Become a fan of Slashdot on Facebook


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - Scientists Discover LEGO Toys Make Good Lab Tools (

buchner.johannes writes: Wearable computing is the next big thing — computing you wear on your body. Building wearable electronics requires stretchable electronics and testing such candidate materials requires a $50,000 lab device that stretches the device reliably and accurately. Instead, Austrian PhD student Richard Moser built a device from LEGO (has video which achieves the same performance (but does not extend to high forces). He open-sourced his plans and published his results in Advanced Science. He is not alone in using LEGO for science.

Submission + - Human Exploration of Planets cheaper than sending Robots (

buchner.johannes writes: Putting humans on Mars will get you more bang for the buck, according to a new analysis by the Director of the UCL/Birkbeck Centre for Planetary Science and Astrobiology. Humans are simply better at complex tasks like drilling, while robots have a difficult time just navigating through the rugged terrain, and can thus cover less ground. Small, autonomous, cheap and very intelligent rovers have thus not become a reality — instead the size (and cost) of robots has steadily increased, contrary to Moore-law-like predictions. The autonomous navigation is a hard problem that is not easily solved technically. The article compares the cost of the Apollo missions and the Mars Science Laboratory in detail to illustrate the comparison of human vs. robotic exploration programs. The original article (PDF) also notes that human space-flight benefits from non-scientific motivations, which can further increase the available budget.

Submission + - Btrfs becomes stable, releases v3.12 1

buchner.johannes writes: Btrfs is the next-gen filesystem for Linux, likely to replace ext3 and ext4 in coming years and filling the space between ZFS and Reiser4. Btrfs offers many compelling new features but development has been a long time coming in the "unstable" status leaving many users unsure whether to entrust their data to. Since August, their web page declares Btrfs as stable. Have you tried it since? What has been your experience with Btrfs? Fedora users probably are already using it on a daily basis.

Submission + - My primary work is

buchner.johannes writes: My primary work is
  [a] developing software for a company
  [b] developing software for a research institute
  [c] research
  [d] management or consulting (not coding)
  [e] I'm unemployed
  [f] something else

Submission + - WebM license made GPL and Apache compatible (

buchner.johannes writes: Google updated its licensing terms for WebM, which is now a pure BSD license, with a standalone patent grant.

Using patent language borrowed from both the Apache and GPLv3 patent clauses, in this new iteration of the patent clause we've decoupled patents from copyright, thus preserving the pure BSD nature of the copyright license. This means we are no longer creating a new open source copyright license, and the patent grant can exist on its own.

Here is the WebM license FAQ. Time to make a GPLv3 fork?

Submission + - Ethics of producing Non-malicious Malware 2

buchner.johannes writes: I was fed up with the general consent that Linux is oh-so-secure and has no malware. After a week of work, I finished a package of malware for Unix/Linux. Its whole purpose is to help whitehat hackers point out that the system can be turned into a botnet client, by simply downloading BOINC and attaching it to my user account, helping scientific projects. It does not exploit any security holes, but loose security configurations and mindless execution of unverified downloads: I tested it to be injected by a PHP script (even circumventing safemode), so that the web server runs it, hell I even got a proxy server that injects it into shell scripts and Makefiles in tarballs on the fly, and adds onto windows executable for execution in wine (Z: is /). If executed by the user, it can persist itself in cron, bashrc and other files. The aim of the exercise was to provide a payload so security people can 'pwn' systems to show security holes, without doing harm (such as deleting files or disrupting normal operation).
But now I have a problem: I am unsure of whether it is ethically ok to release this toolkit, which, by ripping out the BOINC payload and putting in something really evil, can be turned into proper Linux malware. On the one hand, the way it persists itself in autostart is really nasty, and that is not really a security hole that can be fixed. On the other hand, such a script can be written by anyone else too, and it would be useful to show people why you need SELinux on a server, and why verifying the source of downloads (checksums through trusted channels) is necessary.
Technically, it is a nice piece, but should I release it? I don't want to turn the Linux desktop into Windows, hence I'm slightly leaning towards not releasing it. What does your ethics say about releasing such grayware?

Slashdot Top Deals

Genetics explains why you look like your father, and if you don't, why you should.