Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment So... (Score 1) 1

So in other words, it is fine for a gender to be over represented in an industry as long as that overrepresentation is reflected in the applicants. Further to that, could it then be seen as discrimination against a gender when the government promotes industries for the opposite gender? (an example, more women in IT)

Submission + - Turn off location services? Go ahead, says Google, we'll still track you (theregister.co.uk)

schwit1 writes: Google, it seems, is very, very interested in knowing where you are at all times.

Users have been reporting battery life issues with the latest Android build, with many pointing the finger at Google Play – Google's app store – and its persistent, almost obsessive need to check where you are.

It's not clear why Google would insist on its app store having constant access to your location, but the company is very determined about it. Following reports earlier this year that the Google Play app was interfering with other apps' ability to use GPS, Google has updated the software and now makes it impossible to turn off location tracking.

The same is true of Google Maps. Although it makes far more sense for Maps to have access to your location, the latest build doesn't give you the option of turning it off. To do that, you have to turn off GPS on your phone altogether.

In effect, if you use either of Google's two most popular apps – which come pre-loaded with Google's flavor of Android – the company has permanent access to your location unless you turn off the location setting globally.

Submission + - Warner Brothers reports own site as illegal (bbc.com)

An anonymous reader writes: Film studio Warner Brothers has asked Google to remove its own website from search results, saying it violates copyright laws.
It also asked the search giant to remove links to legitimate movie streaming websites run by Amazon and Sky, as well as the film database IMDB.
The request was submitted on behalf of Warner Brothers by Vobile, a company that files hundreds of thousands of takedown requests every month.

Warner Brothers has yet to comment.

BBC News links to https://torrentfreak.com/warne... Warner Bros. is vigorously trying to prevent pirated content from showing up in search results, but in doing so the movie studio has shot itself in the foot. Recently, Warner asked Google to take down several of its own pages, claiming that they are copyright-infringing.

Submission + - First microcomputer software rediscovered after 50 years (youtube.com)

An anonymous reader writes: On the 25th August 1966 the first computer to use microchips were launched into space on board Apollo flight AS-202. The computer was removed sometime after the flight and probably sent back to the MIT labs for analysis. Almost 50 years later, the rope memory modules that contained the flight software resurfaced in what could only be described as one of the most amazing discoveries. After more than 18 months work, a South African computer engineer managed to extract the software code from these modules.

Submission + - Phony Ubuntu website possibly serving malware 4

An anonymous reader writes: If you accidentally misspell Ubuntu while typing in the address, you may end up at http://uhuntu.com/ . Spelling Ubuntu with an "h" instead of a "b" takes you to a website that looks just like Canonicals Ubuntu website. No word on whether or not they are serving malware ridden Ubuntu ISOs, so watch what you type into that address bar.

Submission + - 25 Awful Olympic Sports (clipjacker.com)

An anonymous reader writes: Suggested Olympic SportsSome of these Olympic Sports suggestions may be bias and piss you off — children under 13 should not watch this video without a parent consent. Please pledge to for a chance to attend Tokyo 2020!

Submission + - PGP Short-ID Collision Attacks Continued, Now Targeted Linus Torvalds

An anonymous reader writes: Enrico Zini wrote:

There are currently at least 3 ways to refer to a GPG key: short key ID (last 8 hex digits of fingerprint), long key ID (last 16 hex digits) and full fingerprint. The short key ID used to be popular, and since 5 years it is known that it is computationally easy to generate a GnuPG key with an arbitrary short key id.

LWN.net wrote in June 3, 2016:

Gunnar Wolf urges developers to stop using "short" PGP key IDs as soon as possible. The impetus for the advice originates with Debian's Enrico Zini, who recently found two keys sharing the same short ID in the wild.

After contacted the owner, it turned out that one of the keys is a fake. In addition, labelled same names, emails, and even signatures created by more fake keys. Weeks later, more developers found their fake "mirror" keys on the keyserver, including the PGP Global Directory Verification Key. Gunnar Wolf wrote:

We don't know who is behind this, or what his purpose is. We just know this looks very evil.

Now, a fake key (fake: 0x6211aa3b00411886, real: 0x79be3e4300411886) of Linus Torvalds was found in the wild, scroll the page and you'll two of them. It looked like that every single key from the Linux kernel community have been forged successfully, another example is Greg Kroah-Hartman (fake:0x27365dea6092693e, real: 0x38dbbdc86092693e). LWN reader "rmayr" commented:

so it seems somebody is actually constructing a database of fake keypairs with "well-known" short IDs. Something is going on here...

Submission + - 15 Signs You're Doing Agile Wrong

snydeq writes: Misconceptions and 'best practices' may have your team spinning wheels rather than continuously churning out productive code, writes InfoWorld's Steven Lowe in a round-up of agile practices gone wrong. 'The problem with most approaches to agile is not a problem with agile; it's a problem with Agile, the Capitalized Methodology. Agile isn't a methodology. Treating it as one confuses process with philosophy and culture, and that’s a one-way ticket back into waterfall — or worse.'

Submission + - Licensing Code Fragments in Your Blog - It Really Does Matter (perens.com)

Bruce Perens writes: I help some big companies stay on top of Open Source compliance. Last week, a customer found a code fragment that had originated in a blog, in the documentation-writing product of a very big software company that is concerned with documents and graphics. The file was meant to be re-distributed with documents my customer produced. The entirety of the blog was licensed under Creative Commons Attribution Share-Alike. The big software company's code wasn't under any sort of share-alike license, and thus they were probably infringing on the blog author, and my customer was at risk of being a contributory infringer when it re-distributed this file.

We contacted the help desk of the big software company, and they might get back to us someday. Before getting louder with them, I contacted the blogger.

Bloggers have placed their work under Attribution Share-Alike and other restrictive licenses to prevent their work from being cloned improperly by unscrupulous people on the net, mostly search-engine-optimization scams. The Attribution Share-Alike license requires proper attribution of the author, and sharing of modifications under the same terms as the original. But like many of us, this blogger put code fragments in his writing, and intended for his readers to use them. CC Attribution Share-Alike isn't the right license for that purpose. It's not compatible with proprietary code, nor is it compatible with other share-alike licenses like the GPL.

The blogger admitted that it was tempting to get the big software company to take a look at its own compliance issues, but then graciously agreed to change his blog's licensing. Now, it's CC Attribution Share-Alike for the text, and the MIT license for the code fragments. And his readers can use the code fragments he publishes without worry, as the MIT license is compatible with pretty much everything.

Public domain or the BSD license would have worked as well. Remember that the default in copyright law is All Rights Reserved. If you don't put a public domain declaration or some sort of license on your code, other folks don't really have the legal right to use it at all.

Hopefully, other bloggers will see this and make sure their code fragments are licensed appropriately. Also, programmers should be careful to make sure that they have the right to use code, even if they're just pulling a dozen lines off of someone's blog. It's not at all clear that the fair use doctrine always applies to such use, make sure you have a license and attribute your copy properly.

Submission + - New HTTPS Bicycle Attack Reveals Details About Passwords From Encrypted Traffic (softpedia.com)

campuscodi writes: Dutch security researcher Guido Vranken has published a paper [PDF] in which he details a new attack on TLS/SSL-encrypted traffic, one that can potentially allow attackers to extract some information from HTTPS data streams. Attackers could extract the length of a password from TLS packets, and then use this information to simplify brute-force attacks. The new HTTPS Bicycle Attack can also be used retroactively on HTTPS traffic logged several years ago. Hello NSA!

Submission + - /.Deals is a scam (bbb.org)

slashdeal_sucker writes: Slash deals appears to have great geeky gadgets. Don't fall for it. They took my money, fedex says the tracking number they sent to me was for stuff sent to an address and and addressee that is not me. There customer support is non-responsive.

Slashdot Top Deals

Of course there's no reason for it, it's just our policy.

Working...