A new kind of speed camera that uses satellites to measure average speed over long distances is being tested in Britain. The "Speedspike" system combines plate reading technology with a global positioning satellite receiver to calculate average speed between any two points in the area being monitored. From the article: "Details of the trials are contained in a House of Commons report. The company said in its evidence that the cameras enabled 'number plate capture in all weather conditions, 24 hours a day.' It also referred to the system's 'low cost' and ease of installation." I can't wait to see the episode of MythBusters where they try to avoid getting a speeding ticket from a satellite.

Locke2005 writes "In what promises to be one of the quickest threads to become Godwin'ed, YouTube has pulled scores of parodies of the 'Hitler Finds Out' scene from the movie The Downfall. Ironically, I had never heard of this movie before this — and now I want to watch it." Here is the EFF complaint. David Weinberger has posted some details on Google's Content Identification tool, which is being used in the shotgun takedowns.

lee1 writes "Google is now taking into account how fast a page loads in calculating its PageRank. In their own words: '[W]e're including a new signal in our search ranking algorithms: site speed. Site speed reflects how quickly a website responds to web requests. ... our users place a lot of value in speed — that's why we've decided to take site speed into account in our search rankings. ... While site speed is a new signal, it doesn't carry as much weight as the relevance of a page. Currently, fewer than 1% of search queries are affected by the site speed signal in our implementation and the signal for site speed only applies for visitors searching in English on Google.com at this point.' Considering the increasing dilution of high-ranking results by endless series of plagiarizing 'blogs,' brainless forums, and outright scam sites, anything that further reduces the influence of the quality of the content is something I would rather not have. Not that Google asked me."

An anonymous reader notes a long piece up at BusinessInsider.com accusing Facebook founder Mark Zuckerberg of hacking into the email accounts of rivals and journalists. The CEO of the world's most successful social networking website was accused of at least two breaches of privacy. In a two-year investigation detailing the founding of Facebook, Nicholas Carlson, a senior editor at Silicon Alley Insider, uncovered what he claimed was evidence of the hackings in 2004. "New information uncovered by Silicon Alley Insider suggests that some of the complaints [in a court case ongong since 2007] against Mark Zuckerberg are valid. It also suggests that, on at least one occasion in 2004, Mark used private login data taken from Facebook's servers to break into Facebook members' private email accounts and read their emails — at best, a gross misuse of private information. Lastly, it suggests that Mark hacked into the competing company's systems and changed some user information with the aim of making the site less useful. ... Over the past two years, we have interviewed more than a dozen sources familiar with aspects of this story — including people involved in the founding year of the company. We have also reviewed what we believe to be some relevant IMs and emails from the period. Much of this information has never before been made public. None of it has been confirmed or authenticated by Mark or the company." The single-page view doesn't have its own URL; click on "View as one page" near the bottom.

Doofus writes "The Washington Post has published in today's paper an article titled 'Why it's so hard for Toyota to find out what's wrong' by Frank Ahrens on the Toyota situation and the difficulties of adequately conveying to Senators and Representatives — most of whom are non-technical — the debugging process. Ahrens interviews Giorgio Rizzoni, an 'expert in failure analysis' at Ohio State, who describes the iterations of testing that NHTSA will likely inflict on the Toyota sample cars they have purchased, and then moves into the realm of software and systems verification: 'He explained that each vehicle contains "layers of computer code that may be added from one model year to next" that control nearly every system, from acceleration to braking to stability. Rizzoni said this software is rigorously tested, but he added: "It is well-known in our community that there is no scientific, firm way of actually completely verifying and validating software."' Ahrens ends the piece with a quote from a 2009 LA Times interview with former UCLA psychology professor Richard Schmidt about how user reports are often unreliable: 'When the driver says they have their foot on the brake, they are just plain wrong. The human motor system is not perfect, and it doesn't always do what it is told.'" Toyota is currently planning an event to challenge evidence presented by professor David W. Gilbert that called into question Toyota's electronic throttle system.

An anonymous reader writes "I own a small Web development studio that specializes in open source software, primarily Drupal, WordPress, and Joomla for small businesses. Our production servers, which host about 50 sites and generate ~20K hits/week, are managed by a 3rd party that I'm sure many on Slashdot would recognize. Earlier today I was researching some problems on one of our sites and found that there have been over 1 million SSH authentication failures from ~1200 IP addresses on one of our servers over the last year. I contacted the ISP, who had promised me that server security would be actively managed, and their recommendation was, 'change the SSH port!' Of course this makes sense and may help to an extent, but it still doesn't solve the problem I'm facing: how do you manage server security on a tight budget with literally no system admin (except for me and I know I'm a n00b)? User passwords are randomly generated, we use a non-standard SSH port, and do not use any unencrypted services such as FTP. Is there a server monitoring program you would recommend? Is there an ISP or Web-based service that specializes in this?"

alphadogg writes "Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers. RSA authentication is susceptible, they say, to changes in the voltage supply to a private key holder. While guessing the 1,000-plus digits of binary code in a private key would take unfathomable hours, the researchers say that by varying electric current to a secured computer using an inexpensive purpose-built device they were able to stress out the computer and figure out the 1,024-bit private key in about 100 hours – all without leaving a trace. The researchers in their paper outline how they made the attack (PDF) on a SPARC system running Linux."

krou writes "ReadWriteWeb is covering Google's embrace of a system that would enable any Web publisher to 'automatically submit new content to Google for indexing within seconds of that content being published.' Google's Brett Slatkin is lead developer of PuSH, or PubSubHubbub, a real-time syndication protocol based on ATOM, where 'a publisher tells the world about a Hub that it will notify every time new content is published.' Subscribers then wait for the hub to notify them of the new content. Says RWW: 'If Google can implement an Indexing by PuSH program, it would ask every website to implement the technology and declare which Hub they push to at the top of each document, just like they declare where the RSS feeds they publish can be found. Then Google would subscribe to those PuSH feeds to discover new content when it's published. PuSH wouldn't likely replace crawling, in fact a crawl would be needed to discover PuSH feeds to subscribe to, but the real-time format would be used to augment Google's existing index.' PuSH is an open protocol, and Slatkin says that 'I am being told by my engineering bosses to openly promote this open approach even to our competitors.'"

maximus1 writes "Narus is developing a new technology code-named Hone that can be used to identify anonymous users of social networks and Internet services. Hone can do some pretty 'scary' things, says Antonio Nucci, chief technology officer with Narus. Hone uses artificial intelligence to analyze e-mails and can link mails to different accounts, doing what Nucci calls topical analysis. 'It's going to go through a set of documents and automatically it's going to organize them in topics — I'm not talking about keywords as is done today, I'm talking about topics,' he said. That can't be done with today's technology, he said. 'If you search for fertilizers on Google ... it's going to come back with 6.5 million pages. Enjoy,' he said. 'If you want to search for non-farmers who are discussing fertilizer ... it's not even searchable.' Nucci will discuss Hone at the RSA Conference in San Francisco Friday."

HavanaF writes "Online backup is practical, but can it offer any privacy? The Dutch security company Safeberg developed an Offline Private Key Protocol, with an asymmetric key scheme. The protocol demands that the private (decryption) key be stored away from the 'source' computer, which presumably is 'too vulnerable.' The catch is that the private key needs to be fairly large to be secure: a 4,096-bit RSA key should suffice for some years. But how to store an 800-character key offline? Safeberg introduces a machine readable paper key, with the 4k-bit key crammed in a giant 2D Datamatrix barcode. This video on key strength tells the story."

snydeq writes "A new breed of 'spear phishing' aimed at IT admins is making the rounds. The emails, containing no obvious malicious links, are fooling even the savviest of users into opening up holes in their company's network defenses. The authentic-looking emails, which often include the admin's complete name or refer to a real project they are working on, are the product of tactical research or database hacks and appear as if having been sent by the company's hosting provider. 'In each case, the victim remembered getting a similar sort of email message when they first signed on with a service and, thus, thought the bogus message was legitimate — especially because their cloud/hosting providers keep bragging about all the new data centers they're continuing to bring online.' The phishing messages often include instructions for opening up mail servers to enable spam relaying, to disable their host-based firewalls, and to open up unprotected network shares. Certainly fodder for some bone-headed mistakes on the part of admins, the new attack 'makes the old days of hoax messages that caused users to delete legitimate operating system files seem relatively harmless.'"

Google has launched a competitor or counterpart to Microsoft's Photosynth, which employs user-contributed photos of much-photographed sites to supplement the street-level view in an immersive way. Google's offering is called simply Navigate through User Photos, and unlike Photosynth — which requires Sliverlight and therefore is not available on Linux — is implemented in Flash. This YouTube video (also embedded at the link above) offers a quick tour of the new feature, which can use photos uploaded to Panoramico, Flickr, and Picasa.

marpot writes "In an effort to assist Wikipedia's editors in their struggle to keep articles clean, we are conducting a public lab on vandalism detection. The goal is the development of a practical vandalism detector that is capable of telling apart ill-intentioned edits from well-intentioned edits. Such a tool, which will work somewhat like a spam detector, will release the crowd's workforce currently occupied with manual and semi-automatic edit filtering. The performance of submitted detectors will be evaluated based on a large collection of human-annotated edits, which has been crowdsourced using Amazon's Mechanical Turk. Everyone is welcome to participate."