Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Microsoft Posts 'No Boys Allowed' Signs at State of RI High School CS Event 4

theodp writes: "Girls and women are half of the world's population," Rhode Island Governor Gina Raimondo told hundreds of high school girls gathered behind doors with signs that read "[Microsoft] DigiGirlz: No Boys Allowed". "They are half of the world’s brains, problem-solvers, leaders. This world cannot solve problems unless they are at the table. That’s why I started programs like CS4RI, partnering with Microsoft and other leaders [including Microsoft-backed Code.org] to offer computer science in every Rhode Island school." Raimondo also noted she was dismayed to learn that only 12 of Rhode Island's 42 students who took the AP Computer Science test were girls (RI has 43,000+ enrolled HS students). The best way to make girls feel welcome in K-12 CS education, some influence-wielding tech giants, politicians, and educators seem to agree, is by making boys even more unwelcome via things like gender-based federal K-12 CS education funding; girls-only learn-to-code initiatives, STEM schools and summer computer camps; and gender-weighted teacher incentive programs from Google and tech-backed Code.org (Google and the U.S. Government even sought to exclude boys from programming White House Christmas tree lights in 2014).

Submission + - Why You Should Care About The Supreme Court Case On Toner Cartridges (consumerist.com)

rmdingler writes: A corporate squabble over printer toner cartridges doesn’t sound particularly glamorous, and the phrase “patent exhaustion” is probably already causing your eyes to glaze over. However, these otherwise boring topics are the crux of a Supreme Court case that will answer a question with far-reaching impact for all consumers: Can a company that sold you something use its patent on that product to control how you choose to use after you buy it?

Here’s the background: Lexmark makes printers. Printers need toner in order to print, and Lexmark also happens to sell toner.

Then there’s Impression Products, a third-party company makes and refills toner cartridges for use in printers, including Lexmark’s.

Submission + - EFF needs your help to stop Congress dismantling Internet privacy protections! (eff.org)

Peter Eckersley writes: Last year the FCC passed rules forbidding ISPs (both mobile and landline) from using your personal data without your consent for purposes other than providing you Internet access. In other words, the rules prevent ISPs from turning your browsing history into a revenue stream to sell to marketers and advertisers. Unfortunately, members of Congress are scheming to dismantle those protections as early as this week. If they succeed, ISPs would be free to resume selling users' browsing histories, pre-loading phones with spyware, and generally doing all sorts of creepy things to your traffic.

The good news is, we can stop them. We especially need folks in the key states of Alaska, Colorado, Maine, Montana, Nevada, Ohio, and Pennsylvania to call their senators this week and tell them not to kill the FCC's Broadband Privacy Rules.

Together, we can stop Congress from undermining these crucial privacy protections.

Submission + - How the Internet Gave Mail-Order Brides the Power (backchannel.com)

mirandakatz writes: For decades, the mail-order bride system in the Philippines went something like this: Western men picked Filipinas out of catalogues, and the women had little to no information about the men they were agreeing to marry. The internet has changed all of that. As Meredith Talusan reports at Backchannel, technology has empowered Filipinas to be choosy about the Western men they pursue—and indeed, when it comes to online dating, they now hold much of the power. As Talusan writes, "in one sense, the leveling of dating power between Filipinas and Westerners is the fulfillment of the global internet’s promise to equalize relations between disparate places and people. Yet even as Filipinas and Westerners face off as equals online, the world of dating exposes the ultimate limitations of the web."

Submission + - SPAM: New hobby of PVS-Studio team: fixing potential vulnerabilities in open source

Andrey_Karpov writes: The topic of vulnerabilities detected in various open source projects is extremely popular nowadays. The news about that can be found on different sites (example: Adobe fixes 8 Security Vulnerabilities in Adobe Flash Player & Shockwave Player). However, it is of no use to discuss these vulnerabilities (CVE) from a programmers' point of view. It is more important to prevent these vulnerabilities at the stage of writing the code, rather than worry that some leak was found again. Therefore, the Common Weakness Enumeration list (CWE) is of greater interest to the developers.

This list (CWE) presents systematized errors that may cause vulnerabilities. There are different factors that influence the fact, if an error turns into a vulnerability or not. In other words, a defect sometimes can be exploited, and sometimes not, depending on luck.

What is significant, is that by eliminating the errors, given in CWE, a programmer protects the code from a great number of potential vulnerabilities in advance. Static analyzers can be great assistants in this case.

PVS-Studio has always been able to detect a large number of various weaknesses (potential vulnerabilities) in the program code. However, historically, we positioned PVS-Studio as a tool to search for errors. As I've already said, there is a trend in the software development to look for vulnerabilities in the code, although it's just the same. We started rebranding of our tool. Common Weakness Enumeration (CWE) was the first thing we looked at and wrote an article where provided a draft of a table, presenting the comparison of PVS-Studio diagnostics and CWE. We also demonstrated a couple of potential vulnerabilities in Apache HTTP Server.

That was not the end. We got interested in fixing potential vulnerabilities in various projects. Moreover, we decided to compile these small actions on making the world a better place, into small weekly reports. The first one covered the defects in C# projects (CoreFX, MSBuild).

The second would be interesting for the community of C and C++ programmers. It is about errors in such projects as FreeBSD, GCC, Clang.

Some may say that nor every project requires testing for the potential vulnerabilities from the CWE point of view. I agree. But it's useful to find bugs and fix them in any case. Plus it demonstrates that PVS-Studio can be used to look for security issues.

Submission + - Critical Cisco Flaw Found Buried in Vault 7 Documents

Trailrunner7 writes: Hundreds of models of Cisco switches are vulnerable to a remote-code execution bug in the company’s IOS software that can be exploited with a simple Telnet command. The vulnerability was uncovered by company researchers in the CIA hacking tool dump known as Vault 7.

The bug is a critical one and an attacker who is able to exploit it would be able to get complete control of a target device. The flaw lies in the Cluster Management Protocol (CMP) that’s used in IOS, and Cisco said it’s caused by the incorrect processing of CMP-specific Telnet options, as well as accepting and processing these commands from any Telnet connection.

“An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device,” the Cisco advisory says.

Submission + - Windows 10 will download some updates even over a metered connection

AmiMoJo writes: Until now Windows 10 has allowed users to avoid downloading updates over metered (pay-per-byte) connections, to avoid racking up huge bills. Some users were setting their ethernet/wifi connections as metered in order to prevent Windows 10 from downloading and installing updates without their permission. In its latest preview version of the OS, Microsoft is now forcing some updates necessary for "smooth operation" to download even on these connections. As well as irritating users who want to control when updates download and install, users of expensive pay-per-byte connections could face massive bills.

Comment People don't have a clear understanding. (Score 1) 126

guess that a lot of people don't understand all the details.

Getting a job at Microsoft or Amazon is considered, by some people, as good support for getting future jobs.

Suppose you have lived for years in Seattle. Your friends are there. You have spent years learning to make yourself comfortable there. You wouldn't want to move. And, if you decide to move, to where?

There are people who make huge amounts of money who are willing to accept that there are some surroundings that are miserable.

Mostly, however, I think I don't fully understand the sociology of Seattle.

Comment News stories say that is true. More detail: (Score 4, Informative) 126

News stories I've found indicate what you said is correct:

Seattle: Together with abusive companies and bad city management, Seattle is a miserable place.

Houses in Seattle are expensive: Seattle bumps Boston as the most expensive U.S. housing market that's not in California.

Rent is expensive: Seattle rent is 5th most expensive in U.S.

Traffic: Seattle one of the worst U.S. cities for traffic congestion, tied with NYC (March 31, 2015) Quote: "An additional 23 minutes a day spent in traffic may not sound like much, but when it adds up over a year it becomes 89 hours." (Whoever wrote that must be accustomed to Seattle misery. An additional 23 minutes a day spent in traffic sounds HORRIBLE.)

Slow internet: Many areas of Seattle have poor internet connections. See the article, These places have the slowest Internet in the country. (June 25, 2015) Quote: "... Seattle ... CenturyLink (CTL) customers trying to access particular sites from 9 p.m. to 10 p.m. will have unbearably slow speeds."

Microsoft: Microsoft Is Filled With Abusive Managers And Overworked Employees, Says Tell-All Book (May 23, 2012)

Amazon: Worse than Wal-Mart: Amazon's sick brutality and secret history of ruthlessly intimidating workers (February 23, 2014)

Amazon: Inside Amazon: Wrestling Big Ideas in a Bruising Workplace (August 15, 2015) Quote: "The company is conducting an experiment in how far it can push white-collar workers..."

Amazon: Amazon Under Fire Over Alleged Worker Abuse in Germany (February 19, 2013)

Submission + - Insurance Startup Uses Behavioral Science To Keep Customers Honest (fastcompany.com)

tedlistens writes: at FastCo, Ainsley O'Connell writes:

Insurance startup Lemonade won itself headlines in January with the boast that it had successfully approved a claim in just three seconds. In that time, Lemonade’s software had run 18 anti-fraud algorithms and sent a payment to the lucky customer’s bank account—a process that would have taken a traditional property and casualty insurer days, if not weeks.

But it’s what happened before Lemonade’s artificial intelligence kicked into gear that makes the renegade insurer so potentially disruptive to this trillion-dollar industry, for which premiums alone comprise 7% of U.S. GDP. The customer, Brooklyn educator Brandon Pham, opened Lemonade’s mobile app, signed an “honesty pledge” to attest to the truth of his claim, and then recorded a short video explaining that his Canada Goose parka, worth nearly $1,000, had been stolen.

That deceptively simple claims process is the byproduct of academic research on psychology and behavioral economics conducted by Dan Ariely, one of the field’s most prominent voices and Lemonade’s chief behavioral officer.... “There’s a lot of science about when people behave and misbehave that has not been put to use,” says Lemonade cofounder and CEO Daniel Schreiber.

Submission + - Firefox 52 forces pulseaudio, dev claims that telemetry is essential (mozilla.org) 3

jbernardo writes: While trying to justify breaking audio on firefox for several linux users by making it depend on pulseaudio (and not even mentioning it in the release notes), Anthony Jones, who claims, among other proud achievements, to be "responsible for bringing Widevine DRM to Linux, Windows and Mac OSX", informs users that disabling telemetry will have consequences — "Telemetry informs our decisions. Turning it off is not without disadvantage."
The latest one is, as documented on the mentioned bug, that firefox no long has audio unless you have pulseaudio installed. Many bug reporters suggest that firefox telemetry is disabled by default on many distributions, and also that power users, who are the ones more likely to remove pulseaudio, are also the ones more likely to disable telemetry.
As for the pulseaudio dependence, apparently there was a "public" discussion on google groups, and it can be seen that the decision was indeed based on telemetry.
So, if for any reason you still use firefox, and want to have some hope it won't be broken for you in the future, enable all the spyware/telemetry.

Slashdot Top Deals

A debugged program is one for which you have not yet found the conditions that make it fail. -- Jerry Ogdin

Working...