Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Basic resources, with few restrictions (Score 1) 278

I have a corporate Mac, which is enough for all the corporate security bits I need, plus a screen and a stand for my personal BYOD, which has all the stuff a developer needs, but only access to the office net with git, etc.
A good desk and chair. It's sorta too open still, but the rows aren't crowded close like the last place, so it's quiet.
And that's it for the corporate contribution (!)

On my machine I run a vm or a container with the exact configuration of our production machines, one of a number of copies so I can very quickly switch to another project, plus another container with the automated test suite. I have 32GB of socketed memory, so I can support even JVMs full of bloat, like my <I>former</I> production system. I tried running the old company's system on an 8GB Mac, with no results that can be discussed without long strings of curses (;-)) Few companies will believe what it takes to do back-end development, so while working as a consultand and for start-ups, I invested in the equivalent of a good box[1] of mechanic's tools.

--dave
[1 https://sarasota.craigslist.org/tls/6060935656.html, Snap On Tool Box With Tools - Fully Loaded - $5000]

Submission + - Call for the security of the Electronic Voting Machine (EVM) to be tested

An anonymous reader writes: The IT minister of the Indian state of Karnataka has called for a hackathon for testing the electronic voting machines (EVMs) used in the recent elections in India.

In the elections in the Indian state of Uttar Pradesh, BJP, the party which is presently in power in the centre, won with a huge majority. Some from the opposition parties have argued that the EVMs may have been tampered with.

Narendra Modi, the present Prime Minister of India, was accused of using non-authoirzed EVMs in 2010 during the local elections in the state of Gujarat while he was a chief minister there. The EVMs were shown to be giving incorrect results.

In an earlier research done in 2010 by researchers from NetIndia, University of Michigan and a non-profit in Netherlands specializing in electronic voting related issues, the security of the electronic voting machines was found to be inadequate.

Submission + - Windows 10 forced upgrades spark legal action

AmiMoJo writes: Three people in Illinois have filed a lawsuit against Microsoft, claiming that its Windows 10 update destroyed their data and damaged their computers. The complaint, filed in Chicago's US District Court on Thursday, charges that Microsoft Windows 10 is a defective product and that its maker failed to provide adequate warning about the potential risks posed by Windows 10 installation – specifically system stability and data loss. The attorneys representing the trio are seeking to have the case certified as a class action that includes every person in the US who upgraded to Windows 10 from Windows 7 and suffered data loss or damage to software or hardware within 30 days of installation. They claim there are hundreds or thousands of affected individuals. Last June, a California woman won $10,000 after a Windows 10 update disabled her PC.

Submission + - SPAM: Latest Leaked WikiLeaks Reveals How the CIA Collapse Apple Products

An anonymous reader writes: WikiLeaks document to re-issue a new leak on Thursday. According to the latest documents that disclosed non-profit institutions leaker confidential data, the United States Intelligence Agency (CIA) has developed tools to break into Apple products, like the iPhone and MacBook.

The document describes the CIA attempt to hack some device that had been considered impenetrable. They use methods of hacking to access the product directly. Since it was developed in 2009 and 2013, the device was no possibility of infecting the latest Apple devices.

In a news conference, WikiLeaks revealed that the CIA had access to Apple products to sabotage their shipments (opened, infects, and sends back) will come out or into the United States.

However, CNET were not able to verify the authenticity of documents related to this. As of March, the CIA again declined to comment on the authenticity of the document. At that time, WikiLeaks disseminate information about the kinds of devices that hackers can attack the operating system from a variety of popular devices, including the Samsung SmartTV that require physical access to his hack.

"It is the duty of the CIA to be the most innovative, advanced and forward-thinking in order to protect the country from threats that come," said CIA. "Americans deserve it."

Apple states that employees vulnerable infected is a type of 3G in the iPhone series, which was launched in 2009. While the Mac series, cracks vulnerable have been addressed to any device that is released after the year 2013.

"We will never negotiate with WikiLeaks for any information," said Apple. "We have given instructions to keep them informed of any information through a standard procedure that we've applied. So far we have received no information that is not public domain. "

The device targeted Apple firmware, which is software that play a role in fundamental processes. One of the devices that were outlined in the CIA document was "Sonic Screwdriver" that can infect MacBook firmware via the Thunderbolt port.

Processes for its outbreak using the same loophole to the problems described by security researcher Trammel Hudson in 2015. They developed a hacking tool called "Thunderstrike 2" that infects Macbook firmware through the Thunderbolt port is a new gap anticipated Apple in 2015.

Another device described is used to infect Apple is a cache that could infect iPhones in 2008, according to Wikileaks exposure. They noted that these devices have been developed up to version 1.2. "The CIA has plagued the supply chain iPhones since 2008," said Wikileaks.

Link to Original Source

Submission + - Foreign Students Say U.S. High School Classes Are Absurdly Easy (the-american-interest.com)

schwit1 writes: When the Brookings Institution’s Brown Center on Education Policy surveyed foreign exchange students studying in the U.S. in 2001, it found that they thought that American education was a cake walk compared to secondary education in their home countries. And when it conducted the survey again in 2016, it found that exchange students thought that U.S. education was even less challenging than before.

Submission + - Major game publishers target memory scanner Cheat Engine (zerolives.com)

An anonymous reader writes: Major video game publishers are targeting the open source memory scanner, hex editor and debugger Cheat Engine with copyright infringement notices. The notices sent by the Entertainment Software Association claim the tool infringes on their members' copyright.

The open source software has been around for nearly two decades and is used by many to analyze the memory space used by other pieces of software running on the same machine.

The piece of software is especially popular in the video games industry where it is used by modders, cheaters and other enthusiasts to search for information that can be used to create independent pieces of software that can change the functionality of games.

Submission + - Verizon cancelling email; what email providers do you trust? (verizon.com)

DutchUncle writes: Paying for an ISP has always included an email service . . . until now. Verizon is abandoning the service. Their one option for keeping an email address active is moving it to AOL (they still exist???) while their FAQ answers "What will this cost?" with "There is no charge for moving the data." (Nice avoidance move!) I don't think I want my credit card emails going through gmail's greedy filters. Anybody have an email service provider that they trust?

Submission + - SPAM: Spark Energy Corporation Review - Consumer Alert New York State

carmecote08 writes: It has come to our attention that Spark Energy’s brand is being misrepresented, and consumers in New York state state are receiving calls from a third party (or parties) that are not authorized agents of our company. We take our company brand and reputation very seriously, and we are investigating this matter thoroughly. Any assistance consumers contacted by these agents can provide is greatly appreciated, including:

Name of the caller
Name on the Caller ID
Number on the Caller ID
Date and time of the call

We want to take this time to remind consumers that Spark Energy does not request the following information to process a customer enrollment over the phone in New York State, and we urge them not to provide any personal information of this sort: social security number; driver’s license number; home address. If you have been called by someone claiming to be with Spark Energy who requested this type of information, we urge you to contact one of the three (3) credit bureaus to review your credit report for any unusual activity and to request a fraud alert.

We sincerely apologize for any inconvenience this has caused, and look forward to clarifying this matter as soon as possible so that we can continue to provide New York residents with choice when it comes to their electricity and natural gas needs.

If you have information regarding this matter, please contact us at 1.877.547.7275 or customercare@sparkenergy.com.

About Spark Energy Information

Spark Energy, L.P. is a Houston-based, independent, multi-state certified retail energy and natural gas supplier. With more than a decade of experience, the company works to consistently deliver low-cost energy rates, quality products and superior customer service to hundreds of thousands of satisfied customers across 16 states. Spark Energy is dedicated to positively impacting the communities it serves by building relationships, inspiring philanthropy and promoting good will both inside the company and throughout the community. For more information, visit [spam URL stripped].

Link to Original Source

Submission + - Over 14K Let's Encrypt SSL Certificates Issued to PayPal Phishing Sites (bleepingcomputer.com) 1

An anonymous reader writes: During the past year, Let's Encrypt has issued a total of 15,270 SSL certificates that contained the word "PayPal" in the domain name or the certificate identity. Of these, approximately 14,766 (96.7%) were issued for domains that hosted phishing sites. Other CAs have issued a combined number of 461 SSL certificates containing the term "PayPal" in the certificate information, which were later used for phishing attacks. This number is far smaller compared to misused Let's Encrypt certs.

Assuming that current trends continue, Let’s Encrypt will issue 20,000 additional “PayPal” certificates by the end of this year, bringing the total up to 35,000 over the past two years. To blame for this situation is Let's Encrypt, who said in a mission statement it doesn't intent to police the Internet. Browser makers are also to blame [1, 2], along with "security experts" who tell people HTTPS is "secure," when they should point out HTTPS means "encrypted communication channel," and not necessarily that the destination website is secure.

Slashdot Top Deals

This screen intentionally left blank.

Working...