Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Submission + - Lenovo will put Microsoft bloatware on their Android phones to avoid patent tax (zdnet.com)

LichtSpektren writes: In a deal between Microsoft and Lenovo, the latter's Android phones (and their subsidiary Motorola's as well) will begin shipping with Microsoft bloatware, including at least Office, OneDrive, and Skype.

For those who have not been following the story, for the past nine years Microsoft has been using their patents on the FAT file system and other technologies to extract somewhere between $5 and $15 per Android device sold.

Submission + - Computer Science Professor Gives Failing Grade to Newly Leaked NSA Hacking Tool (softpedia.com)

An anonymous reader writes: Stephen Checkoway, an Assistant Professor at the Department of Computer Science at the University of Illinois at Chicago, has analyzed some of the exploit code included in the recent Equation Group leak, and his verdict is "not impressed." The professor, who teaches Software Vulnerability Analysis and Advanced Computer Security at the University of Illinois, Chicago, gripes about the cryptography operations employed in the code of an exploit called BANANAGLEE, used against Fortinet firewalls. Some of his criticism include the words "ridiculous", "very bad", "crazy" and "boring memory leaks".

"I would expect relatively bug-free code. And I would expect minimal cryptographic competence. None of those were true of the code I examined which was quite surprising," the professor told Softpedia in an email.

Submission + - NASA Research publicly available

Presto Vivace writes: From Now On You'll Be Able to Access NASA Research for Free

Any scientists publishing NASA-funded work will be required to upload their papers to a free, online database called PubSpace within a year of publication.

PubSpace is managed by the National Institutes of Health (NIH) PubMed Central, which archives biomedical research. You can see NASA-funded studies here, with recent examples including a paper on cardiovascular disease in Apollo astronauts and one on Martian tsunamis caused by meteor impacts.

Submission + - Compromising Linux Virtual Machines Via FFS Rowhammer Attack (helpnetsecurity.com)

An anonymous reader writes: A group of Dutch researchers have demonstrated a variant of the Rowhammer attack that can be used to successfully compromise Linux virtual machines on cloud servers. The Flip Feng Shui (FFS) attack is not performed by triggering a software vulnerability. Instead, it relies on exploiting the widespread Rowhammer DRAM glitch to induce bit flips in controlled physical memory pages, and the Linux’ memory deduplication system.

Submission + - SPAM: US wiretap numbers still don't add up, and nobody knows why

An anonymous reader writes: Verizon, AT&T, T-Mobile, and Sprint responded to 11,633 wiretaps last year — almost a threefold increase over the government's annual wiretap report. (T-Mobile alone said in its latest transparency report that it received hundreds more wiretaps than the government's official tally.)

And that's just the cell networks — the difference is likely far larger when you account for landlines and internet companies.

So how many wiretaps were authorized last year? Nobody can explain the discrepancy.

Link to Original Source

Submission + - Google Launches Video Calling App Duo For Android And iOS

An anonymous reader writes: Google today launched Google Duo, a one-to-one video calling app for Android and iOS. You can download Duo from Google Play and Apple’s App Store though you may have to wait a bit as this is a gradual rollout — “it will be live worldwide in the next few days.” Duo is mobile-only, was built to be very fast thanks to Web Real-Time Communication (WebRTC), and “takes the complexity out of video calling,” according to principal software engineer Justin Uberti. Duo promises fewer dropped calls, and even supports handing off calls to and from Wi-Fi and cellular connections.

Submission + - Postgres Vision 2016 Defines Open Source Data Management

RaDag writes: Postgres Vision is the preeminent event for thought leadership, collaboration, and networking with the brightest minds and companies defining the future of enterprise Postgres and open source data management. The event, October 11-13, 2016 in San Francisco, will combine business concerns with technical developments. Presenting will be PostgreSQL community leaders and major contributors including Bruce Momjian, Dave Page, Robert Haas, Oleg Bartunov, Michael Meskus, and Magnus Hagander.

IT industry leaders presenting include event encee Kathleen Kennedy, Presdent, MIT Technology Review; Frank Fanzilli, former global CIO of Credit Suisse First Boston and director of the Linux Foundation; Scott McNealy, co-founder and chairman of Wayin and co-founder and former CEO of Sun Microsystems; and Christopher Schroeder, Former CEO, Washington Post/Newsweek Interactive and author of the bestseller, Startup Rising: The Entrepreneurial Revolution Remaking the Middle East.

Postgres Vision will be held at the iconic Innovation Hangar (iHangar) at the Palace of the Fine Arts in San Francisco.

Submission + - Hackers Claim To Be Selling NSA Cyberweapons In Online Auction

blottsie writes: A group of hackers identifying themselves as the Shadow Brokers claims to have hacked the NSA's Equation Group, a team of American hackers that have been described as both "omnipotent" and "the most advanced" threat cyberspace has ever seen.

On the Shadow Brokers' website, the group has shared a sample of data that some cybersecurity experts say lends credibility to the breach. The the hackers' asking price for what they claim is a cache of NSA-built cyberweapons.

Submission + - 'Consumer Reports' for software vulnerabilities

Presto Vivace writes: Karen Epper Hoffman reporting for Government Computer News:

During a presentation at last week’s Black Hat conference in Las Vegas, computer scientists Peiter Zatko (better known as Mudge) and Sarah Zatko discussed the independent organization they are building to impartially benchmark commercial software security flaws.



“All the certifications and evaluations that come out, they’re not about security,” said Sarah Zatko, who is chief scientist for the Cyber Independent Testing Lab and a member of the Army's Order of Thor, which recognizes contributions of cybersecurity professionals.

Submission + - Secure Skype alternatives 1

An anonymous reader writes: I have a Windows 8.1 phone and mostly use it for Skype calls and chats. A bit of browsing every now and then, and checking public transportation schedules. Nothing fancy in other words.

What can I do to be able to securely chat and place audio/video calls? What do you think is the best device to buy and what apps to use on it?

Submission + - Linux developer loses GPL suit against VMware (itwire.com)

An anonymous reader writes: Linux kernel developer Christoph Hellwig has lost his case against virtualisation company VMware, which he had sued in March 2015 for violation of version 2 of the GNU General Public Licence.

Submission + - LinkedIn Suffers Huge Bot Attack That Steals Members' Personal Data (siliconbeat.com)

An anonymous reader writes: Data thieves used a massive “botnet” against professional networking site LinkedIn and stole member’s personal information, a new lawsuit reveals. “LinkedIn members populate their profiles with a wide range of information concerning their professional lives, including summaries (narratives about themselves), job histories, skills, interests, educational background, professional awards, photographs and other information,” said the company’s complaint, filed in Northern California U.S. District Court. “During periods of time since December 2015, and to this day, unknown persons and/or entities employing various automated software programs (often referred to as ‘bots’) have extracted and copied data from many LinkedIn pages.” It is unclear to what extent LinkedIn has been able to stymie the attack. A statement from the firm’s legal team suggests one avenue of penetration has been permanently closed, but does not address other means of incursion listed in the lawsuit. “Their actions have violated the trust that LinkedIn members place in the company to protect their information,” the complaint said. “LinkedIn will suffer ongoing and irreparable harm to its consumer goodwill and trust, which LinkedIn has worked hard for years to earn and maintain, if the conduct continues.” LinkedIn says it has more than 128 million U.S. members and more than 400 million worldwide. According to the complaint, the hackers got around six LinkedIn cybersecurity systems, and also manipulated a cloud-services company that was on the company’s “whitelist” of “popular and reputable service providers, search engines and other platforms” which interact with LinkedIn under less severe security measures than other third parties. The manipulation allowed the hackers to send requests to LinkedIn servers.

Submission + - Fixing 'Tedious and Error-Prone' Computer Programming (adtmag.com)

the_insult_dog writes: A computer programming research program called ExCAPE funded to the tune of more than $9 million by the National Science Foundation aims to use automated program-synthesis tools to address some of the longstanding problems in software development. While its lofty goals of broadly remaking the art of programming might not be realized, the research has already made some advances and resulted in several tool already in use in areas such as commercial software production and education, reports Application Development Trends magazine..

Slashdot Top Deals

"Ada is PL/I trying to be Smalltalk. -- Codoso diBlini

Working...