Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Nuclear plants leak critical alerts in unencrypted pager messages (arstechnica.com)

mdsolar writes: A surprisingly large number of critical infrastructure participants—including chemical manufacturers, nuclear and electric plants, defense contractors, building operators and chip makers—rely on unsecured wireless pagers to automate their industrial control systems. According to a new report, this practice opens them to malicious hacks and espionage.

Earlier this year, researchers from security firm Trend Micro collected more than 54 million pages over a four-month span using low-cost hardware. In some cases, the messages alerted recipients to unsafe conditions affecting mission-critical infrastructure as they were detected. A heating, venting, and air-conditioning system, for instance, used an e-mail-to-pager gateway to alert a hospital to a potentially dangerous level of sewage water. Meanwhile, a supervisory and control data acquisition system belonging to one of the world's biggest chemical companies sent a page containing a complete "stack dump" of one of its devices.

Other unencrypted alerts sent by or to "several nuclear plants scattered among different states" included:

Reduced pumping flow rate
Water leak, steam leak, radiant coolant service leak, electrohydraulic control oil leak
Fire accidents in an unrestricted area and in an administration building
Loss of redundancy
People requiring off-site medical attention
A control rod losing its position indication due to a data fault
Nuclear contamination without personal damage

Submission + - Apple removes ESC key new Macbook "Pro" (theverge.com) 2

fyngyrz writes: The Mac "Pro's" ESC key, used by many at the console / shell level, has apparently succumbed to overwhelming... courage. Er, design intent. Yeah, that's it. You have to admit, Apple is brave. No console-friendly person will be happy with this. I suspect that will be true to a degree where they'll be happy with... something other than a Macbook "Pro." BTW, those aren't "scare" quotes. Those are "no, wrong word" quotes. I could have gone with "pro[sic]", but... oy. Oh. And hey. You didn't want function keys, did you? Of course not... Okay, one hopes these missing features will at least sometimes, possibly, appear on the new touch bar, there to blunt the ends of your fingers as they use a key-striking habit to stomp on a touch surface.

Submission + - Benchmark Battle October 2016: Chrome Vs. Firefox Vs. Edge

Krystalo writes: It’s been more than a year since our last browser benchmark battle, and the competition remains fierce. Google Chrome, Mozilla Firefox, and Microsoft Edge have all gained a variety of new features and improvements over the past year. It’s time to see if any of them have managed to pull ahead of the pack. It appears that Edge has made the biggest gains since last year. That said, browser performance is improving at a very rapid pace, and it shouldn’t be your only consideration when picking your preferred app for consuming Internet content.

Submission + - Strange signals from star survey may be evidence of intelligent life (iop.org)

Okian Warrior writes: A recent paper reporting on strange artifacts in the spectra of 234 stars is raising eyebrows in the Astronomical community.

A Fourier transform analysis of 2.5 million spectra in the Sloan Digital Sky Survey was carried out to detect periodic spectral modulations. Signals having the same period were found in only 234 stars overwhelmingly in the F2 to K1 spectral range. The signals cannot be caused by instrumental or data analysis effects because [various reasons...]

Finally, we consider the possibility, predicted in a previous published paper, that the signals are caused by light pulses generated by ETI to makes us aware of their existence. We find that the detected signals have exactly the shape of an ETI signal predicted in the previous publication and are therefore in agreement with this hypothesis. The fact that they are only found in a very small fraction of stars within a narrow spectral range centered near the spectral type of the Sun is also in agreement with the ETI hypothesis. However, at this stage, this hypothesis needs to be confirmed with further work.

Submission + - AT&T Is Spying on Americans for Profit, New Documents Reveal (thedailybeast.com)

schwit1 writes: The telecom giant is doing NSA-style work for law enforcement—without a warrant—and earning millions of dollars a year from taxpayers.

Hemisphere isn’t a “partnership” but rather a product AT&T developed, marketed, and sold at a cost of millions of dollars per year to taxpayers. No warrant is required to make use of the company’s massive trove of data, according to AT&T documents, only a promise from law enforcement to not disclose Hemisphere if an investigation using it becomes public.

Hemisphere is used far beyond the war on drugs to include everything from investigations of homicide to Medicaid fraud.

Submission + - Google Chrome To Make Certificate Transparency Mandatory In 2017 (thestack.com)

An anonymous reader writes: Google Chrome will make certificate transparency obligatory for domains issued from October 2017. The announcement, by Google software engineer Ryan Sleevi, makes clear that the Chrome team will extend all necessary help to certificating authorities to prepare them for compliance in the next twelve months. 'Although the date is a year away, we encourage any participants that wish to have their use cases addressed to bring them forward as soon as possible during the next three months. This will ensure that the IETF, the CA/Browser Forum, and the broader community at large have ample time to discuss the challenges that may be faced, and find appropriate solutions for them.' The Certificate Transparency open framework, which has been criticized over privacy aspects, uses logs to which information can only be appended (not removed or altered) to provide an authentic chain of trust which is capable of detecting compromised certificates in hours rather than the days, weeks or months involved in traditional propagation.

Submission + - London's Streets To Get Free 1Gbps Wi-Fi, Mobile Charging And Phone Calls 1

Mickeycaskill writes: BT is to replace hundreds of phone boxes across London and replace them with ‘Links’ – modern kiosks that offer free, ad-supported phone calls, 1Gbps Wi-Fi, mobile charging and sensors that can support smart city applications.

The first kiosks will start to appear on the capital’s streets in early 2017, offering the fastest free public Wi-Fi service available. Each Link can support hundreds of users and also offers free mobile and landline calls to UK numbers.

An inbuilt Android tablet offers free local information and directions, and two 55-inch HD displays will serve adverts, public service announcements and community news. Each Link will be equipped with sensors that could monitor air and noise pollution, temperature, traffic and other urban metrics, allowing organisations and local councils to build smart city applications based on the Internet of Things (IoT).

Although its likely that not all payphones will be replaced with kiosks, BT has promised not a single iconic red phone box will be taken off the streets for what it calls the latest 'evolution' of the payphone.

Submission + - Twitter Plans To Cut About 300 Jobs As Soon As This Week, Says Report (bloomberg.com)

An anonymous reader writes: Twitter Inc. is planning widespread job cuts, to be announced as soon as this week, according to people familiar with the matter. The company may cut about 8 percent of the workforce, or about 300 people, the same percentage it did last year when co-founder Jack Dorsey took over as chief executive officer, the people said. Planning for the cuts is still fluid and the number could change, they added. An announcement about the job reductions may come before Twitter releases third-quarter earnings on Thursday, one of the people said. Twitter, which loses money, is trying to control spending as sales growth slows. The company recently hired bankers to explore a sale, but the companies that had expressed interest in bidding — Salesforce.com Inc., The Walt Disney Co. and Alphabet Inc. — later backed out from the process. Twitter’s losses and 40 percent fall in its share price the past 12 months have made it more difficult for the company to pay its engineers with stock. That has made it harder for Twitter to compete for talent with giant rivals like Alphabet Inc.’s Google and Facebook Inc. Reducing employee numbers would relieve some of this pressure.

Comment Re:resistance is futile (Score 4, Informative) 207

Demonstrably bullshit, and exactly the kind of falsehood that the Leave campaign was spouting during the UK's referendum - at least in the way that you are positing. Check out the latest news on the ongoing negotiations over the EU-Canada trade deal that is currently on the rocks because *three* regions of one EU member state (Belgium) are objecting to the deal. Everyone else - all the other 27 members of the EU and Canada want to go ahead, but can't because of those three provinces, and the terms of the deal (5MB PDF) are entirely public knowledge - unlike things like TPP and TTIP where the US is involved and insists on secrecy.

The real irony of the situation (and the reason for my caveat); the three regions that are blocking the deal are Wallonia, the French speaking region of Flanders... and Brussels itself (albeit as a province of Belgium rather than as the EU).

Submission + - Alibaba Founder To Chinese Government: Use Big Data To Stop Criminals (bloomberg.com)

An anonymous reader writes: Chinese billionaire Jack Ma proposed that the nation’s top security bureau use big data to prevent crime, endorsing the country’s nascent effort to build unparalleled online surveillance of its billion-plus people. China’s data capabilities are virtually unrivaled among its global peers, and policing cannot happen without the ability to analyze information on its citizens, the co-founder of Alibaba Group Holding Ltd. said in a speech published Saturday by the agency that polices crime and runs the courts. Ma’s stance resonates with that of China’s ruling body, which is establishing a system to collect and parse information on citizens in a country where minimal safeguards exist for privacy. “Bad guys in a movie are identifiable at first glance, but how can the ones in real life be found?” Ma said in his speech, which was posted on the official WeChat account of the Commission for Political and Legal Affairs. “In the age of big data, we need to remember that our legal and security system with millions of members will also face change.” In his speech, Ma stuck mainly to the issue of crime prevention. In Alibaba’s hometown of Hangzhou alone, the number of surveillance cameras may already surpass that of New York’s, Ma said. Humans can’t handle the sheer amount of data amassed, which is where artificial intelligence comes in, he added. “The future legal and security system cannot be separated from the internet and big data,” Ma said. Ma’s speech also highlights the delicate relationship between Chinese web companies and the government. The ruling party has designated internet industry leaders as key targets for outreach, with President Xi Jinping saying in May last year that technology leaders should “demonstrate positive energy in purifying cyberspace.”

Submission + - Study Finds Little Lies Lead To Bigger Ones (go.com)

An anonymous reader writes: Telling little fibs leads down a slippery slope to bigger lies — and our brains adapt to escalating dishonesty, which makes deceit easier, a new study shows. Neuroscientists at the University College London's Affective Brain Lab put 80 people in scenarios where they could repeatedly lie and get paid more based on the magnitude of their lies. They said they were the first to demonstrate empirically that people's lies grow bolder the more they fib. The researchers then used brain scans to show that our mind's emotional hot spot — the amygdala — becomes desensitized or used to the growing dishonesty, according to a study published online Monday in the journal Nature Neuroscience. And during this lying, brain scans that show blood supply and activity at the amygdala decrease with increasing lies, said study co-author and lab director Tali Sharot. "The more we lie, the less likely we are to have an emotional response" — say, shame or guilt — "that accompanies it," Sharot said. Garrett said he suspects similar escalation factors happen in the "real world," which would include politics, infidelity and cheating, but he cautioned that this study was done in a controlled lab setting so more research would be needed to apply it to other situations. The study found that there is a segment of people who don't lie and don't escalate lies, but Sharot and Garrett weren't able to determine how rare those honest people are. It also found that people lie more when it benefits both them and someone else than when they just profit alone.

Submission + - Electronic surveillance up 500% in D.C.area since 2011, almost all sealed cases (washingtonpost.com)

schwit1 writes: Secret law enforcement requests to conduct electronic surveillance in domestic criminal cases have surged in federal courts for Northern Virginia and the District, but only one in a thousand of the applications ever becomes public, newly released data show.

The bare-bones release by the courts leaves unanswered how long, in what ways and for what crimes federal investigators tracked individuals’ data and whether long-running investigations result in charges.

In Northern Virginia, electronic surveillance requests increased 500 percent in the past five years, from 305 in 2011 to a pace set to pass 1,800 this year.

Only one of the total 4,113 applications in those five years had been unsealed as of late July, according to information from the Alexandria division of the U.S. District Court for the Eastern District of Virginia, which covers northern Virginia.

Submission + - New York Times Buys The Wirecutter For $30 Million (recode.net)

An anonymous reader writes: The New York Times is buying The Wirecutter, a five-year-old online consumer guide. The Times will pay more than $30 million, including retention bonuses and other payouts, for the startup, according to people familiar with the transaction. Brian Lam, a former editor at Gawker Media’s Gizmodo, founded The Wirecutter in 2011, and has self-funded the company’s growth. The Wirecutter provides recommendations for electronics and other gadgets that are both obsessively researched and simply presented. The Wirecutter also owns The Sweethome, which takes the same approach for home appliances and other gear.

Submission + - GPS Jammed Near the Kremlin (yahoo.com)

stevegee58 writes: Russians have been noticing that their GPS doesn't work in Moscow near the Kremlin. Everyone from taxi drivers to Pokemon Go players suddenly notice that they're transported 18 miles away at the airport when they near the Kremlin.
While this may be an annoyance to the public it seems like a reasonable countermeasure to potential terrorist threats. Is it only a matter of time before other vulnerable sites such as the White House or the Capitol in Washington start doing the same?

Submission + - "Most serious" Linux privilege-escalation bug ever is under active exploit (arstechnica.com)

operator_error writes: Lurking in the kernel for nine years, flaw gives untrusted users unfettered root access.

By Dan Goodin — 10/20/2016

A serious vulnerability that has been present for nine years in virtually all versions of the Linux operating system is under active exploit, according to researchers who are advising users to install a patch as soon as possible.

While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild.

"It's probably the most serious Linux local privilege escalation ever," Dan Rosenberg, a senior researcher at Azimuth Security, told Ars. "The nature of the vulnerability lends itself to extremely reliable exploitation. This vulnerability has been present for nine years, which is an extremely long period of time."

The underlying bug was patched this week by the maintainers of the official Linux kernel. Downstream distributors are in the process of releasing updates that incorporate the fix. Red Hat has classified the vulnerability as "important."

Slashdot Top Deals

Save the whales. Collect the whole set.