Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - Ultrasound Tracking Could Be Used to Deanonymize Tor Users (

An anonymous reader writes: Ultrasounds emitted by ads or JavaScript code hidden on a page accessed through the Tor Browser can deanonymize Tor users by making nearby phones or computers send identity beacons back to advertisers, data which contains sensitive information that state-sponsored actors can easily obtain via a subpoena.

The attack relies on the practice of ultrasound cross-device tracking (uXDT) that allows advertisers to link users to different devices by using inaudible ultrasounds secretly emitted via their ads. Nearby devices pick up these sounds and ping the advertisers' server with details about the user's devices. In tests, the research team has intercepted some of the traffic these ultrasound beacons trigger on behalf of the phone, traffic which contains details such as the user's real IP address, geo-location coordinates, telephone number, Android ID, IMEI code, and device MAC address.

Submission + - Ask Slashdot: How do I disable a radio credit card?

Keybounce writes: So, like most of you, I recently got a new credit card with a chip in it. I was not worried about that — I know the chips are harder to copy and counterfeit.

But I recently discovered that the card is also a radio card — swiping it near the screen caused an message to show up on the reader. In this case, it told me to use the chip reader instead — but this means it has an active radio signal, and could be "hacked" — stolen by someone with the right device.

How can I prevent this? Is there anything I can do that will disable the radio signal and still leave the chip functioning?

Submission + - FBI Raids Dental Software Researcher Who Found Patient Records On Public Server

blottsie writes: Yet another security researcher is facing possible prosecution under the CFAA for accessing data on a publicly accessible server. The FBI on Tuesday raided Texas-based dental software security researcher Justin Shafer, who found the protected health records of 22,000 patients stored on an anonymous FTP.

“This is a troubling development. I hope the government doesn't think that accessing unsecured files on a public FTP server counts as an unauthorized access under the CFAA,” Orin Kerr, a George Washington University law professor and CFAA scholar told the Daily Dot. “If that turns out to be the government's theory—which we don't know yet, as we only have the warrant so far—it will be a significant overreach that raises the same issues as were briefed but not resolved in [Andrew 'weev' Auernheimer's] case. I'll be watching this closely.”

Submission + - Plugged particles pack in natural gas (

ckwu writes: Developing a compact, lightweight, and low-cost technology for storing natural gas has been a critical hurdle for its widespread adoption as a vehicle fuel. Now, researchers have devised a method to boost the methane storage capacity of porous adsorbent materials, which can then be kept and transported at low pressure. The trick is to seal high-pressure methane gas inside porous beads using hydrocarbon plugs that can be slowly removed to release the gas, effectively turning the beads into tiny gas tanks. The coated beads store twice the amount of methane as uncoated beads at a low 0.1 megapascal of pressure. For use in vehicles, adsorbent pellets loaded with natural gas could be stored in lightweight cartridges that could be swapped out at a gas station, the researchers say.

Submission + - Millions Stolen in Coordinated ATM Heist (

wiredmikey writes: A manhunt is underway for criminals who looted millions from Japan's cash machines nationwide in an hours-long heist, officials and reports said Monday.

Armed with fake credit card details from South Africa's Standard Bank, the thieves hit 1,400 convenience store ATMs in a coordinated attack earlier this month. The international gang members, reportedly numbering around 100 people, each made a series of withdrawals in less than three hours, Japanese media said. Japanese police declined to confirm the robbery, but Standard Bank acknowledged the heist and put its losses at around $19 million.

Submission + - What's the smallest biggest number you can think of?

serviscope_minor writes: If you think exponentials, factorials or even Ackermann's function grow fast, then you're thinking too small. For truly huge, but well defined, numbers, you need to enter the realm of non computability.

The Busy Beaver function BB(n) is the largest number of steps that an n state Turing machine will run for when fed with a blank tape excluding non halting programs. It grows faster than any computable series but starts off as the rather pedestrian 1, 6, 21, 107. By BB(7) it reaches at least 10^10^10^10^10^7 and at some point becomes non computable. It must be non computable because if it wasn't, you could run a program for BB(N+extra states needed to encode the initial tape state)+1 steps, and if it gets that far then you know it never halts, so you've solved the Halting Problem. So, at some point it must transition from numbers that can be computed to ones that can't be.

And now there's some new and rather interesting insight into that which essentially reduces the problem to code golf or the International Obfuscated Turing Code Contest (as if there is any other sort). Imagine you have an axiomatic system, say ZFC (which underlies almost all of modern maths), and you know you can't prove it's consistent (you can't). If you write a program that systematically evaluates and tests hypothesis based on the axioms, you can't prove it will halt or not since that's equivalent to proving consistency.

This insight and first upper bound is the program proving that BB(7918) is noncomputable comes from this new paper. It turns out that writing a ZFC axiom evaluator directly in a Turing machine is rather tricky and long winded, so the authors wrote a small interpreter for a higher level language then wrote the axiom evaluator in that. Now finding a smaller uncomputably larger number is a question of writing even smaller programs which attempt to compute undecidable things. Think you can do better? A good starting point would probably be the existing code on github.

(I hope I've got the explanation at least half way right!)

Submission + - Better SWIFT software design would have thwarted Bangladesh Bank cyber heist (

An anonymous reader writes: New or modified malware code that at the least had a different MD5 hash was allowed to register, load and execute without detection. The malware should not have been able to execute, and SWIFT’s security team should have been notified. This is what happened when attackers exploited retailer Target’s POS system, yielding 40 million credit card numbers and identities. Just like the Target exploit, once the attackers jumped perimeter defenses, bad security policy let them run whatever malware they chose.

Submission + - An Inch of Metal Foam Disintegrates Bullets (

TechnoidNash writes: Last week, North Carolina State University uploaded a video of a bullet being fired at a sheet of composite metal foam. Afsaneh Rabiei, a professor of mechanical and aerospace engineering at NC State, has spent years developing composite metal foams, and the fruits of her labors are clear to see as the armor piercing round completely shatters after impacting the metal foam. Read more:

Submission + - Radio Attack Lets Hackers Steal 24 Different Car Models (

An anonymous reader writes: A group of German vehicle security researchers has released new findings about the extent of a wireless key hack, and their work ought to convince hundreds of thousands of drivers to keep their car keys next to their Pudding Pops. The Munich-based automobile club ADAC recently made public a study it had performed on dozens of cars to test a radio “amplification attack” that silently extends the range of unwitting drivers’ wireless key fobs to open cars and even start their ignitions. The ADAC researchers say that 24 different vehicles from 19 different manufacturers were all vulnerable, allowing them to not only reliably unlock the target vehicles but also immediately drive them away.

Submission + - SPAM: Treating Schizophrenia With Virtual Reality And Robots

An anonymous reader writes: A European project has been using avatars, VR, robots and other experimental feedback scenarios to develop new treatments for sufferers of schizophrenia, autism and social phobias. The AlterEgo project is based on the theory that we interact best with people who resemble us, and uses virtual versions of patient subjects, as well as a humanoid robot, to take part in social interaction with the patients, who can more easily engage with entities that look or behave like themselves.
Link to Original Source

Submission + - Faulty Printer Sparked Halt of $1 Billion Cyber Heist (

wiredmikey writes: A printer fault at Bangladesh's central bank meant that overseas queries about suspicious transactions went unanswered, according to a report on the $81 million cyber heist that shocked the banking world. Because of a printer and software problem, it took the Bangladesh central bank nearly four days to ask banks across the globe to halt payments to the hackers.

The hackers managed to transfer $81 million on February 5 — a Friday, when Bangladesh Bank is closed — from its account with the Federal Reserve Bank of New York, transferring the cash electronically to accounts in the Philippines.

Bangladesh Bank tried to contact New York on February 6 by email, fax and phone to ask that the transactions be suspended when it realized that the SWIFT interbank messaging system which it normally used was not working properly.

Central bank governor Atiur Rahman and two of the deputy governors have lost their jobs over the scandal, which has hugely embarrassed the government and raised alarm over the security of the country's foreign exchange reserves of over $27 billion.

Submission + - Researcher Seeks Help Finding Developers of App Exposing 198,000 Users (

itwbennett writes: Researcher Chris Vickery has previously discovered database misconfiguration issues leading to exposure of sensitive information on 1,700 kids whose parents used the monitoring service, user accounts of millions of Hello Kitty fans, millions of voter records, and personal information of millions of MacKeeper users, among others. Now, he is trying to find the owners of a database containing 190,000 records, including email addresses, usernames and hashed passwords, that is sitting open in the public. 'The exposed records are connected to an iPhone application called Kinotopic,' writes CSO Online's Steve Ragan. But Vickery has been unable to contact them. 'I have tried to get in touch with the Kinotopic developers in several ways. All were unsuccessful,' Vickery wrote in a blog post explaining the situation.

Submission + - Google, Yahoo Cry About Ad-Blocking (

JustAnotherOldGuy writes: Google and Yahoo have accused ad-blocking software Shine of "destroying the relationship" between advertisers and consumers, after an executive from the company called its solution a "nuclear weapon" threatening the industry. Ad blocking software use grew 41 percent in the 12 months to August 2015 and there are now 198 million active adblock users around the world, according PageFair. Benjamin Faes, managing director of media and platforms at Google, called Shine's technology a "blunt" solution that punishes users and good advertisers, and said, "Blocking all ads I think it's diminishing my experience of advertising and in that case we see an issue for the user themselves." It appears that these advertising executives still don't "get it", and are disingenuously tone-deaf to the legitimate complaints raised about ads.

Submission + - iRobot is selling off its military division (

AmiMoJo writes: Vacuum bot maker iRobot has sold off its defense and security division in order to focus on its core Roomba business. If you were unaware that iRobot even made military toys, the company actually got its start building military hardware for the likes of DARPA as far back as 1998. At one point, it was awarded a $286 million military contract to produce robots that can detect and disarm bombs and do other risky chores. Turns out, there just wasn't enough money in it. According to its financial statements, iRobot raked in around 15 times more money with Roomba vacs than military robots.

Slashdot Top Deals

You can't go home again, unless you set $HOME.