Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Submission + - State Of Public Bug Reporting (opensuse.org)

thisNameNotTaken writes: Story...

I'm using OpenSUSE Tumbleweed SUSE, and it is useful, for testing an audio application. While doing this I found a bug in the "arecord" program. It seem that the authors have not trapped the user input and one can run? arbitrary commands.

So, I went to the OpenSUSE bug tracker. I found an old account and logged in. They don't want bugs reported! This was evident as I had NO access to a reporting page.

So feel free to run, in OpenSUSE Tumbleweed, the following: arecord -v "and insert your command here".

How lame. There should be a price for a companies failure to fix bugs.

If you go the the URL, note with interest the general desire to add a lot of signals to not report a bug. By the way, SUSE, the Gnome editor bug I reported 5 years ago is still open.

Submission + - Here's why airport security takes so long (zdnet.com)

An anonymous reader writes: With the number of passengers vastly outweighing the number of TSA agents, the situation is only getting worse. It's so bad that the TSA is now warning travelers at some airports, like Chicago O'Hare and Midway, to show up at their departure airport up to three hours before their flight leaves — all because there aren't enough staff to man the security posts.

Submission + - Why employers want open source contributors

An anonymous reader writes: The Linux Foundation's annual open source jobs survey found that demand for open source skills and related certifications are at an all-time high. But why is that? In an article on Opensource.com, tech recruiter Lindsey Thorne writes:

Solid tech recruiters understand the technologies and roles they're recruiting for, and they're going to assess your skills accordingly. But I'll admit that many of us have found that the best candidates we've come across have a tendency to be involved in open source, so we often just start our search there. Recruiters provide value to clients when they find candidates who are motivated to work on a team to create something awesome, because that's basically the description of a top-performing employee. It makes sense to me: When you take really smart people and give them the chance to be collaborative—for the sake of making something that works really well or may change the landscape of our everyday lives—it creates an energy that can be addictive.

Submission + - iOS App Detecting Phones Jailbroken By Malware Booted From App Store (helpnetsecurity.com)

An anonymous reader writes: The System and Security Info iOS app by German IT security outfit SektionEins has been pulled from Apple’s App Store less than a week after it was made available. The app shows detailed information about the device it is installed – info on CPU, memory and disk usage – and also shows if the device has been jailbroken (e.g. by malware), inspects running apps (SHA1 hash, signature, entitlements), detects malware and security anomalies, and lists running process on iOS9.

Submission + - US Veterans Affairs Department Wants to Scan the Dark Web for Leaked Data (softpedia.com)

An anonymous reader writes: The US Veterans Affairs Department (VA) has filed documents this past Thursday revealing it was looking for software that can scan the Dark Web for leaked VA information. The software must include a GUI (well duuh), must run on existing infrastructure (no custom servers), must be secure (no apps put together overnight), must use file hashes (third-parties can't access VA data), and must be able to distinguish from VA data leaked from other hacks (like the OPM). Full documents here.

Submission + - ZFS for Linux Finally Lands in Debian GNU/Linux

prisoninmate writes: It took the Debian developers many years to finally be able to ship a working version of ZFS for Linux on Debian GNU/Linux. For those not in the known, ZFS on Linux is the official OpenZFS implementation for Linux, which promises to offer native ZFS filesystem support for any Linux kernel-based operating system, currently supporting Arch Linux, Ubuntu, Fedora, Gentoo, Red Hat Enterprise Linux, CentOS, openSUSE, and now Debian. And it looks like their ZFS for Linux implementation borrows a lot of patches from Ubuntu, at least according to the changelog for zfs-linux 0.6.5.6-2, the version that is now available in the unstable channel for Debian users to install and test.

Submission + - Sen. Blumenthal demands lifting of IT 'gag' order (computerworld.com)

dcblogs writes: U.S. Sen. Richard Blumenthal (D-Conn.) is asking the U.S. Department of Justice to investigate the layoff and replacement of IT workers by foreign workers at a state energy utility. But he is also demanding that the utility, Eversource Energy, drop a particularly restrictive non-disparagement clause that laid off employees had to sign to receive their severance. This clause bars discussion "that would tend to disparage or discredit" the utility. [emphasis added] He wants the employees, who had to train foreign replacements, to be able to state "honestly what happened to them."

Submission + - Loanbase Hacked Via WordPress Hole, Funds Stolen

An anonymous reader writes: Popular international Bitcoin crowd-lending platform Loanbase has suffered a security breach, and is currently offline. The breach was discovered on Saturday and made public on Sunday. So far four user accounts have been confirmed to have been compromised, and none of them had two-factor authentication enabled. The attackers did not gain access to the Bitcoin wallets, but did access the company's SQL database, which contains user information such as e-mail addresses, phone numbers, names, etc.

Submission + - Java Installer Flaw Shows Why You Should Clear Your Downloads Folder 1

itwbennett writes: On Friday, Oracle published a security advisory recommending that users delete all the Java installers they might have laying around on their computers and use new ones for versions 6u113, 7u97, 8u73 or later. The reason: Older versions of the Java installer were vulnerable to binary planting in the Downloads folder. 'Though considered relatively complex to exploit, this vulnerability may result, if successfully exploited, in a complete compromise of the unsuspecting user’s system,' said Eric Maurice, Oracle's software security assurance director, in a blog post.

Submission + - Carbon Dioxide From the Air Converted Into Methanol (gizmag.com)

Zothecula writes: The danger posed by rising levels of atmospheric carbon dioxide has seen many schemes proposed to remove a proportion it from the air. Rather than simply capture this greenhouse gas and bury it in the ground, though, many experiments have managed to transform CO2 into useful things like carbon nanofibers or even fuels, such as diesel. Unfortunately, the over-arching problem with many of these conversions is the particularly high operating temperatures that require almost counterproductive amounts of energy to produce relatively low yields of fuel. Now researchers at the University of Southern California (USC) claim to have devised a way to take CO2 directly from the air and convert it into methanol using much lower temperatures and in a correspondingly simpler way.

Submission + - Bill Gates monitored MS employees' work hours by memorizing their license plates (foxnews.com) 1

schwit1 writes: Microsoft co-founder Bill Gates used to memorize employees' license plate numbers so that he could keep track of when they were arriving at work and leaving.

"I had to be a little careful not to try and apply my standards to how hard [others at the company] worked. I knew everybody's licence plate so I could look out the parking lot and see, you know, when people come in," he said. "Eventually I had to loosen up as the company got to a reasonable size."

Submission + - Cisco Patches Authentication, Denial-of-Service, NTP Flaws In Many Products (csoonline.com)

itwbennett writes: Cisco Systems has released a new batch of security patches for flaws affecting a wide range of products, including for a critical vulnerability in its RV220W wireless network security firewalls. The RV220W vulnerability stems from insufficient input validation of HTTP requests sent to the firewall's Web-based management interface. This could allow remote unauthenticated attackers to send HTTP requests with SQL code in their headers that would bypass the authentication on the targeted devices and give attackers administrative privileges.

Submission + - Microsoft makes Windows 10 a 'recommended update' for Windows 7 and 8.1 users (betanews.com)

Mark Wilson writes: Microsoft has been accused of pushing Windows 10 rather aggressively, and the company's latest move is going to do nothing to silence these accusations. For Windows 7 and Windows 8.1 users, Windows 10 just became a 'recommended update' in Windows Update.

This is a change from the previous categorization of the upgrade as an 'optional update' and it means that there is renewed potential for unwanted installations. After the launch of Windows 10, there were numerous reports of not only the automatic download of OS installation files, but also unrequested upgrades. The changed status of the update means that, on some machines, the installation of Windows 10 could start automatically.

Submission + - Tablets Sales Still Shrinking -- Except Those That Are Most Like PCs, Says IDC (cio.com) 1

itwbennett writes: Tablets may have ushered in the post-PC age, but the only ones posting a growth in sales are detachables — the ones that are most like PCs and most likely to be PC replacements. This category, which includes Apple's iPad Pro and Microsoft's Surface and Surface Pro, saw 8.1 million devices shipped in the 4th quarter, more than double a year earlier, says research firm IDC. Unfortunately for Microsoft, replacing a PC can also mean replacing Windows. According to IDC the biggest-selling detachable in the fourth quarter was the iPad Pro: it estimates Apple sold just over 2 million of them.

Slashdot Top Deals

Wishing without work is like fishing without bait. -- Frank Tyger

Working...