Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - Risk Of Cascadia Quake Elevated As Puget Sound 'Slow Slip' Event Begins (patch.com) 1

schwit1 writes: On Wednesday, the semi-annual "slow slip" event began, according to the Pacific Northwest Seismic Network (PNSN) at the University of Washington. The event happens about every 14 months deep underneath the Puget Sound area and is essentially a slow earthquake that takes place over the course of two weeks.

During a slow-slip event, after 14 months of moving eastward, the Juan de Fuca tectonic plate stalls and moves westward, which puts stress on the Cascadia subduction zone.

Seismologists often refer to this as a "straw that broke the camel's back" scenario.

"It's loading up the edge of the lock zone of the Cascadia subduction zone more rapidly than normal tectonic processes would do," explained Bill Steele, director of communications at the PNSN. "You're getting seven months of strain accumulation applied to the back edge of the fault over a week."

Submission + - First victim of SHA-1 collisions: Subversion. Technique was reverse engineered

Artem Tashkinov writes: A WebKit developer who tried to upload "bad" PDF files generated from the first successful SHA-1 attack broke WebKit's SVN repository because Subversion uses SHA-1 hash to differentiate commits. The reason to upload the files was to create a test for checking cache poisoning in WebKit.

Another news story is that based on the theoretical incomplete description of the SHA-1 collision attack published by Google just two days ago, people have managed to recreate the attack in practice and now you can download a python script which can create a new PDF file with the same SHA-1 hashsum using your input PDF. The attack is also implemented as a website which can prepare two PDF files with different JPEG images which will result in the same hash sum.

Submission + - Intel unofficially cuts prices for its x86 CPUs across the board 1

Artem Tashkinov writes: In an expected turn of events, now that AMD Ryzen is less than a week away from going public, Intel has unofficially cut prices for a long range of its CPUs. The biggest price cuts involve the following CPUs:
  • Intel Core i7-6850K, Broadwell, 3.6GHz, 6 cores (with HT), LGA 2011-3, was $700, now $550 (21% off)
  • Intel Core i7-6800K, Broadwell, 3.4GHz, 6 cores (with HT), LGA 2011-3, was $500, now $360 (28% off)
  • Intel Core i7-5820K, Haswell, 3.3GHz, 6 cores (with HT), LGA 2011-3, was $420, now $320 (24% off)
  • Intel Core i7-6700K, SkyLake, 4.0GHz, 4 cores (with HT), LGA 1151, was $400, now $260 (35% off)
  • Intel Core i7-6600K, SkyLake, 3.5GHz, 4 cores (with HT), LGA 1151, was $270, now $180 (33% off)

It's so good to finally have a competition in the x86 CPU market back after more than ten years since Intel released its Core 2 CPUs.

Submission + - MySQL Databases Targeted in New Ransom Attacks (bleepingcomputer.com)

An anonymous reader writes: After the ransacking of MongoDB, ElasticSearch, Hadoop, CouchDB, and Cassandra servers, attackers are now hijacking hundreds of MySQL databases, deleting their content, and leaving a ransom note behind asking for a 0.2 Bitcoin ($235) payment. Attackers are gaining access to databases by brute-forcing root accounts for Internet-exposed MySQL servers.

The attacks started on February 12, and only lasted for 30 hours, during which time attackers breached hundreds of servers. Investigators said all attacks came from the same IP address from the Netherlands, 109.236.88.20, belonging to a hosting company called WorldStream.

In some cases attackers dumped the database, in other cases they deleted all content and left a ransom note behind. Two ransom notes have been found in the hundreds of confirmed attacks, one asking victims to get in contact via email and confirm the payment, while the other used a completely different mode of operation, redirecting users to a Tor-hosted website. At the time of writing, the Tor website is still up and running, at http://sognd75g4isasu2v.onion/

Submission + - White House blocks news organizations from press briefing (cnn.com)

ClickOnThis writes: CNN reports that it, along with several other major news organizations, were blocked from attending a press briefing at the White House today. From the article:

The New York Times, the Los Angeles Times, Politico and BuzzFeed were also excluded from the meeting, which is known as a gaggle and is less formal than the televised Q-and-A session in the White House briefing room. The gaggle was held by White House press secretary Sean Spicer.

In a brief statement defending the move, administration spokeswoman Sarah Sanders said the White House "had the pool there so everyone would be represented and get an update from us today."

The pool usually includes a representative from one television network and one print outlet. In this case, four of the five major television networks — NBC, ABC, CBS and Fox News — were invited and attended the meeting, while only CNN was blocked.

And while The New York Times was kept out, conservative media organizations Breitbart News, The Washington Times and One America News Network were also allowed in.


Submission + - Professors claim passive cooling breakthrough via plastic film (economist.com)

charlesj68 writes: An article in the Economist discusses the development of a plastic film by two professors at the University of Colorado in Boulder that provides a passive cooling effect. The film contains embedded glass beads that absorb and emit infrared in a wavelength that is not blocked by the atmosphere. Combining this with half-silvering to keep the sun from being the source of infrared absorption on the part of the beads, and you have way of pumping heat at a claimed rate of 93 watts per square meter.
Actual paper in Science: http://science.sciencemag.org/...
Original research by others in Nature: http://www.nature.com/nature/j...

Submission + - World's Largest Spam Botnet Adds DDoS Feature (bleepingcomputer.com)

An anonymous reader writes: Necurs, the world's largest spam botnet with nearly five million infected bots, of which one million active each day, has added a new module that can be used for launching DDoS attacks. The sheer size of the Necurs botnet, even in its worst days, dwarfs all of today's IoT botnets, who barely managed to reach 400,000 (albeit the owner of that botnet has now been arrested).

If this new feature would ever to be used, a Necurs DDoS atack would easily break every DDoS record there is. Fortunately, no such attack has been seen until now. Until now, the Necurs botnet has been seen spreading the Dridex banking trojan and the Locky ransomware. According to industry experts, there's a low chance to see the Necurs botnet engage in DDoS attacks because the criminal group behind the botnet is already making too much money to risk exposing their full infrastructure in DDoS attacks.

Submission + - Security lapse exposed New York airport's critical servers for a year (zdnet.com)

An anonymous reader writes: A security lapse at a New York international airport left its server backups exposed on the open internet for almost a year, ZDNet has found.

Khalil Sehnaoui, founder of Krypton Security, and Brad "Renderman" Haines, a hacker and security researcher, analyzed the password file and a network schematic found among the files to determine the reach of a potential attacker.

"The password file would give us full access to every component of the internal network," said Sehnaoui.

But in the wrong hands, it could also be used to issue valid boarding passes to people on the "no-fly" list, a government watchlist that prevents possible terrorists from boarding flights, he said.

"You could access the database of travelers and know who is going where and when, and get a list of the passenger's data, such as names and passport numbers," said Haines.

Or, worst case scenario, hackers could shut down airport operations, stranding passengers on the ground, the researchers say.

Submission + - Malaysian Police: VX nerve gas killed N Korea leader's brother in airport attack (reuters.com)

An anonymous reader writes: Malaysian police have announced their finding that Kim Jong Nam, half-brother of North Korean leader Kim Jon Un, was killed by assassins using VX nerve gas in an attack in the busy Kuala Lumpur airport. Malaysian authorities plan to decontaminate the airport and other sites visited by the attackers. Police are holding the two female attackers, one of whom was affected by the chemical agent, as well as two other men. They are seeking seven more North Koreans connected to the case. VX is the most toxic of the nerve gasses and the UN has declared it a weapon of mass destruction. The manufacture and stockpiling of more than 100 grams of VX per year is prohibited by the Chemical Weapons Convention of 1993. It has no commercial uses. The Malaysian police are trying to discover if it was smuggled into their country, or manufactured there. The Malaysian government has recalled its ambassador to North Korea for consultation. North Korea is blaming the death of Kim Jong Nam on Malaysia. North Korea is believed to have major stockpiles of chemical weapons, and is alleged to conduct experiments on prisoners and social undesirables.

Submission + - Film studios seek to block Australians from acessing 41 pirate websites (computerworld.com.au)

angry tapir writes: A group of film studios is undertaking what is set to be the most significant use so far of Australia's anti-piracy laws, which allow rights holders to apply for court orders that can compel ISPs to block their customers from accessing certain piracy-linked sites. A pair of rights holders last year successfully obtained court orders forcing Australia's most popular ISPs to block a handful of sites including The Pirate Bay. Now Village Roadshow wants to have 41 more sites blocked

Submission + - Postgres Vision Announces Call for Papers

RaDag writes: Share your story about Postgres and innovation in open source data management at Postgres Vision, to be held June 26-28 in Boston. The deadline to submit is March 17, 2017. The call for papers seeks individual presentations and panel discussions for the open source community and developer tracks.
Practitioners are encouraged to submit proposals on such Postgres and related topics as successful enterprise deployments; data integration projects; cloud projects; best practices; continuous development and DevOps; development efforts with open source; and favorite features or capabilities. Click here for more details.

Submission + - Study Reveals Bot-On-Bot Editing Wars Raging On Wikipedia's Pages (theguardian.com)

An anonymous reader writes: A new study from computer scientists has found that the online encyclopedia is a battleground where silent wars have raged for years. Since Wikipedia launched in 2001, its millions of articles have been ranged over by software robots, or simply “bots," that are built to mend errors, add links to other pages, and perform other basic housekeeping tasks. In the early days, the bots were so rare they worked in isolation. But over time, the number deployed on the encyclopedia exploded with unexpected consequences. The more the bots came into contact with one another, the more they became locked in combat, undoing each other’s edits and changing the links they had added to other pages. Some conflicts only ended when one or other bot was taken out of action. The findings emerged from a study that looked at bot-on-bot conflict in the first ten years of Wikipedia’s existence. The researchers at Oxford and the Alan Turing Institute in London examined the editing histories of pages in 13 different language editions and recorded when bots undid other bots’ changes. While some conflicts mirrored those found in society, such as the best names to use for contested territories, others were more intriguing. Describing their research in a paper entitled Even Good Bots Fight in the journal Plos One, the scientists reveal that among the most contested articles were pages on former president of Pakistan Pervez Musharraf, the Arabic language, Niels Bohr and Arnold Schwarzenegger. One of the most intense battles played out between Xqbot and Darknessbot which fought over 3,629 different articles between 2009 and 2010. Over the period, Xqbot undid more than 2,000 edits made by Darknessbot, with Darknessbot retaliating by undoing more than 1,700 of Xqbot’s changes. The two clashed over pages on all sorts of topics, from Alexander of Greece and Banqiao district in Taiwan to Aston Villa football club.

Slashdot Top Deals

"The most important thing in a man is not what he knows, but what he is." -- Narciso Yepes

Working...