Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

iGoogle Users Irate About Portal's Changes 321

bhhenry sends in an InformationWeek report on a recent unannounced change in the iGoogle portal. Quoting: "Google insists that its revised iGoogle personalized home page generates better 'happiness metrics' than the old design, but a vocal group of users isn't happy about the changes." The recent change introduces what Google refers to as "canvas view," which the Official Google Blog claims "... makes iGoogle a more useful homepage and a better platform for developers." Unlike the last major change made to Gmail, there is no option to revert to the old version of iGoogle. iGoogle users are reporting that widgets and themes are broken, Gmail attachments don't work, and valuable screen space is wasted. The Personalizing Google section of Google Groups is full of thousands of complaints about this sudden and unannounced change. Many posters have have stated that they are using the Canadian or UK version of iGoogle or even moving to to get their preferred layout back. It seems that Google and Yahoo are moving in lockstep in springing forced changes that users hate.

Why Most Published Research Findings Are False 259

Hugh Pickens writes "Researchers have found that the winner's curse may apply to the publication of scientific papers and that incorrect findings are more likely to end up in print than correct findings. Dr John Ioannidis bases his argument about incorrect research partly on a study of 49 papers on the effectiveness of medical interventions published in leading journals that had been cited by more than 1,000 other scientists, and his finding that, within only a few years, almost a third of the papers had been refuted by other studies. Ioannidis argues that scientific research is so difficult — the sample sizes must be big and the analysis rigorous — that most research may end up being wrong, and the 'hotter' the field, the greater the competition is, and the more likely that published research in top journals could be wrong. Another study earlier this year found that among the studies submitted to the FDA about the effectiveness of antidepressants, almost all of those with positive results were published, whereas very few of those with negative results saw print, although negative results are potentially just as informative as positive (if less exciting)."

Undocumented Open Source Code On the Rise 94

ruphus13 writes "According to security company Palamida, the use of open source code is growing rapidly within businesses. However, the lack of documentation and understanding of how the code works can increase the vulnerability and security risks the companies face. OStatic quotes Theresa Bui-Friday saying, 'In 2007, Palamida's Services team audited between 300M to 500M lines of code for F500 to venture-backed companies, across multiple industries. Of the code we reviewed, Palamida found that applications written within the last five years contain 50% or more open source code, by a line of code count. Of that 50% of open source code, 70% was undocumented. This is up from 30% in 2006.' How can businesses protect themselves and still draw on open source code effectively?"

The State of X.Org 618

An anonymous reader writes "Phoronix has up an article looking at the release of X Server 1.4.1. This maintenance release for X.Org, which the open-source operating systems depend upon for living in a graphically rich world, comes more than 200 days late and it doesn't even clear the BugZilla release blocker bug. A further indication of problems is that the next major release of X.Org was scheduled to be released in February... then May... and now it's missing with no sign of when a release will occur. There are still more than three dozen outstanding bugs. Also, the forthcoming release (X.Org 7.4) will ship with a slimmer set of features than what was initially planned."

Microsoft Urges Windows Users To Shun Safari 502

benjymouse writes "The Register has picked up on a recent Microsoft security bulletin which urges Windows users to 'restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple.' This controversy comes after Apple has officially refused to promise to do anything about the carpet bombing vulnerability in the Safari browser. Essentially, Apple does not see unsolicited downloads of hundreds or even thousands of executable files to users' desktops as being a security problem." Now while downloading a hundred files to your desktop won't automatically execute them, Microsoft's position is that a secondary attack could execute them for you.
Red Hat Software

Fedora 9 a Bit Behind the Curve On Installation 110

bsk_cw writes "Today, many Linux users are getting blasé about the ease with which they can install Linux. Possibly, they've been spoiled by distributions such as Ubuntu, which is actually easier to install than Windows. Unfortunately, Fedora 9, the latest version of this community edition of Red Hat, was a bit too much of a blast from the past for Computerworld's James Turner." (Except for bits about the installation, the review is actually quite positive.)

Widespread Keyboard Failures on OLPC's XO-1 264

otakuj462 writes "Many participants in OLPC's 'Give 1 Get 1' program of last November are now encountering what has come to be known as the 'stuck key' problem, in which one or more of the keys on their XO-1 laptop's built-in keyboard become stuck in an activated position, or are activated when adjacent keys are pressed. As of January 30th, the official word from OLPC is that the root cause of this problem is unknown because '[t]here are several manufacturers of the keyboards.' ('So far we don't know of any _reliable_ method of fixing the keyboard or the exact root cause.') It is unknown just how widespread this problem currently is, as the 30-day manufacturer's warranty has already expired for most G1G1 participants. However, the OLPC forums are full of reports. OLPC is currently deploying the XO-1 to children in Mongolia and Peru, as well as other developing nations. If OLPC is actively deploying units with known, critical hardware bugs, without a dedicated support infrastructure in place, to children who have never seen a computer before, should they still be considered to be a responsible organization? Did OLPC deploy their hardware too soon?"

Paypal Advises Users To Stop Using Safari 362

eldavojohn writes "Over concerns for lack of an anti-phishing mechanism for Safari, Paypal is telling its Mac users to use another browser. An author from Ars Technica reveals that he has been using Camino and has fallen victim to a Paypal related phishing scam via e-mail so this story must hit home for him. 'Currently the Apple browser does not alert users to sites that could be phishing for your info, and it lacks support for Extended Validation. PayPal is, of course, a popular site among phishers in their neverending search for personal information, user IDs, and passwords. While it's not entirely fair singling out Safari (other Mac browsers like Camino also lack this support), it is perhaps at least a helpful reminder of the threat.'"

McAfee Worried Over "Ambiguous" Open Source Licenses 315

willdavid writes to tell us InformationWeek is reporting that McAfee, in their annual report, has warned investors that "ambiguous" open source licenses "may result in unanticipated obligations regarding [McAfee] products." "McAfee said it's particularly troubling that the legality of terms included in the GNU/General Public License -- the most widely used open source license -- have yet to be tested in court. 'Use of GPL software could subject certain portions of our proprietary software to the GPL requirements, which may have adverse effects on our sales of the products incorporating any such software,' McAfee said in the report filed last month with the Securities and Exchange Commission. Among other things, the GPL requires that manufacturers who in their products use software governed by the license distribute the software's source code to end users or customers. Some manufacturers have voiced concerns that the requirement could leave important security or copyright protection features in their products open to tampering."

Submission + - Educating developers on opensource and IP

Karl writes: "When NT4's source was leaked on the internet, there seemed to be a lot of curiosity about whether or not open source code had been illegally used by Microsoft. As a growing company, how concerned should we be about the accidental inclusion of [strong] copyleft code into our own code? What can we do to help educate our developers on the topic, so that they know what they can and can't do. I've heard of places with draconian rules prohibiting developers from having open source tools installed in order to help avoid accidental inclusion, but surely there are easier/better ways or simple guidelines our developers can follow?"

Submission + - Linux based phonesystem phones home ( 1

An anonymous reader writes: Users of Trixbox, a PBX based on Asterisk, discovered that the software has been calling home with their usage and statistics.
From the article:
"I have just been made aware of a file '/var/adm/bin/' that contain the following commented lines describing the program:

# This file is design to be executed regularly by an external controller such as cron.
# It retrieves a list of commands to be executed from the specified URI and executes them, saving the output
# and returning it to the webserver as an encrypted string."

Trixbox is owned by Fonality, which makes customised PBXs (again based on asterisk) for paying customers and this is not the first time that Fonality has been called out for their data collection.



Multiple FLAC Vulnerabilities Affect Every OS 360

Enon writes "eEye Digital Security has discovered 14 vulnerabilities in the FLAC file format that affect a huge range of media players on every supported operating system (Windows, Mac OS, Linux, Unix, BSD, Solaris, and even some hardware players are vulnerable). Heise points out a number of vulnerable apps that use the open source libavcodec audio codec library, which in turn relies on the flawed libFLAC library. These vulnerabilities could allow a person of ill will to trojanize FLAC files that could compromise your computer if they are played on a vulnerable media player. eEye worked with US-CERT to notify vulnerable vendors."
Wireless Networking

The OSS Solution to the Linux Wi-Fi Problem 204

tobs writes "Matt Hartley of fame has published an open source way of solving the Linux Wi-Fi problem. He writes, "For intermediate to advanced users, who are willing to track down WiFi cards based on chipsets, live without WPA in some instances or have opted to stick with Ethernet, buying a new notebook for the sake of improved wireless connectivity may seem a little overkill. When a new user faces problems jumping through the NDISWrapper hoops, tracking down WiFi cards from HCLs and other related activities, the end result is almost always the same — they give up. What so many of us, as Linux users, fail to grasp is that projects like OpenHAL are critical to long-term development. The education on what to expect and what not to expect remains a complete load of hot air when articles claim how easy it is to setup wireless Internet on Linux machines. It's downright misleading."
The Courts

Court Ruling Clouds Open Source Licensing 143

JosefAssad writes "In a decision centering around a question of a violation of the Artistic License, a San Francisco court has denied an injunction against Matthew Katzer in the favor of Robert Jacobsen of the JMRI project. Importantly, the decision makes the point that the Artistic License is a contract, an interpretation that the Free Software Foundation has been keen to avoid as a legal stance. The JMRI project has a page up with the legal background and developments."

Can Open Source Give Comfort To the Enemy? 532

zlite writes "We make open source Unmanned Aerial Vehicles (drones), mostly for geomapping and other amateur uses. One of our problems is that most people think of UAVs as Scary Things, and despite our efforts to prove otherwise there's always the risk of regulatory crackdowns. We have amateur UAV participants from around the world, but now they've been joined by an Iranian in Tehran, who has made a UAV in the colors of the Iranian flag. My instinct is that we should welcome everyone, everywhere, but I'm sure some in Washington worry that this looks like helping an 'Axis of Evil' country make advanced weapons. They could shut us down with the stroke of a pen. My question: is there ever a case for letting national security issues dictate the limits of an open source project?"

Slashdot Top Deals

Whom computers would destroy, they must first drive mad.