Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment BackBlaze (Score 2) 983

BackBlaze offers unlimited backup storage for home users for around $5/mo - encrypted with asymmetric keys. I've got about 750 GB on there myself, works great. Although they may not *like* you backing up 20 TB of stuff, they should accept it. And, if they don't, you're about back five bucks. Probably worth a try.

Comment Why the Hate? (Score 1) 190

As a web developer, I'm quite excited for Google Dart and am interested in seeing where it leads; I'm not sure what's with all the bashing about it, except out of pure ignorance. Javascript is a very useful and neat, but rather strange language, riddled with tricks, "gotchas", and downright strange behavior. I do use it on a daily basis, and I've learned to love it (the NPM ecosystem is wonderful), but I wouldn't go so far to call it a good language in and of itself. That's why things like Typekit and Coffeescript exist. Dart looks like it'll bring more structured programming into the web (along with some performance gains). I've not yet jumped into it - learning Python at the moment - but am excited to do so, and I think it has potential.

Comment Re:A toxic post (Score 1) 178

Feel that burning rage that makes you want to pound the keyboard and mod me down? Free speech working as intended.

Mods might possibly want to do so, because your comment is blatant flamebait (as I see it). If you feel the need to dare the mods to downvote you, you may want to considering saying something else, or not saying anything at all.

"-1: Post disagrees with my already-settled worldview" may not to an option, but "-1: Flamebait" is.

Comment Let me get that for you... (Score 4, Informative) 245

It seems like the vast majority of people started flaming without reading the author's comment, so here it is:

Dear Ars readers,

As a journalist for more than 17 years, I have never written a spoof story for April Fool's Day or any other holiday. I certainly had no intention of doing so with this article. It's completely coincidental that this story ran today, on Halloween.

The ninth paragraph of my article reads:

"At times as I've reported this story, its outline has struck me as the stuff of urban legend, the advanced persistent threat equivalent of a Bigfoot sighting. Indeed, Ruiu has conceded that while several fellow security experts have assisted his investigation, none has peer reviewed his process or the tentative findings that he's beginning to draw."

Here and elsewhere in the post, I have tried to make clear that many of the details of this article sounded far-fetched to me. They still do. I have also tried to be transparent that no one has independently corroborated Ruiu's findings. That said, these same details have been publicly available for more than two weeks, and a large number of Ruiu's peers find them believable.

I decided to resolve this conflict between my own skepticism and the reaction of Ruiu's fellow security researchers by reporting accurately what all of them said and making clear that so far no one has peer reviewed Ruiu's research process or findings.

I have no doubt that researchers will pore over every laptop and USB drive Ruiu makes available and independently arrive at their own conclusions. I fully intend to report whatever they find. If they find no evidence to support Ruiu's account, Ars readers will be among the first to know.


Dan Goodin

Comment Re:Article is likely innaccurate on one point (Score 1) 245

That, or, as one Ars commenter suggested, he was infected accidentally. If that is the case, I would not be surprised if the malware he is running into is a sponsored by some state - the complexity of it suggests and organization with means. If that state was our lovely US of A, I would not put it past the NSA to mandate backdoors be built in operating systems. Now, this would obviously be trickier (I'd say impossible) to hide in open source systems like Linux or BSD, but he mentioned that the laptop was a Windows laptop.

Submission + - The Mysterious Malware that Jumps Airgaps

Hugh Pickens DOT Com writes: Dan Goodwin writes at Ars Technica about a rootkit that seems straight out of a science-fiction thriller. According to security consultant Dragos Ruiu one day his MacBook Air, on which he had just installed a fresh copy of OS X, spontaneously updated the firmware that helps it boot. Stranger still, when Ruiu then tried to boot the machine off a CD ROM, it refused and he also found that the machine could delete data and undo configuration changes with no prompting. Next a computer running the Open BSD operating system also began to modify its settings and delete its data without explanation or prompting and further investigation showed that multiple variants of Windows and Linux were also affected. But the story gets stranger still. Ruiu began observing encrypted data packets being sent to and from an infected laptop that had no obvious network connection with—but was in close proximity to—another badBIOS-infected computer. The packets were transmitted even when the laptop had its Wi-Fi and Bluetooth cards removed. Ruiu also disconnected the machine's power cord so it ran only on battery to rule out the possibility it was receiving signals over the electrical connection. Even then, forensic tools showed the packets continued to flow over the airgapped machine. Then, when Ruiu removed internal speaker and microphone connected to the airgapped machine, the packets suddenly stopped. With the speakers and mic intact, Ruiu said, the isolated computer seemed to be using the high-frequency connection to maintain the integrity of the badBIOS infection as he worked to dismantle software components the malware relied on. It's too early to say with confidence that what Ruiu has been observing is a USB-transmitted rootkit that can burrow into a computer's lowest levels and use it as a jumping off point to infect a variety of operating systems with malware that can't be detected. It's even harder to know for sure that infected systems are using high-frequency sounds to communicate with isolated machines. But after almost two weeks of online discussion, no one has been able to rule out these troubling scenarios, either. "It looks like the state of the art in intrusion stuff is a lot more advanced than we assumed it was," says Ruiu. "The take-away from this is a lot of our forensic procedures are weak when faced with challenges like this. A lot of companies have to take a lot more care when they use forensic data if they're faced with sophisticated attackers."

Comment Monitoring? (Score 1) 429

We're also putting in place tools and processes to aggressively monitor and identify parts of where individuals are encountering errors or having difficulty using the site

So... they didn't already have such a system in place? My faith has been completely restored in the competency of their developers...

Comment Re:Interesting psychological experiment (Score 2) 71

Plain ol' physics can be intuitive enough at times - our brains have not evolved to understand it at all, merely to survive. A very basic example is that the mass of an object does not change its rate of deceleration due to friction. F = ma, Force of friction = mgcos(theta), therefore mgcos(theta) = ma and gcos(theta) = ma. Another is that, despite what is seen in films, a swinging object is more likely to fall at the bottom of its path than the top. I would be very, very, very surprised if there was a game that could make a concept that goes far beyond such basics intuitive to the average person.

Comment Re:Shuttleworth works for the NSA (Score 1) 414

Just because someone works in a country, does not mean they hold every political ideology that that country holds. I happen to live and work in America, but that does not mean that I agree with the government's apparent desire to become a surveillance state, nor does that make me (I hope!) a pro-censorship, nationalistic extremist.

Comment Re:Obligatory (Score 1) 43

Not sure where that's coming from. The quotations would indicate it's from a 3rd party source, but Google could not find that quote... "Qualcomm chief technology officer Matt Grob said by next year, the company and its partners would design and manufacture neural processing units (NPUs) which function in a completely different manner to current processors." Itnews.

Slashdot Top Deals

I have a very small mind and must live with it. -- E. Dijkstra