Forgot your password?
Close
typodupeerror

Submission + - NSA Opens GitHub Account, Lists 32 Project Developed By the Agency (thehackernews.com)

Submitted by Anonymous Coward
An anonymous reader writes: The National Security Agency (NSA) — the United States intelligence agency which is known for its secrecy and working in the dark — has finally joined GitHub and launched an official GitHub page. GitHub is an online service designed for sharing code amongst programmers and open source community, and so far, the NSA is sharing 32 different projects as part of the NSA Technology Transfer Program (TTP), while some of these are "coming soon." "The NSA Technology Transfer Program (TTP) works with agency innovators who wish to use this collaborative model for transferring their technology to the commercial marketplace," the agency wrote on the program's page. "OSS invites the cooperative development of technology, encouraging broad use and adoption. The public benefits by adopting, enhancing, adapting, or commercializing the software. The government benefits from the open source community's enhancements to the technology." Many of the projects the agency listed are years old that have been available on the Internet for some time. For example, SELinux (Security-Enhanced Linux) has been part of the Linux kernel for years.

Submission + - Curiosity rover decides—by itself—what to investigate on Mars (sciencemag.org)

Submitted by sciencehabit
sciencehabit writes: NASA’s Curiosity rover landed on Mars in 2012, in part to analyze rocks to see whether the Red Planet was ever habitable (or inhabited). But now the robot has gone off script, picking out its own targets for analysis—precisely as planned. Last year, NASA scientists uploaded a piece of software called Autonomous Exploration for Gathering Increased Science (AEGIS) adapted from the older Opportunity rover. Curiosity can now scan each new location and use artificial intelligence to find promising targets for its ChemCam. Compared with the estimated 24% success rate of random aiming at picking out outcrops—a prime target for investigation—the current version of AEGIS lets the rover find them 94% of the time, researchers report.

Submission + - OpenVPN Audit Finds Several Issues

Submitted by randomErr
randomErr writes: Guido Vranken recently published 4 security vulnerabilities in OpenVPN on his personal blog. Most of these are known issues that have not been addressed or patches have not been fully implemented in the production code .Here is some of what he found:
  • CVE-2017-7521 — Remote server crashes/double-free/memory leaks in certificate processing
  • CVE-2017-7520 — Remote (including MITM) client crash, data leak
  • No CVE yet — Remote (including MITM) client stack buffer corruption
  • CVE-2017-7508 — Remote server crash (forced assertion failure)

Submission + - It's not just cars that have defeat devices! (theguardian.com)

Submitted by Chrisq
Chrisq writes: An EU study has fond that in real word use many electronic devices and appliances use more energy in real world conditions than in the standard EU tests. Often the real world figures are double those in the ratings.

Sometimes this is achieved by having various optional features switched off during the test; Switching on modern TV features such as “ultra-high definition” and “high-dynamic range” in real-world test cycles boosted energy use in four out of seven televisions surveyed – one by more than 100%.

However some appliances appear to have "defeat devices" built in, with some Samsung TVs appearing to recognise the standard testing clip:

“The Swedish Energy Agency’s Testlab has come across televisions that clearly recognise the standard film (IEC) used for testing,” says the letter, which the Guardian has seen. “These displays immediately lower their energy use by adjusting the brightness of the display when the standard film is being run. This is a way of avoiding the market surveillance authorities and should be addressed by the commission.”

Submission + - Opus 1.2 released (with a demo)

Submitted by jmv
jmv writes: The Opus audio codec, used in WebRTC and now included in all major web browsers, gets another major upgrade with the release of version 1.2. This release brings quality improvements to both speech and music, while remaining fully compatible with RFC 6716. There are also optimizations, new options, as well as many bug fixes. This Opus 1.2 demo describes a few of the upgrades that users and implementers will care about the most. It includes audio samples comparing to previous versions of the codec, as well as speed comparisons for x86 and ARM.

Submission + - The Switch To Microservices -- And Why You Might Not Succeed

Submitted by snydeq
snydeq writes: Using a microservices approach to application development can improve resilience and expedite time to market, but breaking apps into fine-grained services offers complications, writes Adam Bertram, in an article on the benefits and hurdles to adopting microservices. 'Microservices is on the verge of going mainstream, as 36 percent of enterprises surveyed by Nginx are currently using microservices, with another 26 percent in the research phase. But what exactly is microservices architecture, and is it right for your organization’s culture, skills, and needs? Here we take a look at seven reasons you should consider microservices for your next application development project — and five hurdles you’ll have to clear to be successful.' What cautions do you have to offer for folks considering tapping microservices for their next application?

Submission + - Apple to Force Users to 2FA on iOS 11, High Sierra

Submitted by Trailrunner7
Trailrunner7 writes: With the upcoming releases of iOS 11 and macOS High Sierra later this year, Apple is planning to force many users to adopt two-factor authentication for their accounts.

The company this week sent an email to customers who have the existing two-step verification enabled for their Apple IDs, informing them that once they install the public betas of the new operating systems they will be migrated to two-factor authentication automatically. Two-step verification is an older method of account security that Apple rolled out before full two-factor authentication was available. Apple is phasing that out and will be upgrading people with eligible devices automatically.

Submission + - Airbnb Announces Its Plan to House 100,000 People in Need (backchannel.com)

Submitted by mirandakatz
mirandakatz writes: Airbnb has just unveiled its Open Homes Platform, a homesharing site for hosts motivated by goodwill instead of profits—and for guests motivated by need rather than wanderlust. Specifically, Airbnb is going to begin by connecting refugees with hosts in Canada, France, Greece, and the United States. Ultimately, refugees will be just one group that the site aims to help: Site visitors can also nominate other groups of people for temporary placements, and the platform will expand to include them eventually. At Backchannel, Jessi Hempel dives into the homesharing platform's latest effort, and places it in the context of the company's broader business strategy.

Submission + - Police In Oklahoma Have Cracked Hundreds of People's Cell Phones (vice.com)

Submitted by Anonymous Coward
An anonymous reader writes: Mobile phone forensic extraction devices have been a law enforcement tool for years now, and the number of agencies using them is only rising. As part of an ongoing investigation, we have finally been able to turn up some usage logs of this equipment, from Tulsa Police Department, and Tucson Police Department. While the logs do not list the cause of the crime or any other notes about why the phone was being searched, it does list the make of the phone, the date, and the type of extraction. First, let's go over what extraction devices are being used here. Tucson PD opted for the brand that is arguably the worldwide leader in mobile device forensics, the Israeli company Cellebrite. Tulsa Police Department however opted for a few different models — they purchased two different password breakers from Teel Technologies in 2015, and in March 2016 gave about $1,500 to Susteen for their SecureView extraction device (SecureView was the product Susteen created when the FBI requested they create a more advanced extraction device for them). It does its work instantly, and has an incredible reach into a phone's data. They renewed this contract in 2017. In August 2016 they also purchased the Detective extraction device from Oxygen Forensics. Oxygen is much less common than Cellebrite, from what we have found. The kicker really is how often these are being used — it is simply really hard to believe that out of the 783 times Tulsa Police used their extraction devices, all were for crimes in which it was necessary to look at all of the phone's data. Even for the 316 times Tucson PD used theirs in the last year, it is still a real stretch to think that some low-level non-violent offenders weren't on the receiving end. There are some days where the devices were used multiple times — Tulsa used theirs eight times on February 28th of this year, eight again on April 3rd, and a whopping 14 times on May 10th 2016. That is a whole lot of data that Tulsa was able to tap into, and we aren't even able to understand the why.

Submission + - NSA's EternalBlue Exploit Ported to Windows 10 (threatpost.com)

Submitted by msm1267
msm1267 writes: EternalBlue, the NSA-developed attack used criminals to spread WannaCry ransomware last month, has been ported to Windows 10 by security researchers.

The publicly available version of EternalBlue leaked by the ShadowBrokers targets only Windows XP and Windows 7 machines. Researchers at RiskSense who created the Windows 10 version of the attack were able to bypass mitigations introduced by Microsoft that thwart memory-based code-execution attacks.

These mitigations were introduced prior to a March security update from Microsoft, MS17-010, and any computer running Windows that has yet to install the patch is vulnerable.

Submission + - Harvard pulls student offers over online comments (go.com)

Submitted by joshtops
joshtops writes: Harvard University's student newspaper says the school has revoked admission offers to at least 10 prospective freshmen over offensive online messages.

The Harvard Crimson ( http://bit.ly/2s9vmKV ) says the students posted images and comments in a private Facebook group mocking sexual assault, the Holocaust and racial minorities.

The newspaper reported that several group members said at least 10 people were told by Harvard in April that their acceptances had been withdrawn.

Comment Re:Wow! (Score 1) 263

I disagree. There are things like climate change that become politicized when they really shouldn't. It shouldn't be an 'us vs them' mentality, and the republicans were very wrong to take that hardline position against it, but the democrats where hardly helping the situation by equating any concerns about cost and implementation with outright denial of the issue at hand.

Even abortion and the definition of the beginnings of life is not something so black and white as even people of strong faith believe. We are nearing the point where we may be able to remove a fetus and bring it to term outside of the mother's womb and that possibility really changes the discussion. What argument for bodily autonomy is there if the baby can be grown and birthed outside of the mother?
Now i can still see people arguing both sides on that. Some people may feel its the childs' right to be grown in its mother womb and some may feel that the mother should still be able to decide if the baby lives, but for those people you can clearly see their motivations were never based in bodily autonomy or the right to life anyway.

That situation isn't here yet and probably not soon, but doesn't mean the abortion debate is neatly settled into two different sides.

(Also, even though i know your last point wasn't serious, i think that if we did just divide the nation in two all we would end up with is the worst of both and the best of neither)

Comment Re:Wow! (Score 0) 263

I think you're spot on in regards to why people voted for Trump. No one likes what he says or what he does, even the people who voted for him.

For the Eisenhower Republican model, I know exactly where it went. Its the same labeling issue as above. If you didn't 100% agree with climate change as defined by liberals, then you were 100% the enemy. Questions about personal motivation among scientists (scientists are people, people are selfish and greedy, not a hard leap)? Climate change denier. Think there are serious problems in our peer review process? Anti-science Nut. Don't think some proposed solutions to climate change actually address the issue and instead push political agendas of inequality and social issues instead? Obviously an extremist who hates minorities and women.

Maybe if the media didn't treat and entire spectrum of people as extremists, there would be more progress.

Slashdot Top Deals

"This isn't brain surgery; it's just television." - David Letterman

Close