Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:Malignant narcissist upset, news at 11. (Score 1) 760

Nazi Germany was not a "Christian nation". Nazi leaders like Joseph Goebbels, Martin Bormann, and Heinrich Himmler saw the kirchenkampf campaign against the Churches as high priority, and anti-church and anticlerical sentiments were strong among the grassroots party activists. The Nazi propaganda minister, Joseph Goebbels, said that there was "an insoluble opposition between the Christian and a heroic-German world view". Hitler's chosen deputy, Martin Bormann, advised Nazi officials in 1941 that "National Socialism and Christianity are irreconcilable.".
Earth

Scientists Finally Turn Hydrogen Into a Metal, Ending a 80-Year Quest (arstechnica.com) 334

An anonymous reader quotes a report from Ars Technica: In 1935, scientists predicted that the simplest element, hydrogen, could also become metallic under pressure, and they calculated that it would take 25 GigaPascals to force this transition (each Gigapascal is about 10,000 atmospheres of pressure). That estimate, in the words of the people who have finally made metallic hydrogen, "was way off." It took until last year for us to reach pressures where the normal form of hydrogen started breaking down into individual atoms -- at 380 GigaPascals. Now, a pair of Harvard researchers has upped the pressure quite a bit more, and they have finally made hydrogen into a metal. All of these high-pressure studies rely on what are called diamond anvils. This hardware places small samples between two diamonds, which are hard enough to stand up to extreme pressure. As the diamonds are forced together, the pressure keeps going up. Current calculations suggested that metallic hydrogen might require just a slight boost in pressure from the earlier work, at pressures as low as 400 GigaPascals. But the researchers behind the new work, Ranga Dias and Isaac Silvera, discovered it needed quite a bit more than that. In making that discovery, they also came to a separate realization: normal diamonds weren't up to the task. "Diamond failure," they note, "is the principal limitation for achieving the required pressures to observe SMH," where SMH means "solid metallic hydrogen" rather than "shaking my head." The team came up with some ideas about what might be causing the diamonds to fail and corrected them. One possibility was surface defects, so they etched all diamonds down by five microns to eliminate these. Another problem may be that hydrogen under pressure could be forced into the diamond itself, weakening it. So they cooled the hydrogen to slow diffusion and added material to the anvil that absorbed free hydrogen. Shining lasers through the diamond seemed to trigger failures, so they switched to other sources of light to probe the sample. After loading the sample and cranking up the pressure (literally -- they turned a handcrank), they witnessed hydrogen's breakdown at high pressure, which converted it from a clear sample to a black substance, as had been described previously. But then, somewhere between 465 and 495 GigaPascals, the sample turned reflective, a key feature of metals The study has been published in the journal Science.

Comment Huh? Most are software exploits (Score 1) 57

Their argument mostly disproves their claim. I agree that security is much more than eliminating software exploits, but at least 3 of their "top" 5 examples ARE software exploits (because of either a fault in the implementation or in its spec). 1. abuse of weak domain user passwords -- used in 66% of Praetorian pen testers' successful attacks The software should prevent bad passwords by default, but for the sake of argument I'll grant them that one. 2. broadcast name resolution poisoning (like WPAD) -- 64% That's a software exploit. If your protocol is vulnerable to poisoning, your protocol has a problem. 3. local admin password attacks (pass-the-hash attacks) -- 61% Software exploit. Hashes are supposed to *not* be equivalent to the password they were derived from. This is a well-known software exploit. 4. attacks on cleartext passwords in memory (like those using Mimikatz) -- 59% If an untrusted program can see cleartext passwords in memory, there's a software exploit, they're not supposed to do that. 5. insufficient network segmentation -- 52% Okay, that's not a software exploit. So #5 is not a software exploit, #1 is arguably not a software exploit (though it suggests a software problem), and the rest (#2, #3, #4) are software exploits (there's a software vulnerability in the protocol or its implementation). I would agree with them that security is much more than software, but software has an important role to play. The *REASON* that #2, #3, and #4 are problems is because people weren't paying enough attention to security.

Comment Re: This is not Open Source.. (Score 1) 61

You mean "unlimited rights" not "unlimited use rights". Once the government has unlimited rights it can release the software as open source software. For more details, see my paper "Publicly Releasing Open Source Software Developed for the U.S. Government" by David A. Wheeler, Software Tech News, Volume: 14 Number: 1 - DoD and Open Source Software. https://www.csiac.org/journal-...

Comment 'Open Source Software' has reasonable definition (Score 1) 61

I don't think that "open source software" has been significantly redefined. Here's the definition of Open Source Software in this memo: "Software that can be accessed, used, modified, and shared by anyone. OSS is often distributed under licenses that comply with the definition of "Open Source" provided by the Open Source Initiative (https://opensource.org/osd) and/or that meet the definition of "Free Software" provided by the Free Software Foundation (https://www.gnu.org/philosophy/free-sw.html)." That's a little laxer than I'd prefer, but it seems reasonable enough.

Comment Mobile sites more secure than social apps (Score 4, Insightful) 155

Mobile sites tend to be far more secure for users than social apps (you can say "privacy" instead if you want, though many people don't understand the difference). Most social apps, like this one, want total ownership of your phone - and therefore they own you. They demand access to your microphone, camera, location, contact list, and everything else. Big Brother never got so much data. In contrast, the websites don't get access to all that stuff. Facebook doesn't pay me enough to completely give up all my privacy.

Comment But Internet is *NOT* generic (Score 2) 211

Tom Kent falsely claims that, "The argument for lowercasing Internet is that is has become wholly generic, like electricity and the telephone." Here's a thought experiment: I'll create a few disconnected networks, interconnect them, but *not* to the Internet. By definition, any set of interconnected networks is an internet (but not *the* Internet). Then I'll sell a service that lets people access my internet... which lacks Google, Wikipedia, and many other things. I bet he'll suddenly find that "the Internet" is *NOT* generic - it is a *specific* set of interconnected networks, which has a proper name. Governments still routinely create interconnected networks that use TCP/IP, but do *NOT* connect to the Internet - especially when security is critical. AP may be unaware of this, but it's still true. Upper/lower casing in the end isn't THAT critical. The REAL problem is that too many reporters do not understand what they're reporting about, nor do they check their sources to find out. The difference between "Internet" and "internet" have been documented for decades. Failure to understand, and failure to check sources, is the REAL problem here.

Comment How about... (Score 2) 62

I think a lot of Android users would like a phone that (1) gets security updates in a timely way, (2) has reasonably current features, (3) is generally trustworthy, and and (4) isn't force-loaded with lots of uninstallable crapware. Android is a nice OS, but a lot of the smartphone manufacturers seem to assume that users don't care about these things.

Comment Please post "% days safe to use the phone" (Score 1) 85

I think a great measure would be the percent (or number) of days in the year where there were no publicly-known unfixed vulnerabilities. Many phones still have Stagefright vulnerabilities - there were changes that fixed some Stagefright vulnerabilities, but NOT all of them, and thus the phones are still vulnerable.
Businesses

Copyright Trolls Rightscorp Are Teetering On The Verge Of Bankruptcy (arstechnica.com) 94

JustAnotherOldGuy writes: Rightscorp, the copyright trolls whose business model was convincing ISPs to freeze their customers' Internet access in response to unsubstantiated copyright accusations, and then ransom those connections back for $20 each, will be out of money by the end of this quarter. Despite a massive courtroom win against Cox Cable in 2015 (and a counterbalancing gigantic fine for its robocalls), the company couldn't win a technology cat-and-mouse game against its prey -- the wily file-sharers who switched to VPNs and other anonymizing technologies. For the moment, the company is teetering on the brink of financial collapse. It raised $500,000 on February 22, the company reported, but it needs another $1 million to stay afloat. It has only enough cash on hand to continue "into the second quarter of 2016," according to the company's latest financial report.

Slashdot Top Deals

You can do more with a kind word and a gun than with just a kind word. - Al Capone

Working...