posted 10 days ago on slashdot
fulldecent writes: Popular photo printing website Artisan State, which specializes in bound photo books mostly for weddings or other events, unintentionally makes all its uploaded user photos available publicly for download. This case study shows how their photos are able to be downloaded and discusses the things vendors should think about when considering security of seemingly private user content. The case study also discusses how this flaw was reported to the vendor, but unfortunately never fixed. This follows other articles on Slashdot discussing security disclosure. How do you report vulnerabilities to vendors? Do you support publishing them if they are not fixed in a reasonable time?

Read More...
posted 10 days ago on slashdot
An anonymous reader sends an article from Quanta Magazine about research into individuality — how behavior varies (or doesn't) when genetics and environment are as similar as possible. Scientists are taking various strains of fruit fly that are genetically almost identical (the result of extreme inbreeding) and raising them alone in environments that are exact copies of each other. Then they run the fruit flies through a series of decision-making tests to see how varied their responses are. Some fruit fly strains show a high degree of variance for tasks like navigating a maze. Other strains show almost no variance, suggesting there's a genetic component to individuality. The scientists also found that manipulating a certain set of neurons in the fruit flies's brains could increase the variation in choices they make. One theory suggests that evolution tends to select for genes that increase individuality by making it more difficult for predators to predict what the prey will do next.

Read More...
posted 10 days ago on slashdot
alphadogg writes: A panel of security experts, including from IBM, LogMeIn and formerly RSA, warn that IoT security is a growing threat because device makers haven't baked in security. IT security staffs are already inundated with safeguarding internal infrastructure and cloud-based resources, so guarding against a slew of a new threats is likely to be overwhelming. LogMeIn's Paddy Srinivasan says most Intenet-of-things OEMs "barely even have IT staff," so they aren't capable of developing rigorous security even if they wanted to. IBM’s Andy Thurai says most companies are rushing technology to market to try to monetize you as much as possible, and they aren't even willing to give you a cut for the data you supply. Regulations may help, but probably not enough and definitely not soon.

Read More...
posted 10 days ago on slashdot
An anonymous reader points out an article about Backyard Brains, a small company notable for turning cockroaches into cyborgs. The article explores how such an odd use of science and technology can actually form the basis of a business. They primarily work with educational organizations to bring their brand of DIY neuroscience to students and other interested parties. School budgets are often small, so a key part of Backyard Brains's goal is to make things inexpensive. "We want to inspire a generation of citizen-scientists. If we can lower the barrier to entry so the only limit is creativity, that might help with finding treatments for neurological disorders." As they find success, they're developing more research kits, and finding more ways to make cyborg insects into a business.

Read More...
posted 10 days ago on slashdot
An anonymous reader sends an article taking a harsh look at Rust, the language created by Mozilla Research, and arguing that despite all the flaws of C and C++, the two older languages are likely to remain in heavy use for a long time to come. Here are a few of the arguments: "[W]hat actually makes Rust safe, by the way? To put it simple, this is a language with a built-in code analyzer and it's a pretty tough one: it can catch all the bugs typical of C++ and dealing not only with memory management, but multithreading as well. Pass a reference to an assignable object through a pipe to another thread and then try to use this reference yourself - the program just will refuse to compile. And that's really cool. But C++ too hasn't stood still during the last 30 years, and plenty of both static and dynamic analyzers supporting it have been released during this time." Further, "Like many of new languages, Rust is walking the path of simplification. I can generally understand why it doesn't have a decent inheritance and exceptions, but the fact itself that someone is making decisions for me regarding things like that makes me feel somewhat displeased. C++ doesn't restrict programmers regarding what they can or cannot use." And finally, "I can't but remind you for one more time that the source of troubles is usually in humans, not technology . If your C++ code is not good enough or Java code is painfully slow, it's not because the technology is bad - it's because you haven't learned how to use it right. That way, you won't be satisfied with Rust either, but just for some other reasons."

Read More...
posted 10 days ago on slashdot
merbs sends an update on MakerBot, one of the most well known names in the 3D-printing industry. After its acquisition by Stratasys in 2013, defective parts plagued the company's printers in 2014. MakerBot co-founder and CEO Bre Pettis stepped down, and the company laid off 20% of its employees. The new CEO, Jonathan Jaglom, is now talking about how they're rebuilding MakerBot, and where we can expect it to go in the future. "The 39-year-old, Swiss-born Jaglom says that his priorities since taking over have been to dedicate more attention to customer support, to address the remaining fallout from the extruder problem, and to reorient the company to target its Replicators to the professional and educational markets." Jaglom also envisions a sort of "iTunes for 3D printing," where people can easily buy designs online and print them out at home. He says, "I'll be sitting at home. Maybe something broke; maybe my glasses. Maybe I want to reprint it and I'll go to Oakley, Ray Ban, whatever, Philippe Starck in this case, download the file, pay $3.49 for it, and print it at home. And then you will have to go to your Kinko's or your Fab Labs, your local 3D printing, if you want it in metal or plastics you can't have at home."

Read More...
posted 10 days ago on slashdot
SonicSpike writes with news of a ruling in U.S. District Court that the seizure and search of a man's laptop without a warrant while he was in an airport during an international border crossing was not justified. According to Judge Amy Jackson's ruling (PDF), the defendant was already the subject of an investigation when officials used his international flight as a pretext for rifling through his laptop. The government argued that a laptop was simply a "container," and thus subject to warrantless searches to protect the homeland. But the judge said the search "was supported by so little suspicion of ongoing or imminent criminal activity, and was so invasive of Kim's privacy and so disconnected from not only the considerations underlying the breadth of the government's authority to search at the border, but also the border itself, that it was unreasonable." She also noted that laptop searches may require more stringent legal support, since they are capable of holding much more private information than a box or duffel bag. And while a routine search involves a quick look through a container, this search was quite different: "[T]he agents created an identical image of Kim's entire computer hard drive and gave themselves unlimited time to search the tens of thousands of documents, images, and emails it contained, using an extensive list of search terms, and with the assistance of two forensic software programs that organized, expedited, and facilitated the task."

Read More...
posted 10 days ago on slashdot
astroengine sends word that the astronauts aboard the International Space Station will be staying up there longer than expected while engineers for Russia's space program try to figure out if it's safe to launch more rockets. The recent Russian cargo mission that spun out of control and eventually fell back into the atmosphere sparked worries that a vessel sent to retrieve the astronauts wouldn't make it all the way to the ISS's orbit. Roscosmos and NASA said the next rocket launch will be postponed at least two months. Even though the Russian cargo ship failed to reach the ISS, they have plenty of food, water, and air to last them to the next scheduled supply run — a SpaceX launch in late June.

Read More...
posted 10 days ago on slashdot
An anonymous reader writes with this excerpt from VentureBeat: Mozilla today launched Firefox 38 for Windows, Mac, Linux, and Android. Notable additions to the browser include Digital Rights Management (DRM) tech for playing protected content in the HTML5 video tag on Windows, Ruby annotation support, and improved user interfaces on Android. Firefox 38 for the desktop is available for download now on Firefox.com, and all existing users should be able to upgrade to it automatically. As always, the Android version is trickling out slowly on Google Play. Note that there is a separate download for Firefox 38 without the DRM support. Our anonymous reader adds links to the release notes for desktop and Android.

Read More...
posted 10 days ago on slashdot
Jason Koebler writes: A new class of magnesium-alloy syntactic foam, which is made out of hollow particles to lower its weight and density is one of the strongest metals for its weight and density ever developed, which makes it ideal for use in boats. Developed by Nikhil Gupta at NYU Polytechnic University, the alloy is 44 percent stronger than similar, aluminum-based foams, and each individual sphere within the foam can withstand pressure of more than 25,000 pounds per square inch before breaking, which is roughly 100 times the pressure exerted by water coming out of a firehose. Gupta's foams are currently used by the Navy and he suspects this one will be ready for use in warships within three years.

Read More...
posted 10 days ago on slashdot
v3rgEz writes: Outspoken atheist firebrand Christopher Hitchens was never one for understatement, and apparently the FBI took notice. A Freedom of Information request from investigative news site MuckRock has resulted in the release of his 19-page FBI file, including details such as how his interest in socialism in college sparked heightened monitoring when given a scholarship to come to the United States. Some of the pages had actually been previously released, but were then removed from the FBI's own website a few years ago. Despite the monitoring, Hitchens files have nothing on the hundreds of pages the FBI had on Richard Feynman.

Read More...
posted 10 days ago on slashdot
An anonymous reader writes: The Atlantic has an article asking whether autonomous cars need windows. If there's no driver, will the passengers want to look outside? In the summer, will anyone want to endure the relentless heat from the sun? The robot cars offer us a great opportunity to rethink the platform which is largely devoted to supporting the driver. But if a computer is in charge and it sees with dozens of cameras ringing the car, what else can we change? What else don't we need? What can improve?

Read More...
posted 10 days ago on slashdot
New submitter rombust writes: Will ClanLib turn around the tides and finally challenge SDL? The latest 4.0 release already offers what Unity and the Unreal Engine charges 30% for, but now after 16 years of development, using only hobbyist developers, it will take on the giant of open source game SDKs! Dedication that's rarely found in the Open Source community without commercial backing.

Read More...
posted 10 days ago on slashdot
HughPickens.com writes: From a marketing point of view, using treated sewage to create drinking water is a proposition that has proved difficult to sell to customers. Now John Schwartz writes in the NYT that as California scrambles for ways to cope with its crippling drought and the mandatory water restrictions imposed last month by Gov. Jerry Brown, enticing people to drink recycled water is requiring California residents to get past what experts call the "yuck" factor. Efforts in the 1990s to develop water reuse in San Diego and Los Angeles were beaten back by activists who denounced what they called, devastatingly, "toilet to tap." Orange County swung people to the idea of drinking recycled water with a special purification plant which has been operating since 2008 avoiding a backlash with a massive public relations campaign that involved more than 2,000 community presentations. The county does not run its purified water directly into drinking water treatment plants; instead, it sends the water underground to replenish the area's aquifers and to be diluted by the natural water supply. This environmental buffer seems to provide an emotional buffer for consumers as well. In 2000, Los Angeles actually completed a sewage reclamation plant capable of providing water to 120,000 homes — the Donald C. Tillman Water Reclamation Plant in Van Nuys.The plan was abandoned after public outrage. Angelenos, it seemed, were too good to drink perfectly safe recycled water — dismissed as "toilet to tap." But Los Angeles is ready to try again, with plans to provide a quarter of the city's needs by 2024 with recycled water and captured storm water routed through aquifers. "The difference between this and 2000 is everyone wants this to happen," says Marty Adams. The inevitable squeamishness over drinking water that was once waste ignores a fundamental fact, says George Tchobanoglous: "When it comes down to it, water is water. Everyone who lives downstream on a river is drinking recycled water."

Read More...
posted 10 days ago on slashdot
An anonymous reader writes: Taking advantage of lazy security, new research says Anonymous hacktivists (among other groups) hijacked thousands of routers using remote access and default login credentials. "'For perpetrators, this is like shooting fish in a barrel, which makes each of the scans that much more effective,' the report explains. 'Using this botnet also enables perpetrators to execute distributed scans, improving their chances against commonplace blacklisting, rate-limiting and reputation-based defense mechanisms.'"

Read More...
posted 10 days ago on slashdot
jones_supa writes: It's no secret that Internet Explorer has always been criticized for its poor security, so with the Edge web browser (previously known as Spartan), Microsoft is trying to tackle this problem more effectively and make sure that users consider it at least as good as Chrome and Firefox. In a blog post, Microsoft details the security enhancements available in Edge, pointing out that most of the changes it made to the new browser makes it much more secure than Internet Explorer. There is more protection against trickery, app containers are used as the sandbox mechanism, and protection against memory corruption is better. A great news to many is that old unsecure plugin interfaces are not supported at all: VML, VBScript, Toolbars, BHOs, and ActiveX are all nuked from the orbit.

Read More...
posted 10 days ago on slashdot
MojoKid writes with this excerpt from Hot Hardware: We learned this weekend that AOL's dial-up business still has over 2 million customers who pay on average just under $21 per month for service. Regardless of how strange that seems to those of us that salivate over the prospects of gigabit Internet, folks are still clinging to 56k modems are adding millions to AOL's bottom line. However, also recall that AOL has a massive digital advertising platform with a heavy focus on the mobile sector and also owns a wealth of popular web destinations including Engadget, TechCrunch, and The Huffington Post. With this in mind, it shouldn't be too surprising that Verizon has offered AOL a marriage proposal. Verizon is acquiring AOL for an estimated $50 per share, which brings the total value of the transaction to $4.4 billion. Here are stories from The New York Times, NBC News, and NPR on the proposed sale, which it's worth noting isn't yet final, and is subject to regulatory approval.

Read More...
posted 10 days ago on slashdot
schwit1 writes: SpaceX has begun prepping the construction sites at its private spaceport in Brownsville, Texas. The county has begun work on a road to where the spaceport command center will be, and SpaceX has established its construction headquarters in a double-wide trailer there. It is expected that actual construction of the command center will begin in August, with the launchpad construction to follow. The expected cost for building the entire spaceport: $100 million. Compare that to the billions the Russians are spending for Vostochny, or the billions that NASA spends on comparable facilities.

Read More...
posted 10 days ago on slashdot
jfruh writes: Many security-savvy users have a password manager that stores their randomly-generated passwords — but if that manager is cracked, the gig is up. Some security researchers are suggesting a technique to stop this: a password manager that offers up fake passwords when an attacker tries and fails to crack it, which makes the process of figuring out if you've broken in much more difficult.

Read More...
posted 10 days ago on slashdot
itwbennett writes: A team of anonymous developers who recently created a Linux rootkit that runs on graphics cards has released a new proof-of-concept malware program that does the same on Windows. A Mac OS X implementation is also in the works. The problem the developers are trying to highlight lies not with the operating systems, such as Windows or Linux, nor with the GPU (graphics processor unit) vendors, but rather with existing security tools, which aren't designed to scan the random access memory used by GPUs for malware code.

Read More...
posted 10 days ago on slashdot
An anonymous reader writes: A new study just published on Antarctic ice loss by Christopher Harig and Frederik Simons of Princeton confirm West Antarctica is losing mass fast. The study used satellite measurements to determine the rate of mass loss. The lead author of the study told The Guardian: "It is very important that we continue long term monitoring of how mass changes in ice sheets. For West Antarctica in particular this is important because of how it is thought to be more unstable, where the feedbacks can cause more and more ice loss from the land over time. These strong regional accelerations that we see are very robustly measured and imply that Antarctica may become a major contributor to sea level rise in the near future. This increase in the mass loss rate, in ten years, accelerations like that show that things are beginning to change on human time scales."

Read More...
posted 10 days ago on slashdot
An anonymous reader writes: Microsoft announced today that it will partner with a group of telecom companies in order to build new undersea cables. A new cable will connect data centers in China, South Korea, and Japan to the West Coast. Microsoft hopes the New Cross Pacific (NCP) Cable Network will improve connection speeds and boost its competitiveness in cloud computing. They also made deals with Hibernia and Aqua Comms, to invest in a cable with each company connecting Microsoft's datacenter infrastructure from North America to Ireland and the United Kingdom. A company announcement reads in part: "Additionally, we joined a consortium comprised of China Mobile, China Telecom, China Unicom, Chunghwa Telecom, KT Corporation with TE SubCom as the cable supplier. As part of our participation in the consortium, Microsoft will invest in its first physical landing station in the US connecting North America to Asia. The New Cross Pacific (NCP) Cable Network will provide faster data connections for customers, aid Microsoft in competing on cloud costs, all while creating jobs and spurring local economies. The goal of our expansions and investments in subsea cables is so our customers have the greatest access to scale and highly available data, anywhere."

Read More...
posted 10 days ago on slashdot
snydeq writes: InfoWorld's Paul Solt argues that It's high time to make the switch to the more approachable, full-featured Swift for iOS and OS X app dev. He writes in Infoworld: "Programming languages don't die easily, but development shops that cling to fading paradigms do. If you're developing apps for mobile devices and you haven't investigated Swift, take note: Swift will not only supplant Objective-C when it comes to developing apps for the Mac, iPhone, iPad, Apple Watch, and devices to come, but it will also replace C for embedded programming on Apple platforms. Thanks to several key features, Swift has the potential to become the de-facto programming language for creating immersive, responsive, consumer-facing applications for years to come."

Read More...
posted 10 days ago on slashdot
journovampire writes: Spotify just posted another big net loss, but it can become profitable with some specific changes according to one analyst. He suggests the following three options: Cut royalty costs to the music industry, freeze expenditure year-on-year, and what seems like the least likely option, somehow make free users pay $1 every three months. He points out: "if Spotify’s current free user base just paid €1/£1/$1 every three months, it would be a profitable company."

Read More...
posted 11 days ago on slashdot
StartsWithABang writes: A little over 300 years ago, a supernova — a dying, ultramassive star — exploded, giving rise to such a luminous explosion that it might have shone as bright as our entire galaxy. And nobody on Earth saw it. Located in the plane of our Milky Way galaxy, the light was obscured, but thanks to a suite of great, space-based observatories (Hubble, Spitzer, and Chandra), we've been able to piece together exactly what occurred. Not only that, but observations of a light-echo, or reflected light off of the nearby gas, has allowed us to see the light from this explosion centuries later, and learn exactly how it happened.

Read More...