Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - SPAM: No Such lAbs Release Auditable Hardware True RNG

MrBingoBoingo writes: No Such lAbs has released their first hardware product the FUCKGOATS, an auditable way to fertilize your entropy pool. FUCKGOATS is an auditable True Random Number Generator suitable for use with workstations, servers, or any other hardware (such as a doomsday device), if the hardware in question is capable of taking a serial bit stream (via RS-232-to-USB converter, or directly, or by whatever other means such as a CAN bus). You can use it to feed your /dev/random pool, for instance. No Such lAbs also operates Phuctor, the RSA Super Collider.

Submission + - British Film Institute To Digitize 100,000 Old TV Shows Before They Disappear (bbc.com)

An anonymous reader writes: Thousands of British TV programs are to be digitized before they are lost forever, the British Film Institute says. Anarchic children's show Tiswas and The Basil Brush Show are among the programs in line for preservation. The initiative was announced as part of the BFI's five-year strategy for 2017-2022. "Material from the 70s and early 80s is at risk," said Heather Stewart, the BFI's creative director. "It has a five or six-year shelf life and if we don't do something about it will just go, no matter how great the environment is we keep it in. "Our job is make sure that things are there in 200 years' time." The BFI has budgeted $14.3 million of Lottery funding towards its goal of making the UK's entire screen heritage digitally accessible. This includes an estimated 100,000 of the "most at-risk" British TV episodes and clips held on obsolete video formats. The list includes "early children's programming, little-seen dramas, regional programs and the beginnings of breakfast television." The issue for the BFI, Ms Stewart added, was also to do with freeing up storage space. "We have a whole vault which is wall-to-wall video. If we digitized it, it would be in a robot about the size of a wardrobe," she said.

Submission + - Is This Year's Dicamba Drift Problem Getting Understated In The News

MrBingoBoingo writes: Since Monsanto released their new generation of Dicamba resistant soybeans to farmers earlier this year, reports have been emerging of the volatile herbicide causing substantial collateral damage as it vaporizes and drifts. Recently the damage this drift has done to orchards and stands of trees has been acknowledged. With all the fuss that gets raised about GMOs in general, why is an actual agricultural disaster getting so little substantive coverage as it unfolds?

Submission + - Soros, the Open Society Foundations, and the Continued Political Hacks (riskbasedsecurity.com)

jkouns writes: A website called DC Leaks published internal data about the Open Society Foundations, an organization run by George Soros. The bulk of the data, which totals 1.51GB and is spread across 2,576 files. The DC Leaks website allows visitors to view the data and even offers a search function that has indexed the Soros leak to some extent. In the Soros leak there are interesting mentions about drones over 15 documents. The documents appear to show some of the intentions and contributing ideas made by the Open Society Foundations into accountability surrounding drone use by the United States military.

Submission + - PGP Short-ID Collision Attacks Continued, Now Targeted Linus Torvalds

An anonymous reader writes: Enrico Zini wrote:

There are currently at least 3 ways to refer to a GPG key: short key ID (last 8 hex digits of fingerprint), long key ID (last 16 hex digits) and full fingerprint. The short key ID used to be popular, and since 5 years it is known that it is computationally easy to generate a GnuPG key with an arbitrary short key id.

LWN.net wrote in June 3, 2016:

Gunnar Wolf urges developers to stop using "short" PGP key IDs as soon as possible. The impetus for the advice originates with Debian's Enrico Zini, who recently found two keys sharing the same short ID in the wild.

After contacted the owner, it turned out that one of the keys is a fake. In addition, labelled same names, emails, and even signatures created by more fake keys. Weeks later, more developers found their fake "mirror" keys on the keyserver, including the PGP Global Directory Verification Key. Gunnar Wolf wrote:

We don't know who is behind this, or what his purpose is. We just know this looks very evil.

Now, a fake key (fake: 0x6211aa3b00411886, real: 0x79be3e4300411886) of Linus Torvalds was found in the wild, scroll the page and you'll two of them. It looked like that every single key from the Linux kernel community have been forged successfully, another example is Greg Kroah-Hartman (fake:0x27365dea6092693e, real: 0x38dbbdc86092693e). LWN reader "rmayr" commented:

so it seems somebody is actually constructing a database of fake keypairs with "well-known" short IDs. Something is going on here...

Submission + - Researchers orbit a muon around an atom, confirm physics models are broken (arstechnica.com)

schwit1 writes: The proton's charge radius shouldn't change, and yet it appears to.

This “proton radius puzzle” suggests there may be something fundamentally wrong with our physics models. And the researchers who discovered it have now moved on to put a muon in orbit around deuterium, a heavier isotope of hydrogen. They confirm that the problem still exists, and there's no way of solving it with existing theories.

Submission + - PGP Key of President of the Muslim Association of Puget Sound Trivially Factored

An anonymous reader writes: One of seven keys recently found to be trivially factorable by the Phuctor belongs to Mahmood Khadeer, President of the Muslim Association of Puget Sound. Khadeer's key and the others appear to have been generated with PGP software that utilized a null random number generator based on the way they were factored.

Submission + - Germany's Energiewende: The problems remain (thebulletin.org)

Dan Drollette writes: Wanna know why certain American fossil fuel tycoons (who shall remain nameless) are so hostile to fighting climate change? Just look at what happened to the big utility companies and the large, energy-intensive heavy industries of Germany after its "Energiewende" kicked in—they are "on the brink of dissolution" from that country's embrace of renewable energy, says the author of this piece, who used to work for German utilities as their renewables go-to person.

Submission + - Argentina And Monsanto Fight Over Patents

An anonymous reader writes: Monsanto has embargoed Argentina from receiving new soybean technologies marketed by the company after the Argentine government insisted it had the sole right to demand the inspection of exports leaving the country. Monsanto has been pressuring export and shipping companies to enforce their patent royalty collection, while the Argentine government insist it holds the sole right to approve and order inspections. This patent battle is looking like it might tip to Argentina's favor given the disappointing nature of Monsanto's upcoming RoundUp Ready XTend(TM)(R) Glyphosate+Dicamba crop system.

Submission + - Argentina And Monsanto Fight Over Patents 1

An anonymous reader writes: Monsanto has embargoed Argentina from receiving new soybean technologies marketed by the company after the Argentine government insisted it had the sole right to demand the inspection of exports leaving the country. Monsanto has been pressuring export and shipping companies to enforce their patent royalty collection, while the Argentine government insist it holds the sole right to approve and order inspections. This patent battle is looking like it might tip to Argentina's favor given the disappointing nature of Monsanto's upcoming RoundUp Ready XTend(TM)(R) Glyphosate+Dicamba crop system.

Submission + - 60% of Android Phones Still Vulnerable to Months-Old TrustZone Bug

Trailrunner7 writes: A serious vulnerability in many versions of Android that allows an attacker to gain complete control of the target phone by exploiting an app in the secure portion of the operating system still affects about 60 percent of enterprise Android devices, even though a patch was released in January.

The vulnerability is in some software from Qualcomm and the attack would require that a user install a malicious app. Once the app is installed, the attacker would be able to exploit the flaw in Qualcomm’s Secure Execution Environment to eventually gain complete control of the underlying Linux kernel. The QSEE is a trusted portion of the Android operating system in which trusted apps interact with trusted memory and hardware. Under normal circumstances, code from the untrusted portion of the OS shouldn’t be allowed to run code in the QSEE. The vulnerability, combined with some other conditions, allows this to happen.

Submission + - Debian Fork Devuan Beta Released (unixmen.com)

pirat9 writes: A beta release of the Devuan Linux distro has made it into the world after two years in development. Devuan is a very Debian-ish distro. In fact, it basically is Debian, with one notable absence. Devuan doesn’t use systemd. In fact, that’s its main claim to fame. Devuan was created to offer an alternative to Debian fans who were alienated by the controversial switch to systemd.

Submission + - Asl Slashdot: How Hard Is It To Have a Smart Home That's Not 'In The Cloud'? 1

An anonymous reader writes: It's beginning to seem like everything related to home (and much other) automation is basically remote control 'in the cloud' feeding information about you to somebody's advertising system. In principle, this should not be the case, but it is in practice. So how hard is it, really, to do 'home automation' without sending all your data to Google, Samsung, or whoever — just keep it to yourself and share only what you want to share? How hard would it be, for instance, to hack a Nest thermostat so it talks to a home server rather than Google? Or is there something already out there that would do the same thing as a Nest but without 'the cloud' as part of the requirement? Yes, a standard programmable thermostat does 90% of what a Nest does, but there are certain things that it won't do like respond to your comings and goings at odd hours, or be remotely switchable to a different mode (VPN to your own server from your phone and deal with it locally, perhaps?). Fundamentally, is there a way to get the convenience and not expose my entire life and home to unknown actors who by definition (read the terms of service) do not have my best interest in mind?

Submission + - New Surveillance System May Let Cops Use All of the Cameras (wired.com)

An anonymous reader writes: The system, which is just a proof of concept, alarms privacy advocates who worry that prudent surveillance could easily lead to government overreach, or worse, unauthorized use. It relies upon two tools developed independently at Purdue. The Visual Analytics Law Enforcement Toolkit superimposes the rate and location of crimes and the location of police surveillance cameras. CAM2 reveals the location and orientation of public network cameras, like the one outside your apartment. You could do the same thing with a search engine like Shodan, but CAM2 makes the job far easier, which is the scary part. Aggregating all these individual feeds makes it potentially much more invasive.

Submission + - Google Appeals French Order For Global 'Right To Be Forgotten' (reuters.com)

An anonymous reader writes: Alphabet Inc's Google appealed on Thursday an order from the French data protection authority to remove certain web search results globally in response to a European privacy ruling, escalating a fight on the extra-territorial reach of EU law. In May 2014, the European Court of Justice (ECJ) ruled that people could ask search engines, such as Google and Microsoft's Bing, to remove inadequate or irrelevant information from web results appearing under searches for people's names — dubbed the "right to be forgotten." Google complied, but it only scrubbed results across its European websites such as Google.de in Germany and Google.fr in France, arguing that to do otherwise would set a dangerous precedent on the territorial reach of national laws. The French regulator, the Commission Nationale de l'Informatique et des Libertes (CNIL), fined Google 100,000 euros ($112,150.00) in March for not delisting more widely, arguing that was the only way to uphold Europeans' right to privacy. The company filed its appeal of the CNIL's order with France's supreme administrative court, the Council of State.

Slashdot Top Deals

If you can't understand it, it is intuitively obvious.

Working...