Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - New Study Suggests Humans Lived In North America 130,000 Years Ago (npr.org)

An anonymous reader writes: In 1992, archaeologists working a highway construction site in San Diego County found the partial skeleton of a mastodon, an elephant-like animal now extinct. Mastodon skeletons aren't so unusual, but there was other strange stuff with it. "The remains were in association with a number of sharply broken rocks and broken bones," says Tom Demere, a paleontologist at the San Diego Natural History Museum. He says the rocks showed clear marks of having been used as hammers and an anvil. And some of the mastodon bones as well as a tooth showed fractures characteristic of being whacked, apparently with those stones. It looked like the work of humans. Yet there were no cut marks on the bones showing that the animal was butchered for meat. Demere thinks these people were after something else. "The suggestion is that this site is strictly for breaking bone," Demere says, "to produce blank material, raw material to make bone tools or to extract marrow." Marrow is a rich source of fatty calories. The scientists knew they'd uncovered something rare. But they didn't realize just how rare for years, until they got a reliable date on how old the bones were by using a uranium-thorium dating technology that didn't exist in the 1990s. The bones were 130,000 years old. That's a jaw-dropping date, as other evidence shows that the earliest humans got to the Americas about 15,000 to 20,000 years ago.

Comment Re:Save 30%, retire early (Score 1) 399

No, the math's not hard, but achieving it is getting tougher all the time. Save 30%? Starting when exactly, given that the generation in question is almost certainly going to be stuck with either low paying jobs or having to pay off student loan debts before they can even think about sorting out a place of their own? Maybe one of the fortunate few that gets a big break with a successful startup or has the connections/skills/talent to reach the upper levels of their chosen career can still pull it off, but the rest are basically screwed and will absolutely have to work longer to reach a point they can retire in comfort.

Also, don't forget that pensions also take into account things like expected lifespans published in arcturial tables. Even if the retirement age and inflation adjusted pension pot remained constant, if your post-retirement life expectancy is eleven years instead of ten, you've got (more or less) 10% less to live on each month - adjust accordingly if medical science advances that to twelve or more years. Factor in the ever decreasing social security budgets, the rising age at whch you can qualify for it, and how poorly many pension funds are currently performing, and the prospects of early retirement seem much slimmer than for the previous few generations.

Submission + - FCC Announces Plan To Reverse Title II Net Neutrality (theverge.com)

An anonymous reader writes: The Federal Communications Commission is cracking open the net neutrality debate again with a proposal to undo the 2015 rules that implemented net neutrality with Title II classification. FCC chairman Ajit Pai called the rules “heavy handed” and said their implementation was “all about politics.” He argued that they hurt investment and said that small internet providers don’t have “the means or the margins” to withstand the regulatory onslaught. “Earlier today I shared with my fellow commissioners a proposal to reverse the mistake of Title II and return to the light touch framework that served us so well during the Clinton administration, Bush administration, and first six years of the Obama administration,” Pai said today. His proposal will do three things: first, it’ll reclassify internet providers as Title I information services; second, it’ll prevent the FCC from adapting any net neutrality rules to practices that internet providers haven’t thought up yet; and third, it’ll open questions about what to do with several key net neutrality rules — like no blocking or throttling of apps and websites — that were implemented in 2015.

Submission + - Pirate Site Blockades Violate Free Speech, Mexico's Supreme Court Rules (torrentfreak.com)

happyfeet2000 writes: Broad pirate sites blockades are disproportional, Mexico's Supreme Court of Justice has ruled. The Government can't order ISPs to block websites that link to copyright-infringing material because that would also restrict access to legitimate content and violate the public's freedom of expression. The ruling is a win for local ISP Alestra, which successfully protested the Government's blocking efforts.

Comment Re: Yet another case for VPN tunnels (Score 1) 93

Any remote management protocol can be exploited if the implementation is bad - regardless of whether it's console style via SSH, web via HTTPS, or a dedicated device management protocol like SNMP or TR-069. Firmware bugs in authentication and exploits aside, it shouldn't matter what protocol you use provided that it is properly authenticated with a non-default password, uses an encrypted protocol, and (most critically of all) access is limited to a specific management network. The trick is to assume things will get broken, then put multiple layers of defence in place so that even when something inevitably does break the rest will keep things secure while you implement a fix - ignoring it is not an option either.

People have been chanting the "defence in depth" mantra for decades, some people have been *doing* it for decades and publishing HOWTO guides to help others do the same, and yet other people are also still getting burned by failing to do it. Ultimately, it's just the consequence of another three way choice where you only get to pick two options; the choices are "cheap", "easy" and "secure", and this is what happens when you don't include "secure" in your selection - cheap and easy both end up going down the toilet as well.

Comment Re:Crook? (Score 2) 93

My view too. Janit0r is absolutely a vigilante, but currently BrickerBot (and the less destructive Hajime) are only active "solutions" to the various IoT botnets such as Mirai and, from their posts, I believe (s)he would stand down as soon as more active steps were taken by the vendors, ISPs, and owners. Far from ideal but, until those in a position to do something about it in a less disruptive manner step up to the plate, if that's the only option for the rest of us caught in the firing line, then I'll live with it. Keep calm, and carry on bricking!

As for this specific incident, although Zyxel has to take some blame for shipping broken routers in the first place, I'd say the main culprit here is actually SierraTel, both for their failure to implement secure central management of their modems in the first place, but mostly for failing to learn from Deutsche Telekom's experience and remediating that error, despite having *six months* to do so. Clearly that has now cost them financially and in customer satisfacation, which should hopefully server as a wake up call to anyone else in a similar situation and dragging their feet over deploying a solution. Somehow, I don't think SierraTel is going to be the only ISP to have this kind of problem though.

Submission + - US ISP Goes Down as Two Malware Families Go to War Over Its Modems (bleepingcomputer.com)

An anonymous reader writes: Two malware families battling for turf are most likely the cause of an outage suffered by Californian ISP Sierra Tel at the beginning of the month, on April 10. The attack, which the company claimed it was a "malicious hacking event," was the work of BrickerBot, an IoT malware family that bricks unsecured IoT and networking devices.

"BrickerBot was active on the Sierra Tel network at the time their customers reported issues," Janit0r told Bleeping Computer in an email, "but their modems had also just been mass-infected with malware, so it's possible some of the network problems were caused by this concomitant activity."

The crook, going by Janit0r, tried to pin some of the blame on Mirai, but all the clues point to BrickerBot, as Sierra Tel had to replace bricked modems altogether, or ask customers to bring in their modems at their offices to have it reset and reinstalled. Mirai brought down over 900,000 Deutsche Telekom modems last year, but that outage was fixed within hours with a firmware update. All the Sierra Tel modems bricked in this incident were Zyxel HN-51 models, and it took Sierra Tel almost two weeks to fix all bricked devices.

Submission + - Oregon fines man for writing a complaint email stating "I am an engineer..." (vice.com) 2

pogopop77 writes: In September 2014, Mats Järlström, an electronics engineer living in Beaverton, Oregon, sent an email to the state's engineering board. The email claimed that yellow traffic lights don't last long enough, which "puts the public at risk." "I would like to present these facts for your review and comments," he wrote. This email resulted not with a meeting, but with a threat from The Oregon State Board of Examiners for Engineering and Land Surveying stating "ORS 672.020(1) prohibits the practice of engineering in Oregon without registration — at a minimum, your use of the title 'electronics engineer' and the statement 'I'm an engineer' create violations." In January of this year, Järlström was officially fined $500 by the state for the crime of "practicing engineering without being registered."

Submission + - An Artificial Womb Successfully Grew Baby Sheep -- And Humans Could Be Next (theverge.com)

An anonymous reader writes: Inside what look like oversized ziplock bags strewn with tubes of blood and fluid, eight fetal lambs continued to develop — much like they would have inside their mothers. Over four weeks, their lungs and brains grew, they sprouted wool, opened their eyes, wriggled around, and learned to swallow, according to a new study that takes the first step toward an artificial womb. One day, this device could help to bring premature human babies to term outside the uterus — but right now, it has only been tested on sheep. The Biobag may not look much like a womb, but it contains the same key parts: a clear plastic bag that encloses the fetal lamb and protects it from the outside world, like the uterus would; an electrolyte solution that bathes the lamb similarly to the amniotic fluid in the uterus; and a way for the fetus to circulate its blood and exchange carbon dioxide for oxygen. Flake and his colleagues published their results today in the journal Nature Communications.

Submission + - EU Lawmakers Include Spotify and iTunes In Geoblocking Ban (reuters.com)

An anonymous reader writes: European Union lawmakers voted on Tuesday to ban online retailers from treating consumers differently depending on where they live and expanded their proposed law to include music streaming services such as Spotify and Apple's iTunes. Ending so-called geoblocking is a priority for the European Commission as it tries to create a single market for digital services across the 28-nation bloc, but many industries argue that they tailor their prices to specific domestic markets. The proposal, which will apply to e-commerce websites such as Amazon, Zalando and eBay, as well as for services provided in a specific location like car rental, forbids online retailers from automatically re-routing customers to their domestic website without their consent. In a blow for the book publishing and music industries, European Parliament members voted to include copyright-protected content such as music, games, software and e-books in the law. That would mean music streaming services such as Spotify and iTunes would not be able to prevent, for example, a French customer buying a cheaper subscription in Croatia, if they have the required rights.

Comment Re:Sure (Score 1) 182

It really depends on whether Jimmy Wales genuinely wants this to be a neutral news outlet, or just a backdoor way to further his own agendas/beliefs, but time will tell - and pretty quickly I suspect. We currently have a very divisive Republican politician in the White House, so if there's any left wing spin being put on things it's going to become very apparent, very fast, when both Trump's supporters and people who genuinely don't care about the politics try and pull things back towards the middle and (most probably) further right. If/when that happens, and if the site fails to handle it fairly, then it's going to get accused of failing in its core aims and be effectively dead in the water as anything other than another left-wing echo chamber right there and then.

Comment Re:Common? (Score 1) 56

Stunned me too when I got speaking to locals on the earlier aurora orientated photography trips I've done. The very first trip I did, we'd just done a successful all-nighter, which for most of us was the first time we'd ever seen the lights, and were in an Icelandic garage/café getting some breakfast and looking over our images when we got talking with a long distance lorry driver - his response to a question about getting to see the aurora a lot was basically a shrug and "thousands of times, I guess, don't really notice them anymore...". Yep, that'll do it: *minds* *blown*. :)

That said, the AC's analogy below about a really good sunset is probably better than my more direct night sky objects one; they *do* still look, but only when it's a really good display, and after doing many more trips to the Arctic (it can really get under your skin!) I can kind of see why. I've now got a lot of photographs of simple bands of aurora, so unless it's a really nice composition with the background, an unusual colour, or has something else to set it apart, I often don't bother unless I haven't got my camera set up yet and need a few test shots to check I've nailed my focus and the exposure settings are in the ballpark.

Comment Re:BrickerBot (Score 1) 108

A bad solution is still a bad solution. And vigilanteism is still vigilanteism. And DDOS attacks using infected devices are nothing new, it is just that IoT have opened up a new attack vector. Look at how many Windows based computers have been involved in DDOS in the past.

Yes, it's a bad solution, and it's undeniably vigilantism as well. But, like democracy, it's still the best (and at present, only) solution we currently have that is working at scale. The Zero Day Initiative typically gives vendors 90 days (3 months) to fix a problem before they go public except in exceptional circumstances, and most credible vendors are OK with that framework. By comparison Mirai hit almost six months before BrickerBot, Hajime, and other such tools were unleashed, and in all that time noone - whether vendors, ISPs, or owners - did much more than shrug, shuffle their feet, and wring their hands.

They collectively took a huge dump in everyone else's bed and then did nothing about it, so that just left people stepping up with their bad solutions and vigilantism to try and clean up the mess. Want to "fix" BrickerBot and Hajime, etc.? Fix your devices, secure your networks, and isolate your devices, as applicable. Just like Mirai and the rest, if they can't root the device, then they can't propogate either, and everyone benefits - in fact, unlike the blackhat authors of malicious botnets, the vigilantes are more likely to shut up shop as soon as there are credible signs of progress being made. Acknowledging the message they are sending is all that is required.

Comment Looking at my firewall logs (Score 4, Informative) 108

Looking at my firewall logs I think BrickerBot v3.0 may have actually been unleashed on the 18th, not the 20th. There was a huge decline in scanning for port 5358 that started on the 18th, which is now less than half the activity level it was at on the 17th, and less than 15% of the levels it was peaking at prior to BrickerBot v1.0. There are further, but smaller, falls in some of the other typical IoT ports like 2323 that started around the same time as well.

If you're reading, Janit0r (or whatever your current pseudonym is), keep up the good work! Might be worth taking a look at what's going on with Port 81 as well... Just sayin' :)

Slashdot Top Deals

Advertising is a valuable economic factor because it is the cheapest way of selling goods, particularly if the goods are worthless. -- Sinclair Lewis

Working...