posted 15 days ago on slashdot
An anonymous reader writes: Drafts are drafts for a reason. Not only do they tend to contain unpolished writing and unfinished thoughts, they're often filled with little notes we leave ourselves to fill in later. Slate reports on a paper recently published in the journal Ethology that contained an unfortunate self-note that made it into the final, published article, despite layers upon layers of editing, peer review, and proofreading. In the middle of a sentence about shoaling preferences, the note asks, "should we cite the crappy Gabor paper here?" When notified of the mistake, the publisher quickly took it down and said they would "investigate" how the line wasn't caught. One of the authors said it wasn't intentional and apologized for the impolite error.

Read More...
posted 15 days ago on slashdot
Rambo Tribble writes: Groupon has announced it will abandon the 'Gnome' name for their product, ending the recent naming controversy that had the open source community up in arms. They said, "After additional conversations with the open source community and the Gnome Foundation, we have decided to abandon our pending trademark applications for 'Gnome.' We will choose a new name for our product going forward." The GNOME Foundation has thanked everyone who helped. My question... does this represent Gnu thinking on the part of Groupon?

Read More...
posted 15 days ago on slashdot
Presto Vivace points out this troubling new report from the Electronic Frontier Foundation: Recently, Verizon was caught tampering with its customer's web requests to inject a tracking super-cookie. Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks. In recent months, researchers have reported ISPs in the U.S. and Thailand intercepting their customers' data to strip a security flag — called STARTTLS — from email traffic. The STARTTLS flag is an essential security and privacy protection used by an email server to request encryption when talking to another server or client. By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted. Some firewalls, including Cisco's PIX/ASA firewall do this in order to monitor for spam originating from within their network and prevent it from being sent. Unfortunately, this causes collateral damage: the sending server will proceed to transmit plaintext email over the public Internet, where it is subject to eavesdropping and interception.

Read More...
posted 15 days ago on slashdot
blottsie writes: The Federal Communications Commission will abandon its earlier promise to make a decision on new net neutrality rules this year. Instead, FCC Press Secretary Kim Hart said, "there will not be a vote on open internet rules on the December meeting agenda. That would mean rules would now be finalized in 2015." The FCC's confirmation of the delay came just as President Barack Obama launched a campaign to persuade the agency to reclassify broadband Internet service as a public utility. Opensource.com is also running an interview with a legal advisor at the FCC. He says, "There will be a burden on providers. The question is, 'Is that burden justified?' And I think our answer is 'Yes.'"

Read More...
posted 16 days ago on slashdot
msm1267 writes: Microsoft today released a patch for a zero-day vulnerability under active exploit in the wild. The vulnerability in OLE, or Microsoft Windows Object Linking and Embedding, enables a hacker to remotely execute code on an infected machine, and has been linked to attacks by the Sandworm APT group against government agencies and energy utilities. Microsoft also issued a massive Internet Explorer patch, but warned organizations that have deployed version 5.0 of its Enhanced Mitigation Experience Toolkit (EMET) to upgrade to version 5.1 before applying the IE patches. Version 5.1 resolves some compatibility issues, in addition to several mitigation enhancements.

Read More...
posted 16 days ago on slashdot
sciencehabit writes: The magma fueling the volcanoes of Hawaii and Yellowstone National Park pipes up from deep inside the planet. Scientists have struggled to understand why there are hot spots there, so far from the grinding tectonic plate boundaries at which volcanoes normally appear. New research chalks the mystery up to 'dark magma': deep underground pockets of red-hot molten rock that siphon energy from Earth's core. If the team is right, its work could illuminate a key part of Earth's geology. These plumes are one of the most important things to understand because the movement of heat powers many processes on the planet. For one, Earth's magnetic field depends on how the core spins and flows inside the planet. As a result, the way heat flows from the core to the mantle could potentially affect the way Earth's magnetic field evolves over time.

Read More...
posted 16 days ago on slashdot
An anonymous reader writes: Analyzing more than 2,000 Stuxnet files collected over a two-year period, Kaspersky Lab can identify the first victims of the Stuxnet worm. Initially security researchers had no doubt that the whole attack had a targeted nature. The code of the Stuxnet worm looked professional and exclusive; there was evidence that extremely expensive zero-day vulnerabilities were used. However, it wasn't yet known what kind of organizations were attacked first and how the malware ultimately made it right through to the uranium enrichment centrifuges in the particular top secret facilities. Kaspersky Lab analysis sheds light on these questions.

Read More...
posted 16 days ago on slashdot
blindbat writes: A new YouTube account is pushing local police agencies to reconsider their use of body-mounted cameras. Poulsbo Police have been wearing body cameras for about a year, and the department says the results have been good. But last month reality hit, in the form of a new YouTube user website, set up by someone under the name, "Police Video Requests." The profile says it posts dash and body cam videos received after public records requests to Washington state police departments. "They're just using it to post on the internet," said Chief Townsend, "and I suspect it's for commercial purposes." In September, "Police Video Requests" anonymously asked Poulsbo PD for every second of body cam video it has ever recorded. The department figures it will take three years to fill that request. And Chief Townsend believes it is a huge privacy concern, as officers often see people on their worst days. "People with mental illness, people in domestic violence situations; do we really want to have to put that video out on YouTube for people? I think that's pushing it a little bit," he said.

Read More...
posted 16 days ago on slashdot
An anonymous reader writes: After more than 10 years travelling, the Rosetta mission will take its next, momentous step by landing the Philae probe on comet 67P/Churyumov-Gerasimenko tomorrow. How f!@#$%ing cool is that?! Follow the landing live using the webcast, blog, or Twitter feed. (Keep in mind there's a 28-minute delay due to the time it takes the radio signals to reach Earth). Here's the scheduling info: "For the primary landing scenario, targeting Site J, Rosetta will release Philae at 08:35 GMT/09:35 CET at a distance of 22.5 km from the center of the comet, landing about seven hours later. The one-way signal travel time between Rosetta and Earth on 12 November is 28 minutes 20 seconds, meaning that confirmation of the landing will arrive at Earth ground stations at around 16:00 GMT/17:00 CET. If a decision is made to use the backup Site C, separation will occur at 13:04 GMT/14:04 CET, 12.5 km from the center of the comet. Landing will occur about four hours later, with confirmation on Earth at around 17:30 GMT/18:30 CET. The timings are subject to uncertainties of several minutes."

Read More...
posted 16 days ago on slashdot
Presto Vivace sends a report from the Australian Financial Review on how Apple uses a holding company based in Luxembourg to avoid taxes on its iTunes revenue. Quoting: The 2011 accounts for iTunes Sàrl [the holding company] give the first inside view of how Apple accounts for its growing earnings from digital content. They are part of a massive leak of Luxembourg tax documents uncovered in an investigation led by the International Consortium of Investigative Journalists. Remarkably, the accounts show Luxembourg has been more effective in extracting tax from iTunes than Ireland has with much larger Apple sales. Turnover for iTunes Sàrl exploded from €353 million ($508 million) in 2009 to €2.05 billion in 2013. Secret appendices to the 2011 accounts break down some of Apple’s costs. It shows that Apple takes a third of iTunes’ revenues as its gross profit margin. The 2011 figures showed that a flat 50 per cent of this gross profit was paid in intercompany charges. (Followup on a similar strategy from Amazon we discussed last week.)

Read More...
posted 16 days ago on slashdot
wired_parrot writes: Jonathan Nolan, writer of Interstellar and The Dark Knight, and producer of the TV show "Person of Interest," is teaming up with HBO to bring to screen a new series based on Isaac Asimov's Foundation series of books. This would be the first adaptation of the Hugo-award-winning series of novels to the screen.

Read More...
posted 16 days ago on slashdot
sciencehabit writes After a two-and-a-half year ocean journey, radioactive contamination from the Fukushima nuclear disaster in Japan has drifted to within 160 kilometers of the California coast, according to a new study. But the radiation levels are minuscule and do not pose a threat, researchers say. The team found a high of just 8 becquerels of radiation per cubic meter in ocean samples off the coast. U.S. Environmental Protection Agency guidelines for drinking water allow up to 7400 becquerels per cubic meter.

Read More...
posted 16 days ago on slashdot
judgecorp writes The idea of re-using waste server heat is not new, but German firm Cloud&Heat seems to have developed it further than most. For a flat installation fee, the company will install a rack of servers in your office, with its own power and Internet connection. Cloud&Heat then pays the bills and you get the heat. As well as Heat customers, the firm wants Cloud customers, who can buy a standard OpenStack-based cloud compute and storage service on the web. The company guarantees that data is encrypted and held within Germany — at any one of its Heat customers' premises. In principle, it's a way to build a data center with no real estate, by turning its waste heat into an asset. A similar deal is promised by French firm Qarnot.

Read More...
posted 16 days ago on slashdot
Nerval's Lobster writes While pundits and analysts debate about diversity in Silicon Valley, one thing is very clear: Black Americans make up a very small percentage of tech workers. At Facebook, Google, and Yahoo, that number is a bit less than 2 percent of their respective U.S. workforces; at Apple, it's closer to 7 percent. Many executives and pundits have argued that the educational pipeline remains one of the chief impediments to hiring a more diverse workforce, and that as long as universities aren't recruiting a broader mix of students for STEM degrees, the corporate landscape will suffer accordingly. But black IT entrepreneurs and professionals tell Dice that the problem goes much deeper than simply widening the pipeline; they argue that racial bias, along with lingering impressions of what a 'techie' should look like, loom much larger than any pipeline issue.

Read More...
posted 16 days ago on slashdot
jfruh writes In-flight Wi-Fi services tend to be expensive and disappointingly slow. So when AT&T announced a few months ago that it was planning on getting into the business, with customer airlines being able to connect to AT&T's LTE network instead of slow satellite services, the industry shook. But now AT&T has announced that, upon further review, they're not going to bother.

Read More...
posted 16 days ago on slashdot
Dave Knott writes François Gissy of France has claimed a new bicycle speed record. As you might guess, he was not pedalling – he was seated atop a hydrogen peroxide-powered rocket with three thrusters fastened to the frame of an elongated, but otherwise ordinary-looking bicycle. In a video posted on YouTube that announces the record, a Ferrari racing the bike is left far behind within seconds of leaving the starting line. The bike, designed by Gissy's friend, Arnold Neracher, reached its top speed of 333 km/h (207mph) in just 4.8 seconds and 250 metres. According to Guinness World Records, the fastest speed ever for a bicycle that wasn't rocket powered was 268.831 km/h by Fred Rompelberg of the Netherlands, riding behind a wind-shield fitted dragster in 1995 and assisted by the slipstream of the car. The current unassisted bicycle speed record is 133.8 km/h — a record that a team in Toronto is trying to break.

Read More...
posted 16 days ago on slashdot
Drinking Bleach writes Groupon has released a tablet-based point of sale system called Gnome, despite the well-known desktop environment's existence and trademark status. This is also not without Groupon's internal knowledge of the GNOME project; they were contacted about the infringement and flatly refused to change the name of their own product, in addition to filing many new trademark applications for theirs. The GNOME project is seeking donations to help them in a legal battle against these trademark applications, and to get Groupon to stop using their name. They are seeking at least $80,000 to challenge a first set of ten trademark applications from Groupon, out of 28 applications that have been filed.

Read More...
posted 16 days ago on slashdot
Presto Vivace sends this excerpt from an article at the Kernel, titled 'With Gamergate, it's not enough to ignore the trolls.' Gendered bigotry against women is widely considered to be "in bounds" by Internet commenters (whether they openly acknowledge it or not), and subsequently a demographic that comprises half of the total human population has to worry about receiving rape threats, death threats, and the harassment of angry mobs simply for expressing their opinions. This needs to stop, and while it's impossible to prevent all forms of harassment from occurring online, we can start by creating a culture that shames individuals who cross the bounds of decency. We can start by stating the obvious: It is never appropriate to use slurs, metaphors, graphic negative imagery, or any other kind of language that plays on someone's gender, race/ethnicity, sexual orientation, or religion. Not only is such language inappropriate regardless of one's passion on a given subject, but any valid arguments that existed independently of such rhetoric should have been initially presented without it. Once a poster crosses this line, they should lose all credibility. Similarly, it is never acceptable to dox, harass, post nude pictures, or in any other way violate someone's privacy due to disagreement with their opinions. While most people would probably agree with this in theory, far too many are willing to access and distribute this humiliating (and often illegal) content. Instead of simply viewing stories of doxing, slut-shaming, and other forms of online intimidation as an unfortunate by-product of the digital age, we should boycott all sites that publish these materials.

Read More...
posted 16 days ago on slashdot
itwbennett writes: Germany's foreign intelligence agency reportedly wants to spend €300 million (about $375 million) in the next five years on technology that would let it spy in real time on social networks outside of Germany, and decrypt and monitor encrypted Internet traffic. The agency, which already spent €6.22 million in preparation for this online surveillance push, also wants to use the money to set up an early warning system for cyber attacks, the report said (Google translation of German original). A prototype is expected to be launched next June with the aim of monitoring publicly available data on Twitter and blogs.

Read More...
posted 16 days ago on slashdot
jones_supa writes: Former Valve engineer Rich Geldreich has written up a blog post about the state of Linux Gaming. It's an interesting read, that's for sure. When talking about recent bigger game ports, his take is that the developers doing these ports just aren't doing their best to optimize these releases for Linux and/or OpenGL. He points out how it took significant resources from Valve to properly optimize Source engine for Linux, but that other game studios are not walking the last mile. About drivers, he asks "Valve is still paying LunarG to find and fix silly perf bugs in Intel's slow open source driver. Surely this can't be a sustainable way of developing a working driver?" He ends his post by agreeing with a Slashdot comment where someone is basically saying that SteamOS is done, and that we will never get our hands on the Steam Controller.

Read More...
posted 16 days ago on slashdot
HughPickens.com writes: Jeremy Kirk writes at PC World that in the aftermath of U.S. and European law enforcement shutting down more than 400 websites (including Silk Road 2.0) which used technology that hides their true IP addresses, Tor users are asking: How did they locate the hidden services? "The first and most obvious explanation is that the operators of these hidden services failed to use adequate operational security," writes Andrew Lewman, the Tor project's executive director. For example, there are reports of one of the websites being infiltrated by undercover agents and one affidavit states various operational security errors." Another explanation is exploitation of common web bugs like SQL injections or RFIs (remote file inclusions). Many of those websites were likely quickly-coded e-shops with a big attack surface. Exploitable bugs in web applications are a common problem says Lewman adding that there are also ways to link transactions and deanonymize Bitcoin clients even if they use Tor. "Maybe the seized hidden services were running Bitcoin clients themselves and were victims of similar attacks." However the number of takedowns and the fact that Tor relays were seized could also mean that the Tor network was attacked to reveal the location of those hidden services. "Over the past few years, researchers have discovered various attacks on the Tor network. We've implemented some defenses against these attacks (PDF), but these defenses do not solve all known issues and there may even be attacks unknown to us." Another possible Tor attack vector could be the Guard Discovery attack. The guard node is the only node in the whole network that knows the actual IP address of the hidden service so if the attacker manages to compromise the guard node or somehow obtain access to it, she can launch a traffic confirmation attack to learn the identity of the hidden service. "We've been discussing various solutions to the guard discovery attack for the past many months but it's not an easy problem to fix properly. Help and feedback on the proposed designs is appreciated." According to Lewman, the task of hiding the location of low-latency web services is a very hard problem and we still don't know how to do it correctly. It seems that there are various issues that none of the current anonymous publishing designs have really solved. "In a way, it's even surprising that hidden services have survived so far. The attention they have received is minimal compared to their social value and compared to the size and determination of their adversaries."

Read More...
posted 16 days ago on slashdot
superboj sends an article written after its author investigated the Mars One Project for over a year. Even though 200,000 people have (supposedly) signed up as potential volunteers on a one-way trip to Mars, there are still frightfully few details about how the mission will be accomplished. From the article: [Astronaut Chris Hadfield] says that Mars One fails at even the most basic starting point of any manned space mission: If there are no specifications for the craft that will carry the crew, if you don’t know the very dimensions of the capsule they will be traveling in, you can’t begin to select the people who will be living and working inside of it. "I really counsel every single one of the people who is interested in Mars One, whenever they ask me about it, to start asking the hard questions now. I want to see the technical specifications of the vehicle that is orbiting Earth. I want to know: How does a space suit on Mars work? Show me how it is pressurized, and how it is cooled. What’s the glove design? None of that stuff can be bought off the rack. It does not exist. You can’t just go to SpaceMart and buy those things." The author concludes that the Mars One Project is "...at best, an amazingly hubristic fantasy: an absolute faith in the free market, in technology, in the media, in money, to be able to somehow, magically, do what thousands of highly qualified people in government agencies have so far not yet been able to do over decades of diligently trying, making slow headway through individually hard-won breakthroughs, working in relative anonymity pursuing their life’s work."

Read More...
posted 17 days ago on slashdot
Lasrick writes This is a rather disturbing read about the troops who guard our nuclear weapons."'The Air Force has not kept its ICBMs manned or maintained properly,' says Bruce Blair, a former missileer and cofounder of the anti-nuclear group Global Zero. Nuclear bases that were once the military's crown jewels are now 'little orphanages that get scraps for dinner,' he says. And morale is abysmal. Blair's organization wants to eliminate nukes, but he argues that while we still have them, it's imperative that we invest in maintenance, training, and personnel to avoid catastrophe: An accident resulting from human error, he says, may be actually more likely today because the weapons are so unlikely to be used. Without the urgent sense of purpose the Cold War provided, the young men (and a handful of women) who work with the world's most dangerous weapons are left logging their 24-hour shifts under subpar conditions—with all the dangers that follow."

Read More...
posted 17 days ago on slashdot
rossgneumann writes If everyone always wants to look different than everybody else, everybody starts looking the same. At least, if you use a recently published mathematical model describing the phenomenon. "The hipster effect is this non-concerted emergent collective phenomenon of looking alike trying to look different," in the words of Jonathan Touboul, mathematical neuroscientist at the College de France in Paris.

Read More...
posted 17 days ago on slashdot
benrothke writes A word to describe the book Takedown: The Pursuit and Capture of Americas Most Wanted Computer Outlaw was hyperbole. While the general storyline from the 1996 book was accurate, filler was written that created the legend of Kevin Mitnick. This in turn makes the book a near work of historical fiction. Much has changed in nearly 20 years and Countdown to Zero Day: Stuxnet and the Launch of the Worlds First Digital Weapon has certainly upped the ante for accurate computer security journalism. The book is a fascinating read and author Kim Zetters attention to detail and accuracy is superb. In the inside cover of the book, Kevin Mitnick describes this as an ambitious, comprehensive and engrossing book. The irony is not lost in that Mitnick was dogged by misrepresentations in Markoff's book. Keep reading for the rest of Ben's review.

Read More...