Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - A new algorithm for measuring code security (theintercept.com)

mspohr writes: A new venture from a cybersecurity legend, Peiter Zatko, known more commonly by his hacker handle “Mudge” and his wife, Sarah, a former NSA mathematician, have developed a first-of-its-kind method for testing and scoring the security of software.
"Called the Cyber Independent Testing Lab, the Zatkos’ operation won’t tell you if your software is literally incendiary, but it will give you a way to comparison-shop browsers, applications, and antivirus products according to how hardened they are against attack. It may also push software makers to improve their code to avoid a low score and remain competitive."
The Zatkos’ system is not comprehensive, and although it will provide one indicator of security risk, it’s not a conclusive indicator. Vendors are going to hate it.
"The technique involves, in part, analyzing binary software files using algorithms created by Sarah to measure the security hygiene of code. During this sort of examination, known as “static analysis” because it involves looking at code without executing it, the lab is not looking for specific vulnerabilities, but rather for signs that developers employed defensive coding methods to build armor into their code."
There will be a presentation at the Black Hat conference next week:
https://www.blackhat.com/us-16...

Submission + - SPAM: Where did the Big Bang occur? A smart answer to a dumb question.

StartsWithABang writes: Asking where in space the Big Bang happened is like asking where the starting point of Earth’s surface is. There’s no one “point” where it began, unless you’re talking about a point in time. The reality is that, as far as space is concerned, the Big Bang occurred everywhere at once, and we have the evidence to prove it. If the Big Bang were an explosion, we would discover ourselves in a Universe that had a preferred location with different densities surrounding it, but instead we see a Universe that has the same density everywhere. We’d see a Universe that looked different in different directions, yet we see one that’s uniform to better than one part in 10,000 in each direction we look. And we see a Universe that exhibits zero spatial curvature: one that’s indistinguishable from flat. The Big Bang happened everywhere at once. This is how we know it, and this is what it means.

Submission + - Venezuela calls for mandatory labor in farm sector (cnbc.com)

An anonymous reader writes: A Venezuelan ministry last week announced Resolution No. 9855, which calls for the establishment of a "transitory labor regime" in order to relaunch the agricultural and food sector. The decree says that the government must do what is "necessary to achieve strategic levels of self-sufficiency," and states that workers can be forcefully moved from their jobs to work in farm fields or elsewhere in the agricultural sector for periods of 60 days.

Submission + - Solar Cells Converting Co2 Into Hydrocarbon Fuel Discovered. (nextbigfuture.com)

William Robinson writes: Researchers at the University of Illinois at Chicago have engineered a potentially game-changing solar cell that cheaply and efficiently converts atmospheric carbon dioxide directly into usable hydrocarbon fuel, using only sunlight for energy. This artificial leaf delivers syngas, or synthesis gas, a mixture of hydrogen gas and carbon monoxide. Syngas can be burned directly, or converted into diesel or other hydrocarbon fuels. The discovery opens up possibilities of clean reusable energy.

Submission + - Martian gullies not formed by water flow

An anonymous reader writes: Spectroscopy of many of the gullies on Mars strongly suggests that water had nothing to do with their formation, even though these gullies resemble closely similar gullies on Earth that were carved by flowing water..

Color coding in light blue corresponds to surface composition of unaltered mafic material, of volcanic origin. Mafic material from the crater rim is carved and transported downslope along the gully channels. No hydrated minerals are observed within the gullies, in the data from CRISM, indicating limited interaction or no interaction of the mafic material with liquid water. These findings and related observations at about 100 other gully sites on Mars suggest that a mechanism not requiring liquid water may be responsible for carving these gullies on Mars. (Gullies on Mars are a different type of feature than seasonal dark streaks called recurring slope lineae or RSL; water in the form of hydrated salt has been identified at RSL sites.) [emphasis mine]

In other words, these gullies were formed by flowing lava, not water. Considering Mars’s lower gravity, one third that of Earth’s, we should not be surprised if lava is capable of doing things there that it is not generally capable of doing on Earth. In fact, we should remind ourselves constantly that Mars is an alien planet, and that conditions there are different enough to make any predictions based on our knowledge of Earth very unreliable.

Submission + - EOMA68 Earth-friendly Modular computing campaign hits $50k (crowdsupply.com) 9

lkcl writes: The EOMA68 Crowd-funding campaign launched last month and has just reached $50,000 and so far has 541 backers with 28 days still to go. EOMA68 and its creator have featured regularly on slashdot over the past five years: a live-streamed video from Hope2016 explains what it's about, and there is a huge range of discussions and articles online. The real burning question is: if a single Software Libre Engineer can teach themselves PCB design and bring modular computing to people on the budget available from a single company, why are there not already a huge number of companies doing modular upgradeable hardware?

Submission + - Linux and Systemd

Ragingguppy writes: Recently Debian, Ubuntu, and many other distributions have moved over to systemD. Much to the dismay of their users. Lennart Poettering has gone on to blame Linus for all the negative comments that he has had. Personally, I don't think the ugliness of the current situation is Lennart's fault. Sure Systemd, is missing some things that will clearly make it as good as SystemV Init. For most use's it's good enough provided that its configured properly. The blame I'm sending out to has to be put on the square shoulders of the distribution makers. Pottering in my oppinion has been a lightning rod for the bad decisions made by the distro writers. Perhaps I can float an idea here. Perhaps the distribution maintainers weren't ready for systemd, and, as a result, systemd has taken most of the flack for this. Perhaps systemD is not mature enough to take on such an important responsibility in the Linux ecosystem. Perhaps the distribution developers don't have enough of a grasp to utilize systemd to its fullest potential. Perhaps there is a serious lack of good documentation for systemd. After looking at the problem for several weeks I feel that all of these suggestions are true.

I certainly see it. Last night, for instance, I installed Debian Jessie on my old laptop. One that ran Debian Wheazy for a few years. After the distro was installed I was unable to install any other packages. Apt-get failed to connect to the mirror I had just installed the OS from. Now is that an issue with systemd or is that an issue with the package manager?

The is some serious issues going on in Linux these days. It's preventing me and I suspect other people from getting their work done. Distro writers need to start to understand that people actually use their distro's to get real work done. Publishing what is supposed to be a full release when that release doesn't at least work as good as its predecessor is not acceptable on so many levels. This what many of us got with Microsoft many years ago that made us want to switch to Linux in the first place.

Recently I saw a video on youtube of Linus talk at Debconf. He complained that he had to fight at every single version of the Linux kernel that it is unacceptable to break user space. That's the only rule with the kernel he said. Well in Debian, Devuan, Arch and Ubuntu at least user space is definitely broken. Is that Linus's fault or is it the distro's fault.

The laptop that I am trying to run these distro's on is a Acer 5552 laptop with a Tripple core AMD processor and an ATI Radeon chipset. I bought it in 2009. So yes it's a little older but in my opinion Linux should work on it without a problem. At least Linux used to work on it before Debian Jessie and the latest barrage of changes that have been made to the echo system. This is forcing me to have to go on a long exhaustive search for a distro that actually works because Debian is not working right now. I've been trying to find one without systemd, since I know the older init system and I am not familiar enough with systemd to work with it. Also in a previous project I tried to configure systemD to start a shell script after all the other processes were started. I failed. I had to employ Devuan instead. Because systemd just wan't cooperating.

So this is my a humble request to the Linux community. Please bring sanity back to the Linux ecosystem. You're really making it so that I can't get my work done. I depend on your projects. But the latest versions of Debian, Ubuntu, and other systems really have created a serious problem.

Submission + - Our Election Systems must be secured (schneier.com)

Okian Warrior writes: Bruce Schneier notes that state actors are hacking our political system computers, intending to influence the results. For example, US intelligence agencies have concluded that Russia was behind the release of DNC E-mails before the party convention, and Wikileaks is promising more leaked dirt on Hillary Clinton. He points out, quite rightly, that the US needs to secure its electronic voting machines, and we need to do it in a hurry lest outside interests hack the results. From the article:

Over the years, more and more states have moved to electronic voting machines and have flirted with Internet voting. These systems are insecure and vulnerable to attack.

But while computer security experts like me have sounded the alarm for many years, states have largely ignored the threat, and the machine manufacturers have thrown up enough obfuscating babble that election officials are largely mollified.

We no longer have time for that. We must ignore the machine manufacturers' spurious claims of security, create tiger teams to test the machines' and systems' resistance to attack, drastically increase their cyber-defenses and take them offline if we can't guarantee their security online.


Submission + - World's Largest Solar Power Plant Planned For Chernobyl Nuclear Wasteland (electrek.co)

An anonymous reader writes: Chernobyl, the world's most famous and hazardous nuclear meltdown, is being considered for the world's largest solar power plant. Even though nearly 1,600 square miles of land around Chernobyl has radiation levels too high for human health, Ukraine's ecology minister has said in a recent interview that two U.S. investment firms and four Canadian energy companies have expressed interest in Chernobyl's solar potential. Electrek reports: "According to PVTech, the Ukrainian government is pushing for a 6 month construction cycle. Deploying this amount of solar power within such a time frame would involve significant resources being deployed. The proposed 1GW solar plant, if built today, would be the world’s largest. There are several plans for 1GW solar plants in development (Egypt, India, UAE, China, etc) – but none of them have been completed yet. One financial benefit of the site is that transmission lines for Chernobyl’s 4GW nuclear reactor are still in place. The European Bank for Reconstruction and Development has stated they would be interested in participating in the project, 'so long as there are viable investment proposals and all other environmental matters and risks can be addressed to the bank’s satisfaction.'"

Submission + - Snowden Questions WikiLeaks' Methods (pcworld.com)

An anonymous reader writes: Former U.S. National Security Agency contractor, Edward Snowden, has censured WikiLeaks’ release of information without proper curation. On Thursday, Snowden, who has embarrassed the U.S. government with revelations of widespread NSA surveillance, said that WikiLeaks was mistaken in not at least modestly curating the information it releases. “Democratizing information has never been more vital, and @Wikileaks has helped. But their hostility to even modest curation is a mistake,” Snowden said in a tweet. WikiLeaks shot back at Snowden that “opportunism won’t earn you a pardon from Clinton [and] curation is not censorship of ruling party cash flows.” The whistleblowing site appeared to defend itself earlier on Thursday while referring to its “accuracy policy.” In a Twitter message it said that it does “not tamper with the evidentiary value of important historical archives.”

Submission + - Malvertising Campaign Infected Thousands of Users per Day for More than a Year (softpedia.com)

An anonymous reader writes: Since the summer of 2015, users that surfed 113 major, legitimate websites were subjected to one of the most advanced malvertising campaign ever discovered, with signs that this might have actually be happening since 2013.

Infecting a whopping 22 advertising platforms, the criminal gang behind this campaign used complicated traffic filtering systems to select users ripe for infection, usually with banking trojans. The campaign constantly pulled between 1 and 5 million users per day, infecting thousands, and netting the crooks millions each month.

The malicious ads, according to this list, were shown on sites like The New York Times, Le Figaro, The Verge, PCMag, IBTimes, ArsTechnica, Daily Mail, Telegraaf, La Gazetta dello Sport, CBS Sports, Top Gear, Urban Dictionary, Playboy, Answers.com, Sky.com, and more.

Submission + - SwiftKey Bug Leaked Email Addresses and Phone Numbers (theverge.com)

An anonymous reader writes: After many users reported receiving predictions meant for other users, such as email addresses and phone numbers, SwiftKey has suspended part of its service. The service responsible for the bug was SwiftKey's cloud sync service. The Verge reports that one user, an English speaker, was getting someone else's German suggestions, while someone received NSFR porn search suggestions. The Telegraph also reports, "One SwiftKey user, who works in the legal profession and ask to remain anonymous, found out their details had been compromised when a stranger emailed them to say that a brand new phone had suggested their email address when logging into an account online. 'A few days ago, I received an email from a complete stranger asking if I had recently purchased and returned a particular model of mobile phone, adding that not one but two of my email addresses (one personal and one work address) were saved on the phone she had just bought as brand-new,' said the user." SwiftKey released an official statement today about the issue but didn't said that it "did not pose a security issue."

Submission + - John Cook's experiment with online science trolls

Lasrick writes: John Cook is a researcher who writes about climate change denial at SkepticalScience, and he writes here about dealing with online trolls. Not only has he turned online trolling into a source of data collection, but has also come up with a very effective way to deal with trolling. Great read: 'When I turn the spotlight around to expose the techniques of science denial, the reaction can be intense.'

Submission + - Open Hardware Team successfully replicating Tesla inventions (fixtheworldproject.net)

lkcl writes: A small team has successfully overcome the usual barrier to replicating one of Tesla's inventions (death threats and intimidation) by following Open Hardware development practices, encouraging other teams world-wide to replicate their work. Their FAQ and several other reports help explain that the key is Schumann resonance: "tuning" the device to the earth's own EM field and harvesting it as useful electricity. Whilst it looks like it's going mainstream, the real question is: why has it taken this long, and why has an Open Hardware approach succeeded where other efforts have not?

Submission + - Power-loss-protected SSDs tested: only Intel S3500 passes (lkcl.net)

lkcl writes: After the reports on SSD reliability and after experiencing a costly 50% failure rate on over 200 remote-deployed OCZ Vertex SSDs, a degree of paranoia set in where I work. I was asked to carry out SSD analysis with some very specific criteria: budget below £100, size greater than 16Gbytes and Power-loss protection mandatory. This was almost an impossible task: after months of searching the shortlist was very short indeed. There was only one drive that survived the torturing: the Intel S3500. After more than 6,500 power-cycles over several days of heavy sustained random writes, not a single byte of data was lost. Crucial M4: fail. Toshiba THNSNH060GCS: fail. Innodisk 3MP SATA Slim: fail. OCZ: epic fail. Only the end-of-lifed Intel 320 and its newer replacement the S3500 survived unscathed. The conclusion: if you care about data even when power could be unreliable, only buy Intel SSDs.

Slashdot Top Deals

Klein bottle for rent -- inquire within.

Working...