the Windows machine. Capcom claims it uses the driver to stop players from hacking the high-def beat 'em up to cheat. Unfortunately, the code is so badly designed, it opens up a full-blown local backdoor. Gamers realized something was a little off when the upgrade brought in a new driver and demanded operating-system-grade access to the computer before the game starts. A number of players say they couldn't even get the new version to work at all. A full-blown online meltdown ensued.

Submission + - Portable Apps Are Now Available for Ubuntu 16.04 LTS

prisoninmate writes: announced the availability of their portable applications, in the ORB format, for the Ubuntu 16.04 LTS (Xenial Xerus) operating system. Being the first time we introduce our readers to portable apps for Ubuntu, we would like to let them know how these apps actually work. First of all, the available apps are freely distributed via the website in the .orb compressed file format to save space on the USB thumb drive. They will automatically enter the "Portable/Persistent Mode" when they are run from the USB stick, which means that all settings will be stored on the thumb drive. Of course, this means that no installation is required, but you'll need to first download the ORB Launcher.

Submission + - Fake Hacker Found Guilty Following Gutsy Mitt Romney Extortion Scheme (

An anonymous reader writes: Michael Mancil Brown, 37, of Franklin, Tennessee, faces up to thirty years in prison, a fine up to $250,000, and orders of restitution to victims, because of a daring stunt he pulled off in 2012 that involved fake hacking, the PricewaterhouseCoopers consulting firm, and US presidential candidate Mitt Romney.

Back in 2012, Brown had the bright idea to write a letter alleging to have hacked PricewaterhouseCoopers (PwC) servers and stolen tax documents prior to 2010 for Mitt Romney and his wife, Ann. The "hacker" asked for $1 million in Bitcoin, and after publishing details about his fake hack online, he almost received it from a "third-party", but not before the FBI arrested him and then uncovered his lie.

Submission + - That Time I Got Publicly 'Hacked' (

ancientribe writes: All it takes is one lapse in judgment: you can't help yourself, and you log into that unsecured WiFi to check your email, and boom, your credentials are compromised. A "cautionary tale" of how one cybersecurity editor who knew better, went there.

Submission + - ISS Completes 100,000th Orbit Of Earth (

An anonymous reader writes: The International Space Station, the space laboratory that showcases cooperation between Russia and the United States, on Monday orbited Earth for the 100,000th time, Russian mission control said. Traveling at an altitude of about 250 miles (400 kilometers) and a speed of about 17,500 miles (28,000 kilometers) per hour, the space station circles the Earth once every 90 minutes. The ISS has now travelled 2.6 billion miles "or about the distance of 10 round trips to Mars," NASA said on the station's official Twitter feed. From two modules, it has grown to 15 modules, occupying a space the size of a football pitch and represents around $100 billion in investment. "Such a long lifespan of the ISS proves that mankind has the necessary technologies for constant presence in orbit, that we have the potential for further space exploration," said Matyushin.

Submission + - Highly-Conductive Shark Jelly Could Inspire New Tech (

An anonymous reader writes: Researchers from UC Santa Cruz, the University of Washington, and the Benaroya Research Institute at Virginia Mason found shark jelly to have the highest proton conductivity ever seen in a biological material. The jelly's conductivity begins to approach that of leading proton-conducting polymers. Tiny organs in the skin of sharks, skates and rays, called the ampullae of Lorenzini, are key to the ability. Scientists believe that the jelly is what has been able to allow these animals to detect weak electric fields produced by their prey, as the organs, which are visible as pores in the skin, are connected to electrosensory cells via long, jelly-filled canals. Marco Rolandi, a co-author on a paper detailing the findings in Science Advances, sees potential use for the "shark jelly" in the development of new or enhanced materials or even the creation of new sensor technology. "The observation of high proton conductivity in the jelly is very exciting," Rolandi said. "We hope that our findings may contribute to future studies of the electrosensing function of the ampullae of Lorenzini and the organ overall, which is itself rather exceptional."

Submission + - Raspberry Pi Zero Gains Camera Support, Keeps $5 Price (

An anonymous reader writes: The Raspberry Pi Zero has received its first major hardware upgrade today: a camera connector. The new addition of a camera connector works well with the two new Sony imaging modules announced last month. The board will retain its $5 price, too. Eben Upton, Raspberry Pi founder, said in a blog post that "through dumb luck, the same fine-pitch FPC connector that we use on the Compute Module Development Kit just fits onto the right hand side of the board." The team was able to close the feature gap between the Zero and larger Pi boards by moving the surface components towards the left, and rotating the activity LEDs. The CSI connector on the Zero is 3.5mm smaller than the adapter on the Pi 3, so you will need to invest in a new cable if you've already invested in a camera module for an existing project.

Submission + - Senate Report On CIA Torture Is One Step Closer To Disappearing (

An anonymous reader writes: According to Yahoo News, the CIA inspector general's office "mistakenly" destroyed its only copy of a mammoth Senate torture report at the same time lawyers for the Justice Department were assuring a federal judge that copies of the document were being preserved. Agency officials described the deletion of the document to Senate investigators as an "inadvertent" foul-up by the inspector general. "CIA inspector general officials deleted an uploaded computer file with the report and then accidentally destroyed a disk that also contained the document, filled with thousands of secret files about the CIA's use of 'enhanced' interrogation methods," reports Yahoo News. The Senate Intelligence Committee and Justice Department knew about the incident last summer, sources said. However, the destruction of a copy of the sensitive report was never made public, nor was it reported to the federal judge at the time who was overseeing a lawsuit seeking access to the still classified document under the Freedom of Information Act.

Slashdot Top Deals

"An idealist is one who, on noticing that a rose smells better than a cabbage, concludes that it will also make better soup." - H.L. Mencken