Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Professors claim passive cooling breakthrough via plastic film (economist.com)

charlesj68 writes: An article in the Economist discusses the development of a plastic film by two professors at the University of Colorado in Boulder that provides a passive cooling effect. The film contains embedded glass beads that absorb and emit infrared in a wavelength that is not blocked by the atmosphere. Combining this with half-silvering to keep the sun from being the source of infrared absorption on the part of the beads, and you have way of pumping heat at a claimed rate of 93 watts per square meter.
Actual paper in Science: http://science.sciencemag.org/...
Original research by others in Nature: http://www.nature.com/nature/j...

Submission + - Unstoppable JavaScript Attack Helps Ad Fraud, Tech Support Scams, 0-Day Attacks (bleepingcomputer.com)

An anonymous reader writes: New research published today shows how a malicious website owner could show a constant stream of popups, even after the user has left his site, or even worse, execute any kind of persistent JavaScript code while the user is on other domains.

In an interview, the researcher who found these flaws explains that this flaw is an attacker's dream, as it could be used for: ad fraud (by continuing to load ads even when the user is navigating other sites), zero-day attacks (by downloading exploit code even after the user has left the page), tech support scams (by showing errors and popups on legitimate and reputable sites), and malvertising (by redirecting users later on, from other sites, even if they leave the malicious site too quickly).

This severe flaw in the browser security model affects only Internet Explorer 11, which unfortunately is the second most used browser version, after Chrome 55, with a market share of over 10%. Even worse for IE11 users, there's no fix available for this issue because the researcher has decided to stop reporting bugs to Microsoft after they've ignored many of his previous reports.

For IE11 users, a demo page is available here.

Submission + - Java and Python FTP Attacks Can Punch Holes Through Firewalls (csoonline.com)

itwbennett writes: Over the weekend, security researcher Alexander Klink disclosed an interesting attack where exploiting an XXE (XML External Entity) vulnerability in a Java application can be used to send emails. At the same time, he showed that this type of vulnerability can be used to trick the Java runtime to initiate FTP connections to remote servers. After seeing Klink's exploit, Timothy Morgan, a researcher with Blindspot Security, decided to disclose a similar attack that works against both Java's and Python's FTP implementations. 'But his attack is more serious because it can be used to punch holes through firewalls,' writes Lucian Constantin in CSO Online.

Submission + - College Senior Upgrades His Honda Civic to Drive Itself Using Free Software (technologyreview.com)

holy_calamity writes: University of Nebraska student Brevan Jorgenson swapped the rear view mirror in his 2016 Honda Civic for a home-built device called a Neo, which can steer the vehicle and follow traffic on the highway. Jorgenson used hardware designs and open source software released by Comma, a self-driving car startup that decided to give away its technology for free last year after receiving a letter from regulator the NHTSA. Jorgenson is just one person in a new hacker community trying to upgrade their cars using Comma's technology.

Submission + - Zuckerberg sues hundreds of Hawaiians to force property sales to him. (msn.com)

mmell writes: Apparently, owning 700 acres of land in Hawaii isn't enough — Mark Zuckerberg, founder of Facebook, has filed suit to force owners of several small parcels of land to sell to the highest bidder. The reason? These property owners are completely surrounded by Zuckerberg's land holdings and therefore have lawful easement to cross his property in order to get to theirs.

Many of these land owners have held their land for generations, but seemingly Mr. Zuckerberg can not tolerate their presence so close to his private little slice of paradise. Landowners such as these came to own their land when their ancestors were "given" the land as Hawaiian natives.

If successful in his "quiet title" court action, Mr. Zuckerberg will finally have his slice of Hawaii's beaches and tropical lands without having to deal with the pesky presence of neighbors who were on his land before he owned it. Who knew that Hawaiians were just another kind of Native Americans?

Submission + - Galileo satellites experiencing multiple clock failures (bbc.com)

elgatozorbas writes: According to a BBC article, the onboard atomic clocks that drive the satellite-navigation signals on Europe's Galileo network have been failing at an alarming rate.

Across the 18 satellites now in orbit, nine clocks have stopped operating. Three are traditional rubidium devices; six are the more precise hydrogen maser instruments that were designed to give Galileo superior performance to the American GPS network.

Submission + - NASA Mission Asteroid for Metals Worth Ten Thousand Quadrillion Dollars

randomErr writes: NASA wants to uncover the mystery behind the asteroid “16 Psyche.” that may contain a priceless treasure trove of minerals. “We’ve been to all the different planets, we’ve been to other asteroids. But we’ve never visited a body that has been made of entirely metal,” said Carol Polanskey, project scientist for the Psyche mission. Now NASA, led by researchers at Arizona State University, plans to send an unmanned spacecraft to orbit 16 Psyche – an asteroid roughly the size of Massachusetts, made of iron and other precious metals. The mission’s leader estimates that the iron alone on today’s market would be worth $10,000 quadrillion.

Submission + - SPAM: Financial Services Company Automates 17,000 Low-End Jobs Without Layoffs

An anonymous reader writes: Financial Services company Accenture claims that it has automated 17,000 back-office jobs without laying off any employees, instead anticipating the switch and retraining the staff early into higher-difficulty roles. The company's CEO Richard Lumb, who has recently presented a report with an uncommonly optimistic vision for how AI and automation can benefit companies and workers, said "Over the last 18 months, automation replaced 17,000 jobs in back office processing. But actually, we haven’t laid those people off. We are fortunate enough to reskill and reposition them."
Link to Original Source

Submission + - Chinese Scientist Found Breakthrough Vaccine/Cures for All Viral Infections (scmp.com)

hackingbear writes: Chinese scientists may have found the key to creating effective vaccines for the world’s deadly viruses including bird flu, SARS, Ebola, and HIV. An experiment by a research team at Beijing University was hailed as “revolutionary” in the field in a paper published in the latest issue of Science magazine on Friday. The live virus used in the vaccine used by the researchers had its genetic code tweaked to disable the viral strains’ self-replication mechanism. But it was kept fully infectious to allow the host animal cells to generate immunity. Using live viruses in their fully infectious form was considered taboo, as viruses spread rapidly. Vaccines sold and used widely today generally contain either dead or weakened forms of viruses. The animals infected with virus were cured after receiving the injection, according to the paper. This breakthrough promises to simplify the process of producing vaccines, which may help scientists develop effective vaccines or even cures for various viruses – such bird flu, SARS, Ebola and HIV – within weeks of an outbreak.

Submission + - SPAM: 6 seconds: How hackers only need moments to guess card number and security code 1

schwit1 writes: Criminals can work out the card number, expiry date and security code for a Visa debit or credit card in as little as six seconds using guesswork, researchers have found.

Fraudsters use a so-called Distributed Guessing Attack to get around security features put in place to stop online fraud, and this may have been the method used in the recent Tesco Bank hack.

According to a study published in the academic journal IEEE Security & Privacy, that meant fraudsters could use computers to systematically fire different variations of security data at hundreds of websites simultaneously.

Within seconds, by a process of elimination, the criminals could verify the correct card number, expiry date and the three-digit security number on the back of the card.

Mohammed Ali, a PhD student at the university's School of Computing Science, said: "This sort of attack exploits two weaknesses that on their own are not too severe but, when used together, present a serious risk to the whole payment system.

Link to Original Source

Submission + - Would redundancy and really long TTL have countered a lot of DDOS effects? (medium.com) 1

marmot7 writes: My primary takeaways from this article was that it's important to have redundancy (additional NS's) and that it's important to have a very long TTL when you're not actively updating something. Would the measures in this article have at least limited the damage of these attacks? The long TTL change alone would have made the cache likely covered the entire attack, right?

Submission + - Royalties are bullsh*t

aemoser writes: A musician on a blues news site argues that the "war" between YouTube and big artists (looking at you, Tay) is meaningless, and that we should end royalties in favor of universal basic income. He cites everyone from Big Mama Thornton to the Federal Writer's Project to make his case, and concludes with the impending robot takeover.
http://bg.buddyguy.com/royalti...

Submission + - Colliding Black Holes Tell New Story of Stars (quantamagazine.org)

An anonymous reader writes: Already, the new gravitational-wave data has shaken up the field of astrophysics. In response, three dozen experts spent two weeks in August sorting through the implications at the Kavli Institute for Theoretical Physics (KITP) in Santa Barbara.

Jump-starting the discussions, de Mink, an assistant professor of astrophysics at the University of Amsterdam, explained that of the two — and possibly more — black-hole mergers that LIGO has detected so far, the first and mightiest event, labeled GW150914, presented the biggest puzzle. LIGO was expected to spot pairs of black holes weighing in the neighborhood of 10 times the mass of the sun, but these packed roughly 30 solar masses apiece. “They are there — massive black holes, much more massive than we thought they were,” de Mink said to the room. “So, how did they form?”

The mystery, she explained, is twofold: How did the black holes get so massive, considering that stars, some of which collapse to form black holes, typically blow off most of their mass before they die, and how did they get so close to each other — close enough to merge within the lifetime of the universe? “These are two things that are sort of mutually exclusive,” de Mink said. A pair of stars that are born huge and close together will normally mingle and then merge before ever collapsing into black holes, failing to kick up detectable gravitational waves.

Submission + - The Little Hack That Could: The Story of Spotify's "Discover Weekly" Recommendat (ieee.org)

Tekla Perry writes: Software engineer Edward Newett thought Spotify was making it too hard for users to get to recommendations of new music. So he pulled together various machine learning systems used elsewhere in the company, pulled user photos from Facebook, and quietly pulled together a new recommender, "Discover Weekly" that he pushed out to Spotify's employees, and then the world. The first "production incident" verified its popularity: Some users “went into blind rage or existential crisis.” Newett told the story of Discover Weekly at the @Scale conference last week. “This wasn’t a big company initiative,” he said, “just a team of passionate engineers who went about solving a problem we saw with the technology we had.”

Submission + - Nova Scotia wind turbine speeds out of control, collapses (theweathernetwork.com)

An anonymous reader writes: This large wind turbine failed on August 17. Before the 80-metre-tall wind turbine buckled and toppled over, Enercon officials confirm that workers were told to leave, the Toronto Star reports. In addition to their towering height, the turbines have a blade length of 40 metres, the CBC notes.

Fortunately the turbines operate in a wooded area away from residents, so no one was injured. An evacuation protocol was also put in place.

Enercon and Nova Scotia's provincial government are conducting investigations to determine if there were any safety violations at the time of the incident.

Another 10 turbines in the area remain in operation, unaffected by the collapse. The cause of the collapse remains unknown.

Slashdot Top Deals

When in doubt, mumble; when in trouble, delegate; when in charge, ponder. -- James H. Boren

Working...