Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment The first time I saw face id on a phone... (Score 1) 58

The first time I saw Face ID on a phone I took a picture of my friend framed about the same way and then pointed the picture at his locked iphone and it unlocked just fine. I am told it now uses IR and other unstated functions to be more secure, but I haven trusted any face ID on any device so far, and neither has my friend.

Submission + - Researcher wins award for debunking 'blue zones (san.com) 1

schwit1 writes: Researcher, Saul Justin Newman, was given an Ig Nobel Prize on Sept. 12 for his work on debunking “blue zones.” He found the phenomenon is actually based on fraudulent birth certificates, bad data and unscientific measurements.

The concept of blue zones had given people the idea that to live a healthier life, they must eat and exercise like the people in towns with unusual amounts of people who live to be 100.

Over the last decade, Newman tracked down 80% of the world’s supercentenarians, which are people aged 110 and older. He found that almost none have a birth certificate and some have multiple recorded birth dates.

Newman also discovered that pension fraud is extremely common in the blue zone areas. He cited that most of the supercentenarians who have turned out to be alive in government records are actually dead.

Submission + - PowerShell Phish using fake CAPTCHA (krebsonsecurity.com) 1

sinij writes:

Clicking the “I’m not a robot” button generates a pop-up message asking the user to take three sequential steps to prove their humanity. Step 1 involves simultaneously pressing the keyboard key with the Windows icon and the letter "R," which opens a Windows "Run" prompt that will execute any specified program that is already installed on the system.
Step 2 asks the user to press the “CTRL” key and the letter “V” at the same time, which pastes malicious code from the site’s virtual clipboard.
Step 3 — pressing the “Enter” key — causes Windows to launch a PowerShell command, and then fetch and execute a malicious file from github[-]scanner[.]com called “l6e[.]exe.”


Submission + - UK's National Grid blames old computer systems for sidelining batteries (ft.com)

AmiMoJo writes: Ageing computer systems and an outdated electricity network means National Grid is often unable to use batteries designed to deliver cheap green power, it has admitted. Batteries were being overlooked by Britain’s network operator up to 30 per cent of the times when they are cheaper than other power sources, Craig Dyke, from National Grid’s electricity system operator, said.

Dyke’s comments came in response to a letter from four leading battery storage groups which said National Grid’s “electricity system operator” or ESO division was making the country’s power costlier and dirtier by failing to use their technology properly. “Consumers are paying more, clean renewable energy is being wasted, and fossil fuel generation is being used instead,” they said. The groups claimed batteries were being overlooked up to 90 per cent of the time in a way that favoured gas-fired power plants, which emit tonnes of carbon dioxide and can be more expensive to run.

Paywall bypass: https://archive.ph/VIeeq

Comment Well, there's your problem. As usual. (Score 3, Insightful) 76

FTA:
The unusually vivid language in its complaint suggests the telco is angry. On Thursday, we may all learn if AT&T alone in its anger. That's when Broadcom announces its quarterly results, after previously offering guidance that VMware revenue will rise every quarter.

The enshitification of all things. Driven as always by wallstreet demanding rising revenues quarter over quarter over quarter over quarter, forever.

Comment It dosen't seem that evil to me. (Score 1) 5

Firefox's "learn more" page

https://support.mozilla.org/en...

FTP:
>Mozilla is prototyping this feature in order to inform an emerging Web standard designed to help sites understand how their ads perform without collecting data >about individual people. By offering sites a non-invasive alternative to cross-site tracking, we hope to achieve a significant reduction in this harmful practice across the web.

Seems like the elimination of cross site cookies is a privacy enhancing idea.

Submission + - 'Trojan Source' flaw could result in covert app poisoning (scmagazine.com)

spatwei writes: A pair of researchers from Cambridge University in the UK said that a condition dubbed "Trojan Source" allows attackers to insert malicious source code which can evade detection by security reviewers. ...

In particular, the researchers found that the Unicode bidirectional algorithm (Bidi) can be manipulated to hide potentially malicious code. Intended to allow interoperability between left to right languages (such as English or Russian) and right to left languages (such as Arabic and Hebrew), Bidi instructions allow the order of text to be switched as needed.

What the duo discovered was that in some cases the Bidi instructions can also be concealed within the source code. This allows for the appearance of the source code to be manipulated in a way that would likely evade detection when a review conducts quality or security checks.

In some cases, the manipulation would result in the way instructions are executed, such as "early return" attacks that end the operation prematurely. In other cases, the Bidi manipulation would allow entire chunks of code (such as security measures or input validation) to be read as comments and not executed.

Slashdot Top Deals

Receiving a million dollars tax free will make you feel better than being flat broke and having a stomach ache. -- Dolph Sharp, "I'm O.K., You're Not So Hot"

Working...