Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - Postgres Vision Announces Call for Papers

RaDag writes: Share your story about Postgres and innovation in open source data management at Postgres Vision, to be held June 26-28 in Boston. The deadline to submit is March 17, 2017. The call for papers seeks individual presentations and panel discussions for the open source community and developer tracks.
Practitioners are encouraged to submit proposals on such Postgres and related topics as successful enterprise deployments; data integration projects; cloud projects; best practices; continuous development and DevOps; development efforts with open source; and favorite features or capabilities. Click here for more details.

Submission + - Study Reveals Bot-On-Bot Editing Wars Raging On Wikipedia's Pages (theguardian.com)

An anonymous reader writes: A new study from computer scientists has found that the online encyclopedia is a battleground where silent wars have raged for years. Since Wikipedia launched in 2001, its millions of articles have been ranged over by software robots, or simply “bots," that are built to mend errors, add links to other pages, and perform other basic housekeeping tasks. In the early days, the bots were so rare they worked in isolation. But over time, the number deployed on the encyclopedia exploded with unexpected consequences. The more the bots came into contact with one another, the more they became locked in combat, undoing each other’s edits and changing the links they had added to other pages. Some conflicts only ended when one or other bot was taken out of action. The findings emerged from a study that looked at bot-on-bot conflict in the first ten years of Wikipedia’s existence. The researchers at Oxford and the Alan Turing Institute in London examined the editing histories of pages in 13 different language editions and recorded when bots undid other bots’ changes. While some conflicts mirrored those found in society, such as the best names to use for contested territories, others were more intriguing. Describing their research in a paper entitled Even Good Bots Fight in the journal Plos One, the scientists reveal that among the most contested articles were pages on former president of Pakistan Pervez Musharraf, the Arabic language, Niels Bohr and Arnold Schwarzenegger. One of the most intense battles played out between Xqbot and Darknessbot which fought over 3,629 different articles between 2009 and 2010. Over the period, Xqbot undid more than 2,000 edits made by Darknessbot, with Darknessbot retaliating by undoing more than 1,700 of Xqbot’s changes. The two clashed over pages on all sorts of topics, from Alexander of Greece and Banqiao district in Taiwan to Aston Villa football club.

Submission + - UK Police Arrest Suspect Behind Mirai Malware Attacks on Deutsche Telekom (bleepingcomputer.com)

An anonymous reader writes: German police announced today that fellow UK police officers have arrested a suspect behind a serious cyber-attack that crippled German ISP Deutsche Telekom at the end of November 2016. The attack in question caused over 900,000 routers of various makes and models to go offline after a mysterious attacker attempted to hijack the devices through a series of vulnerabilities.

The attacks were later linked to a cybercrime groups operating a botnet powered by the Mirai malware, known as Botnet #14, which was also available for hire online for on-demand DDoS attacks.

According to a statement obtained by Bleeping Computer from Bundeskriminalamt (the German Federal Criminal Police Office), officers from UK's National Crime Agency (NCA) arrested yesterday a 29-year-old suspect at a London airport. German authorities are now in the process of requesting the unnamed suspect's extradition, so he can stand trial in Germany. Bestbuy, the name of the hacker that took credit for the attacks has been unreachable for days.

Submission + - Website Builder Wix Acquires Art Community DeviantArt For $36 Million (techcrunch.com)

An anonymous reader writes: Wix.com has made another acquisition to build out the tools that it provides to users to build and administer websites: it has acquired DeviantArt, an online community for artists, designers and art/design enthusiasts with some 325 million individual pieces of original art and more than 40 million registered members, for $36 million in cash, including $3 million of assumed liabilities. Wix said that it will continue to operate DeviantArt as a standalone site, but it will also use it to boost its own business in a couple of ways. First, DeviantArt users will get access to Wix’s web design tools to build out more dynamic online presences. These tools do not only cover design, but commerce and other features for running businesses online. Second, Wix will open up DeviantArt’s repository of art and creative community to the Wix platform, giving Wix’s users access to that work to use in their own site building. The deal will also include putting further investment into developing DeviantArt’s desktop and mobile apps. (Today, that desktop experience is based on a very simple, pared-down interface that is reminiscent of the 2000 birthdate of the startup itself.)

Submission + - Valve release SteamVR for Linux (gamingonlinux.com)

JustNiz writes: Valve have put up SteamVR for Linux officially in Beta form and they are keen to stress that this is a development release.
You will need to run the latest Steam Beta Client for it to work at all, so be sure to opt-in if you want to play around with it.
VR on Linux will exclusively use Vulkan, so it's going to be a pretty good push for Vulkan if VR becomes more popular.

Submission + - Cellebrite can now unlock iPhone 6 and 6+ (cyberscoop.com)

Patrick O'Neill writes: A year after the battle between the FBI and Apple over unlocking an iPhone 5s, smartphone cracking company Cellebrite announced it can now unlock the iPhone 6 and 6+ for customers at rates ranging from $1,500 to $250,000. The company's newest products also extract and analyze data from a wide range of popular apps including all of the most popular secure messengers around.

Submission + - A.T.F. Filled Secret Bank Account With Millions From Shadowy Cigarette Sales (nytimes.com)

schwit1 writes: “Working from an office suite behind a Burger King in southern Virginia, operatives used a web of shadowy cigarette sales to funnel tens of millions of dollars into a secret bank account. They weren’t known smugglers, but rather agents from the Bureau of Alcohol, Tobacco, Firearms and Explosives. The operation, not authorized under Justice Department rules, gave agents an off-the-books way to finance undercover investigations and pay informants without the usual cumbersome paperwork and close oversight, according to court records and people close to the operation.”

Laws and rules are for the little people.

Submission + - Don't (For Now) Use Google's New "Perspective" Comment Filtering Tool (vortex.com)

Lauren Weinstein writes: Google has announced (with considerable fanfare) public access to their new “Perspective” comment filtering system API, which uses Google’s machine learning/AI system to determine which comments on a site shouldn’t be displayed due to perceived high spam/toxicity scores. It’s a fascinating effort. And if you run a website that supports comments, I urge you not to put this Google service into production, at least for now.

Submission + - NIST: Cybersecurity Framework Webinars

Presto Vivace writes: Cybersecurity Framework Webinars

This webinar introduces the audience to the Framework for Improving Critical Infrastructure Cybersecurity (“The Framework”). NIST will provide a brief history about why and how the Framework was developed, and an understanding of each of the three primary Framework components (the Core, Implementation Tiers, and Profiles). Participants will gain an understanding of potential benefits of Framework, and how the Framework can be used. NIST will highlight industry resources, progress in Roadmap areas, and future direction of the Framework program. A Q&A session with participants will follow. ... Cybersecurity Framework Update Webinar On January 10, 2017 NIST released proposed updates to the Cybersecurity Framework. This draft Version 1.1 of the Cybersecurity Framework seeks to clarify, refine, and enhance the Framework. Updates were derived from feedback NIST received since publication of Cybersecurity Framework Version 1.0.

Submission + - Ad Blocking Isn't As Widespread As You Yhink

Mickeycaskill writes: Adoption of adblocking software in the UK has remained static at 22 percent, despite widespread concern among online publishers, and even the government, about impact on revenues and the creative industries.

A report believes levels of use could even be lower as 1/5 of respondents to its survey claimed their antivirus software was an adblocker. The Internet Advertising Bureau believes consumers are becoming more aware about the trade off between access to content and viewing ads.

“The continued rise in ad blocking that some predicted simply hasn’t materialised,” said the IAB UK’s CEO Jon Mew. “A key reason is publishers denying access to content to ad blockers which, in effect, has created that ‘lightbulb’ moment for people who realise that they cannot access free content without seeing the advertising that funds it. The industry has worked hard on promoting this ‘value exchange’ and it’s paying off.”

Submission + - First SHA1 Collision (googleblog.com)

ad454 writes: Today, 10 years after of SHA-1 was first introduced, we are announcing the first practical technique for generating a collision. This represents the culmination of two years of research that sprung from a collaboration between the CWI Institute in Amsterdam and Google. We've summarized how we went about generating a collision below. As a proof of the attack, we are releasing two PDFs that have identical SHA-1 hashes but different content.

https://security.googleblog.co...

Submission + - Google has demonstrated a successful practical attack against SHA-1 (googleblog.com)

Artem Tashkinov writes: Ten years after of SHA-1 was first introduced, Google has announced the first practical technique for generating an SHA-1 collision. It required two years of research between the CWI Institute in Amsterdam and Google. As a proof of the attack, Google has released two PDF files that have identical SHA-1 hashes but different content. The amount of computations required to carry out the attack is staggering: nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total which took 6,500 years of CPU computation to complete the attack first phase and 110 years of GPU computation to complete the second phase.

Google says that people should migrate to newer hashing algorithms like SHA-256 and SHA-3, however it's worth noting that there are currently no ways of finding a collision for both MD5 and SHA-1 hashes simultaneously which means that we still can use old proven hardware accelerated hash functions to be on the safe side.

Submission + - Announcing the first SHA1 collision (googleblog.com)

matafagafo writes: Google Security Blog just published

Cryptographic hash functions like SHA-1 are a cryptographer’s swiss army knife. You’ll find that hashes play a role in browser security, managing code repositories, or even just detecting duplicate files in storage. Hash functions compress large amounts of data into a small message digest. As a cryptographic requirement for wide-spread use, finding two messages that lead to the same digest should be computationally infeasible. Over time however, this requirement can fail due to attacks on the mathematical underpinnings of hash functions or to increases in computational power. Today, 10 years after of SHA-1 was first introduced, we are announcing the first practical technique for generating a collision.


Slashdot Top Deals

Today is the first day of the rest of your lossage.

Working...