Comment Re:Automated source tools (Score 1, Informative) 96
Sudo has always been very aggressive about addressing security issues and the developers take it very seriously - they have been doing this for several decades. Good thing since by the nature of the tool, it escalates privileges.
So while a bummer to see this exploit, that should not discourage anyone from using it and it is a de-facto tool in the sysadmin toolkit.
Ditto what Brian-Fu said in that I'm curious how the "su - works just fine" people log their commands, provide some granular control (by user and command), etc. etc.
And let me know how well that scales with you have hundreds/thousands of machines and dozens of Sysadmins ...
So while a bummer to see this exploit, that should not discourage anyone from using it and it is a de-facto tool in the sysadmin toolkit.
Ditto what Brian-Fu said in that I'm curious how the "su - works just fine" people log their commands, provide some granular control (by user and command), etc. etc.
And let me know how well that scales with you have hundreds/thousands of machines and dozens of Sysadmins
Comment Does anyone actually look at political ads? (Score 1) 314
Political ads are about as exciting as watching grass grow
Comment DUP - Do Slashdot Editors grow new neuron?!? ;-) (Score 3, Insightful) 30
Do Slashdot Editors grow new neurons?
This is a DUP of same story/headline posted 4 hours earlier
Comment And this is a "problem" because ... (Score 5, Insightful) 301
... a developer should be modifying production code?
Comment Is this racist or economic? (Score 4, Informative) 497
Are you sure that Apple isn't just plunking their stores in places where people have more money? From TFA:
"Apple Store neighborhoods have a median household income of about $73,475 per year; black American households earn a median average of $38,555, according to the ACS estimate for 2016. The median household income in the Bronx is $34,299."
"Apple Store neighborhoods have a median household income of about $73,475 per year; black American households earn a median average of $38,555, according to the ACS estimate for 2016. The median household income in the Bronx is $34,299."
Comment Broadcom also moving their HQ from Singapore to US (Score 1) 69
Submission + - AI Training Algorithms Susceptible to Backdoors, Manipulation (bleepingcomputer.com)
An anonymous reader writes: Three researchers from New York University (NYU) have published a paper this week describing a method that an attacker could use to poison deep learning-based artificial intelligence (AI) algorithms.
Researchers based their attack on a common practice in the AI community where research teams and companies alike outsource AI training operations using on-demand Machine-Learning-as-a-Service (MLaaS) platforms. For example, Google allows researchers access to the Google Cloud Machine Learning Engine, which research teams can use to train AI systems using a simple API, using their own data sets, or one provided by Google (images, videos, scanned text, etc.). Microsoft provides similar services through Azure Batch AI Training, and Amazon, through its EC2 service.
The NYU research team says that deep learning algorithms are vast and complex enough to hide small equations that trigger a backdoor-like behavior. For example, attackers can embed certain triggers in a basic image recognition AI that interprets actions or signs in an unwanted way. In a proof-of-concept demo of their work, researchers trained an image recognition AI to misinterpret a Stop road sign as a speed limit indicator if objects like a Post-it, a bomb sticker, or flower sticker were placed on the Stop sign's surface. In practice, such attacks could be used to make facial recognition systems ignore burglars wearing a certain mask, or make AI-driven cars stop in the middle of highways and cause fatal crashes. Albeit such demos have not taken place, they are theoretically possible.
Researchers based their attack on a common practice in the AI community where research teams and companies alike outsource AI training operations using on-demand Machine-Learning-as-a-Service (MLaaS) platforms. For example, Google allows researchers access to the Google Cloud Machine Learning Engine, which research teams can use to train AI systems using a simple API, using their own data sets, or one provided by Google (images, videos, scanned text, etc.). Microsoft provides similar services through Azure Batch AI Training, and Amazon, through its EC2 service.
The NYU research team says that deep learning algorithms are vast and complex enough to hide small equations that trigger a backdoor-like behavior. For example, attackers can embed certain triggers in a basic image recognition AI that interprets actions or signs in an unwanted way. In a proof-of-concept demo of their work, researchers trained an image recognition AI to misinterpret a Stop road sign as a speed limit indicator if objects like a Post-it, a bomb sticker, or flower sticker were placed on the Stop sign's surface. In practice, such attacks could be used to make facial recognition systems ignore burglars wearing a certain mask, or make AI-driven cars stop in the middle of highways and cause fatal crashes. Albeit such demos have not taken place, they are theoretically possible.
Submission + - What did /.'ers do to experience the 2017 Total Solar Eclipse?
xmas2003 writes: /. posted a few days before the
August 21st, 2017 Total Solar Eclipse but we haven't seen any followup.
What did /.'ers do to experience this rare incredibly cool event and how did it turn out?
SmarterEveryDay Destin gets great geek cred for watching the ISS transit the eclipsed sun while we were fortunate to have an incredible experience on 40 acres of farmland watching the Total Solar Eclipse near Tryon, Nebraska — here's a complete video of the totality event from the middle of nowhere.
While the pics/video are cool, the real-life experience of actually being there in person is even 100X better — highly recommend you try to attend a future total solar eclipse!
SmarterEveryDay Destin gets great geek cred for watching the ISS transit the eclipsed sun while we were fortunate to have an incredible experience on 40 acres of farmland watching the Total Solar Eclipse near Tryon, Nebraska — here's a complete video of the totality event from the middle of nowhere.
While the pics/video are cool, the real-life experience of actually being there in person is even 100X better — highly recommend you try to attend a future total solar eclipse!
Comment Dup (Score 0, Troll) 14
Isn't this a dup that was just posted/discussed here?
Comment Is Hawking up for the rigors of spaceflight? (Score 5, Interesting) 77
Awesome that Stephen Hawking gets a chance to go into (the edge) of space, but is he up for the rigors of Spaceflight? Zero-G shouldn't be an issue, but some positive G's on the way up and way down. Hopefully this has been thought through ...
Comment Jon now reporting the tweet is deleted (Score 4, Informative) 109
Comment Deja Voo of the Pentium 5 FDIV bug (Score 4, Insightful) 122
Old-timers will remember the Pentium 5 FDIV bug where the chip sometimes yielded incorrect results for complex mathematical calculations.
Submission + - Internet of Things - Controllable Christmas Lights
An anonymous reader writes: For over a decade, Alek's Controllable Christmas Lights have been a festive online holiday tradition for millions of Internet users world-wide, so it was sadly the end of an era last year, when the Griswold wanna-be hung up his Santa Hat in 2014.
But with the "Internet of Things" being the rage these days, it didn't take long
for another Griswold to emerge from the North Pole, or at least pretty darn
close to it.
Ken Woods from Fairbanks, Alaska
has his house online 24 hours a day with a dozen ON/OFF buttons that
Internet users can use to toggle his lights with a click of a mouse.
Here's a video of it in action and he uses Amazon EC2 to power it online.
While that all looks real, low-UID /.'ers will remember that Alek did
a simulation from 2002-2004 using Perl code to switch between
a series of images. Looks like the prankster dusted off that code for the
Control Christmas Lights.com website
I, for one, welcome our new Griswold Overlords with a big HO-HO-HO
I, for one, welcome our new Griswold Overlords with a big HO-HO-HO
Comment SEC Filing where it was disclosed and more info (Score 4, Interesting) 54
Here's the SEC Filing that got the ball rolling on this unfortunate situation.
There's also some info in the WSJ writeup.
Their CFO had left in April and their Chief Accounting Officer just resigned ... unknown how those relate to what happened.
Bummer to see this happen to Ubiquiti as they seem like a good company.
There's also some info in the WSJ writeup.
Their CFO had left in April and their Chief Accounting Officer just resigned
Bummer to see this happen to Ubiquiti as they seem like a good company.
Slashdot Top Deals
Uncompensated overtime? Just Say No.
