Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - LastPass Bugs Allow Malicious Websites to Steal Passwords (bleepingcomputer.com)

An anonymous reader writes: LastPass patched three bugs that affected the Chrome and Firefox browser extensions, which if exploited, would have allowed a third-party to extract passwords from users visiting a malicious website. All bugs were reported by Google security researcher Tavis Ormandy, and all allowed the theft of user credentials, one bug affecting the LastPass Chrome extension, while two impacted the LastPass Firefox extension [1, 2].

The exploitation vector was malicious JavaScript code that could be very well hidden in any online website, owned by the attacker or via a compromised legitimate site.

Submission + - GNOME 3.24 Linux desktop environment is here (betanews.com)

BrianFagioli writes: Today, GNOME reaches version 3.24, code-named "Portland." While it looks great, it is hardly a monumental change. Moving from 3.22, we see some new features and applications, but on the UI front, there are improved icons too. In fact, they have doubled from 256×256px to 512×512px! Not only can these icons scale larger, but they are more vibrant and intricate too. Overall, there are many new aspects of GNOME to excite fans.

"Night Light is one of the new features being introduced in this release. This subtly changes the screen color according to the time of day, which can help to reduce sleeplessness if you use your computer at night. Another new feature that will make a lot of users happy is the incorporation of weather information into the notifications area. This shows a simple summary of the day’s weather, and links to the Weather application", says The GNOME Foundation

Submission + - 17,000 AT&T Workers Go On Strike In California and Nevada (fortune.com)

An anonymous reader writes: Approximately 17,000 workers in AT&T's traditional wired telephone business in California and Nevada walked out on strike on Wednesday, marking the most serious labor action against the carrier in years. The walkout—formally known as a grievance strike—occurred after AT&T changed the work assignments of some of the technicians and call center employees in the group, the Communications Workers of America union said. The union would not say how long the strike might last. A contract covering the group expired last year and there has been little progress in negotiations over sticking points like the outsourcing of call center jobs overseas, stagnant pay, and rising health care costs. The union said it planned to file an unfair labor charge with the National Labor Relations Board over the work assignment changes. "A walkout is not in anybody’s best interest and it's unfortunate that the union chose to do that," an AT&T spokesman told Fortune. "We're engaged in discussion with the union to get these employees back to work as soon as possible."

Submission + - 'Dig Once' Bill Could Bring Fiber Internet To Much of the US (arstechnica.com)

An anonymous reader writes: If the U.S. adopts a "dig once" policy, construction workers would install conduits just about any time they build new roads and sidewalks or upgrade existing ones. These conduits are plastic pipes that can house fiber cables. The conduits might be empty when installed, but their presence makes it a lot cheaper and easier to install fiber later, after the road construction is finished. The idea is an old one. U.S. Rep. Anna Eshoo (D-Calif.) has been proposing dig once legislation since 2009, and it has widespread support from broadband-focused consumer advocacy groups. It has never made it all the way through Congress, but it has bipartisan backing from lawmakers who often disagree on the most controversial broadband policy questions, such as net neutrality and municipal broadband. It even got a boost from Rep. Marsha Blackburn (R-Tenn.), who has frequently clashed with Democrats and consumer advocacy groups over broadband—her "Internet Freedom Act" would wipe out the Federal Communications Commission's net neutrality rules, and she supports state laws that restrict growth of municipal broadband. Blackburn, chair of the House Communications and Technology Subcommittee, put Eshoo's dig once legislation on the agenda for a hearing she held yesterday on broadband deployment and infrastructure. Blackburn's opening statement (PDF) said that dig once is among the policies she's considering to "facilitate the deployment of communications infrastructure." But her statement did not specifically endorse Eshoo's dig once proposal, which was presented only as a discussion draft with no vote scheduled. The subcommittee also considered a discussion draft that would "creat[e] an inventory of federal assets that can be used to attach or install broadband infrastructure." Dig once legislation received specific support from Commerce Committee Chairman Greg Walden (R-Ore.), who said that he is "glad to see Ms. Eshoo’s 'Dig Once' bill has made a return this Congress. I think that this is smart policy and will help spur broadband deployment across the country."

Submission + - Firefox for Linux is now Netflix compatible (betanews.com)

BrianFagioli writes: For a while, Netflix was not available for traditional Linux-based operating systems, meaning users were unable to enjoy the popular streaming service without booting into Windows. This was due to the company's reliance on Microsoft Silverlight. Since then, Netflix adopted HTML5, and it made Google Chrome and Chromium for Linux capable of playing the videos. Unfortunately, Firefox — the open source browser choice for many Linux users — was not compatible. Today this changes, however, as Mozilla's offering is now compatible with Netflix!

"About four years ago, we shared our plans for playing premium video in HTML5, replacing Silverlight and eliminating the extra step of installing and updating browser plug-ins. Since then, we have launched HTML5 video on Chrome OS, Chrome, Internet Explorer, Safari, Opera, Firefox, and Edge on all supported operating systems. And though we do not officially support Linux, Chrome playback has worked on that platform since late 2014. Starting today, users of Firefox can also enjoy Netflix on Linux. This marks a huge milestone for us and our partners, including Google, Microsoft, Apple, and Mozilla that helped make it possible," says Netflix.

Submission + - A new definition would add 102 planets to our solar system — including Plu (washingtonpost.com)

The Grim Reefer writes: Is Pluto a planet?

It's not a question scientists ask in polite company.

“It's like religion and politics,” said Kirby Runyon, a planetary scientist at Johns Hopkins University. “People get worked up over it. I've gotten worked up over it.”

For years, astronomers, planetary scientists and other space researchers have fought about what to call the small, icy world at the edge of our solar system. Is it a planet, as scientists believed for nearly seven decades? Or must a planet be something bigger, something more dominant, as was decided by vote at the International Astronomical Union (IAU) in 2006?

The issue can bring conversations to a screeching halt, or turn them into shouting matches. “Sometimes,” Runyon said, “it's just easier not to bring it up.”

But Runyon will ignore his own advice this week when he attends the annual Lunar and Planetary Science Conference in Houston. In a giant exhibit hall crowded with his colleagues, he's attempting to reignite the debate about Pluto's status with an audacious new definition for planet — one that includes not just Pluto, but several of its neighbors, objects in the asteroid belt, and a number of moons. By his count, 102 new planets could be added to our solar system under the new criteria.

Submission + - Researchers teach self-driving cars to 'see' better at night (sciencemag.org)

sciencehabit writes: Today’s autonomous cars can already harness the power of artificial intelligence (AI) software to drive from Los Angeles, California, to New York City without any human input, as long as it’s a sunny day. They still struggle to spot a stop sign in the rain after all. Now, researchers say they are on the cusp of giving self-driving cars the ability to read road signs in all sorts of weather and light conditions, an AI advance that brings the vehicles one step closer to being safe enough for everyday people to operate.

Submission + - Burglars Can Easily Make Google Nest Security Cameras Stop Recording (helpnetsecurity.com)

Orome1 writes: Google Nest’s Dropcam, Dropcam Pro, Nest Cam Outdoor and Nest Cam Indoor security cameras can be easily disabled by an attacker that’s in their Bluetooth range. The vulnerabilities are present in the latest firmware version running on the devices (v5.2.1). They were discovered by researcher Jason Doyle last fall, and their existence responsibly disclosed to Google, but have still not been patched.

Submission + - Google to Remove Chrome "Close Other Tabs" & "Close Tabs to the Right" Optio (bleepingcomputer.com)

An anonymous reader writes: Chrome engineers are planning to remove two menu options from Chrome that allow users to quickly close a large number of tabs with just a few clicks. The options, named "Close other tabs" and "Close tabs to the right" reside in the menu that appears when a user right-clicks on a Chrome tab.

Google said it's removing the options to declutter Chrome's UI and slim down the menu. Usage stats show the menu options are rarely used. Plans to remove the two options were set in motion years before, but only recently Google moved on the issue. A complex keyboard/mouse shortcut [GIF] routine has been provided to replace the functionality of the two menu options.

Submission + - New Technology Combines Lip Motion And Passwords For User Authentication (bleepingcomputer.com)

An anonymous reader writes: Scientists from the Hong Kong Baptist University (HKBU) have developed a new user authentication system that relies on reading lip motions while the user speaks a password out loud. Called "lip password" the system combines the best parts of classic password-based systems with the good parts of biometrics.

The system relies on the uniqueness of someone's lips, such as shape, texture, and lip motions, but also allows someone to change the lip motion (password), in case the system ever gets compromised. Other biometric solutions, such as fingerprints, iris scans, and facial features, become eternally useless once compromised.

Submission + - Windows 10 will download some updates even over a metered connection

AmiMoJo writes: Until now Windows 10 has allowed users to avoid downloading updates over metered (pay-per-byte) connections, to avoid racking up huge bills. Some users were setting their ethernet/wifi connections as metered in order to prevent Windows 10 from downloading and installing updates without their permission. In its latest preview version of the OS, Microsoft is now forcing some updates necessary for "smooth operation" to download even on these connections. As well as irritating users who want to control when updates download and install, users of expensive pay-per-byte connections could face massive bills.

Submission + - Former IT Admin Accused of Leaving Backdoor Account, Accessing It 700+ Times (bleepingcomputer.com)

An anonymous reader writes: An Oregon sportswear company is suing its former IT administrator, alleging he left backdoor accounts on their network and used them more than 700 times to search for information for the benefit of its new employer.

Court papers reveal the IT admin left to be the CTO at one of the sportswear company's IT suppliers after working for 14 years at his previous employer. For more than two years, he's been using an account he created before he left to access his former colleague's emails and gather information about the IT services they might need in the future. The IT admin was fired from his CTO job after his new employer found out what he was doing.

Submission + - Ask Toolbar Network Compromised Twice in Two Months (bleepingcomputer.com)

An anonymous reader writes: The Ask Partner Network (APN) was compromised for the second time in two months, as crooks found a way to deliver malware to computers running the Ask.com Toolbar. The first attack took place at the end of October and start of November 2016, while the second took place in December, just after APN cleaned its network.

Both incidents [1, 2] were similar, as attackers found a way to breach the APN network and hijack the Ask Toolbar update process, pointing users to a malicious file, which resulted in the installation of malware on affected computers. The malware used in the second attack was signed by the certificate APN issued after the first attack, which means the attackers maintained a foothold on APN’s network after engineers cleaned servers after the first attack. This time around, APN appears to have done a better job, as no malicious activity was detected from APN's network in the past three months.

Slashdot Top Deals

"When the going gets tough, the tough get empirical." -- Jon Carroll

Working...