You are here

Feed aggregator

Belgium Tops List Of Nations Most Vulnerable To Hacking

Slashdot - Thu, 06/09/2016 - 00:40
Alex Hern, reporting for The Guardian:A new "heat map of the internet" has revealed the countries most vulnerable to hacking attacks, by scanning the entire internet for servers with their front doors wide open. Produced by information security firm Rapid7, the National Exposure Index finds that the most exposed country in the world is Belgium, followed by Tajikistan, Samoa and Australia. The U.S. comes 14th and the UK 23rd. [...] Tom Beardsley, one of the report's three authors, was surprised by his own findings. "We expected to find that the most exposed countries were also the richest," he explained. The richest countries (by aggregate GDP, which place large countries like China near the top of the list) were likely to have the most net-connected devices, which should mean they proportionally have the most potential for damage. "If you're a rich country, you have a lot of internet. But we didn't find any correlation between the number of nodes and the exposure."

Read more of this story at Slashdot.

Categories: Tech/Science News

Passenger-Carrying Drone Gets Symbolic Approval For Test Flights In Nevada

Slashdot - Thu, 06/09/2016 - 00:00
kheldan writes: The Verge reports: "Chinese company Ehang caught our eye at CES earlier year, with the firm unveiling an autonomous quadcopter prototype it said was capable of ferrying human passengers without a pilot. We were wary of these unproven claims, but Ehang is obviously forging ahead with the vehicle. The company recently reached an agreement with Nevada's governor's office to develop the Ehang 184 at the state's FAA-approved UAV test site. However, this news should be taken with a pinch of salt: the Ehang 184 still isn't approved for testing by the FAA itself, and the company has yet to show a fully working prototype." Submitter kheldan adds this commentary: This should put you drone advocates' and self-driving car advocates' faith in your ideals to the test: Would you step into one of these and let it fly you away somewhere? I wouldn't! Ehang says it plans to begin testing at the FAA-approved site some time later this year. Some of the difficulties it will have to face include creating an autonomous navigation system that can detect small obstacles like power lines, creating and regulating fixed paths for air travel, and managing the limitations of battery life (Ehang claims the 184 has a maximum flight time of 23 minutes).

Read more of this story at Slashdot.

Categories: Tech/Science News

Slashdot Asks: Is the App Boom Over?

Slashdot - Wed, 06/08/2016 - 23:20
Quartz did a story in 2014 in which, citing comScore's data, it noted that most smartphones users download zero apps per month. Two years later, the data from Nomura reveals that the top 15 app publishers saw downloads drop an average of 20% in the United States. While there are exceptions -- Uber and Snapchat continue to attract new users worldwide -- it appears that developers are finding it increasingly difficult to get new people to download and try their apps. Recode reports: But now even the very biggest app publishers are seeing their growth slow down or stop altogether. Most people have all the apps they want and/or need. They're not looking for new ones.What's your take on this?

Read more of this story at Slashdot.

Categories: Tech/Science News

Windows 10 Insider Preview Build 14361 Released

Slashdot - Wed, 06/08/2016 - 22:40
An anonymous reader writes from a report via BetaNews: Windows Insider chief Dona Sarkar announced in a blog post that they are releasing Windows 10 Insider Preview Build 14361 for both PC and Mobile to Windows Insiders in the Fast ring. This new release includes new features, some improvements to existing features, and various bug fixes that the company hopes to iron out before the Windows 10 Anniversary Update. A LastPass extension for the Microsoft Edge browser, and Hyper-V Container, which will let you use Docker natively on Windows 10, has been added. A series of improvements have been made to Windows Ink, and the Settings app, which includes changes to the colors so it's more obvious where you are. The Blu-ray icon and Network Quick Action icon have also been updated. You can read the full list of improvements and fixes for PC here.

Read more of this story at Slashdot.

Categories: Tech/Science News

uTorrent Forums Hacked, Passwords Compromised

Slashdot - Wed, 06/08/2016 - 22:00
Popular BitTorrent client uTorrent's forum, which has over 388,000 registered members and sees tens of thousands of visitors each day, has been hacked. TorrentFreak reports: The uTorrent team was alerted to the issue by one of their vendors earlier this week. While the vulnerability didn't originate at the uTorrent forums, it was indirectly compromised. "The vulnerability appears to have been through one of the vendor's other clients, however it allowed attackers to access some information on other accounts. As a result, attackers were able to download a list of our forum users," uTorrent writes. The security alert is posted in the forums but as far as we know users haven't been notified individually. There is no mention of the massive security breach on uTorrent and BitTorrent's social media accounts either.

Read more of this story at Slashdot.

Categories: Tech/Science News

The Web's Creator Thinks We Need a New One That Governments Can't Control

Slashdot - Wed, 06/08/2016 - 21:20
The Web has created millions of jobs, impacted nearly every industry, connected people, and arguably made the world a better place. But the person who started it all isn't exactly pleased with the way things have turned out to be. Sir Tim Berners-Lee, who invented the World Wide Web, believes that the way it works in the present day "completely undermines the spirit of helping people create." The Next Web reports: "Edward Snowden showed we've inadvertently built the world's largest surveillance network with the web," said Brewster Kahle, who heads up Internet Archive. And he's not wrong: governments across the globe keep an eye on what their citizens are accessing online and some censor content on the Web in an effort to control what they think. To that end, Berners-Lee, Kahle and other pioneers of the modern Web are brainstorming ideas for a new kind of information network that can't be controlled by governments or powered by megacorporations like Amazon and Google.The New York Times originally reported on this and has more details. (But it is also paywalled.)

Read more of this story at Slashdot.

Categories: Tech/Science News

Crazy Patent Troll Suing Devs For Posting Apps To Google Play

Slashdot - Wed, 06/08/2016 - 20:40
Developer Austin Meyer is fighting back patent trolls after he was sued for putting his flight simulator app called X-Plane on Google Play. TechnoBuffalo reports: A few years ago, he uploaded the app to the Google Play Store and was very unexpectedly hit with a lawsuit from Uniloc in 2012. The firm claims it patented the idea behind the app market. That's right, Uniloc isn't going after Meyer for making a flight simulator; it's going after any company that uses Google Play. It's already targeted a bunch of other popular apps, including Minecraft. So Meyer did a bit of digging and discovered a few pretty shocking details. It turns out the judge in that district may have a direct relationship with the prosecuting lawyer in many of these cases. The judge, Leonard Davis, is apparently known for almost never throwing out patent lawsuits. Meyer claims that his son, Bo Davis, is the lawyer representing many of these patent trolls.

Read more of this story at Slashdot.

Categories: Tech/Science News

Apple To Offer iOS Developers 85-15 Revenue Split; Debut Paid App Store Search Ads

Slashdot - Wed, 06/08/2016 - 20:00
Apple says it will now take a smaller cut of commission from app developers provided they have customers who stick with their subscription model for longer than a year. Phil Schiller, Apple's Senior Vice President of Worldwide Marketing, told The Verge in an interview that the company will revise the 70-30 split for such developers to 85-15. In addition, the company will also begin showing search ads for apps in its iOS App Store search results. Also, the company says it is speeding up app review times "to the point where 50 percent of submitted apps are now reviewed in 24 hours, and 90 percent are reviewed within 48 hours." From the report: If the new subscription model becomes widely adopted, it will represent a fundamental shift in the economics of the App Store. Developers will be incentivized to sell their apps for a recurring fee instead of a one-time cost. It could change the way consumers pay for certain apps, but it also presents a massive opportunity for developers, many of whom feel the app economy has been become moribund in recent years. And as iPhone sales growth slows, a move to app subscriptions is another way for Apple wring more profits from its existing user base.Apple columnist John Gruber has more details.

Read more of this story at Slashdot.

Categories: Tech/Science News

Microsoft Isn't Adding a TV DVR Feature To Xbox One Anymore

Slashdot - Wed, 06/08/2016 - 19:20
The much-anticipated TV DVR feature isn't coming to Xbox One ... at least not in the immediate future. The company has confirmed to The Verge that it has put the plans to add this functionality to its current generation gaming console on hold. From the report: Microsoft had originally planned to let Xbox One users schedule recordings on the go, and stream or download shows to mobile devices and other Windows 10 PCs. The DVR feature would have only been limited to free-to-air TV, and Microsoft had released digital TV tuners in Europe and the US that would have supported it. After Microsoft killed off Windows Media Center in Windows 10, the company still doesn't have a viable alternative.

Read more of this story at Slashdot.

Categories: Tech/Science News

Firefox Finally Confirms 'Largest Change Ever' Featuring Electrolysis In v48

Slashdot - Wed, 06/08/2016 - 18:40
Firefox is finally getting multi-process support. Mozilla has announced that Electrolysis (e10s) will be available to users starting Firefox 48. The foundation finds it the most significant Firefox change since the browser's inception. From a ZDNet report: With Electrolysis, Firefox can use child processes for content (tabs), media playback and legacy plug-ins. This is some way short of Google Chrome, which uses a different process for each tab. However, the result is that Chrome is a huge resource hog: Chrome uses roughly twice as much memory as Firefox on Windows and Linux. Eric Rahm has run some browser tests with Electrolysis, and says: "Overall we see a 10-20 percent increase in memory usage for the 1 content process case (which is what we plan on shipping initially). This seems like a fair trade-off for potential security and performance benefits." With 8 content processes, Rahm says: "we see roughly a doubling of memory usage on the TabsOpenSettled measurement. It's a bit worse on Windows, a bit better on OS X, but it's not 8 times worse."The aforementioned feature will be available in Firefox 48 Beta shortly.

Read more of this story at Slashdot.

Categories: Tech/Science News

Google To Deprecate SSLv3, RC4 in Gmail IMAP/POP Clients

Slashdot - Wed, 06/08/2016 - 18:00
Michael Mimoso, reporting for Threatpost: Google said that it will initiate on June 16 a gradual deprecation of SSLv3 and RC4 for Gmail IMAP/POP mail clients. Both the crypto protocols cipher are notoriously unsafe and are being phased out in big chunks of the Internet. Google, for its part, had already announced in May that it would no longer support SSLv3 and RC4 connections for Gmail SMTP. Google does note that most mail clients already default to safer TLS connections, and most will not be affected by the impending changes."Unlike Gmail SMTP, this change will be rolled out as a gradual change, where it may take longer than 30 days for users to be fully restricted from connecting to Gmail from SSLv3 or RC4 connections; however, we recommend updating your clients soon in order to avoid any potential disruption," Google said in an announcement.

Read more of this story at Slashdot.

Categories: Tech/Science News

Fake Gaming Torrents Download Unwanted Apps Instead of Popular Games

Slashdot - Wed, 06/08/2016 - 17:21
Reader Orome1 writes: If you're looking for torrents to download pirated copies of popular games, be extra careful not to be tricked into downloading malicious and unwanted software instead. According to Symantec researchers, who have been trawling popular torrent websites, there's an active distribution campaign going on that delivers potentially unwanted apps posing as torrents for games like Assassin's Creed Syndicate, The Witcher 3, World of Warcraft: Legion, The Walking Dead: Michonne, and several others. At first glance, the torrent does not seem suspicious -- its size is as small as expected from a torrent file. After saying "Yes" to the UAC security dialogue that asks if they are sure they want to allow the program to make changes to the computer, users end up with a file downloaded from a Google Drive -- a file that is considerably larger than a torrent file (around 3.5 MB) and is obviously an executable.

Read more of this story at Slashdot.

Categories: Tech/Science News

KickassTorrents Enters The Dark Web, Adds Official Tor Address

Slashdot - Wed, 06/08/2016 - 16:42
An anonymous reader writes: KickassTorrents has now added a dark web address to make it easier for users to bypass blockades installed by Internet Service Providers (ISPs). It has announced a new .onion domain through which KickassTorrents users can access their favourite sites on a Tor (The Onion Router) network. "Good news for those who have difficulties accessing KAT due to the site block in their country, now you can always access KAT via this address lsuzvpko6w6hzpnn.onion on a Tor network," announced a member of the KickassTorrents team.

Read more of this story at Slashdot.

Categories: Tech/Science News

Singapore To Cut Off Internet Access For Government Workers From 2017

Slashdot - Wed, 06/08/2016 - 16:00
An anonymous reader writes: Government workers in Singapore will return to a 1990s-level of net connectivity from May of 2017, as the domestic government has decided to block internet access on all of its 100,000 office computers. The decision has been made in the interests of national security, although the Draconian policy will still permit workers to forward work mails to private email addresses as necessary. Workers' own devices will be allowed to connect to the internet normally by special terminals being provided in early trials, while intra-departmental connectivity will presumably be maintained via VPN tunneling. The move comes in the direct wake of a visit to Singapore from the U.S. Secretary of Defense Ashton Carter late last week, promoting stronger security ties with Singapore in the face of the rise of China in the region.BBC News has more details.

Read more of this story at Slashdot.

Categories: Tech/Science News

Many Lexus Navigation Systems Bricked By Over-The-Air Software Update

Slashdot - Wed, 06/08/2016 - 15:00
An anonymous reader quotes a report from The Verge: An unknown number of Lexus automobiles have seen their infotainment and navigation head units broken by a bug in an over-the-air software update from Lexus. The glitch, which was confirmed by a Lexus spokesperson, was delivered in a routine software update. In affected cars, it can cause the dashboard screen to spontaneously reset itself and, as a result, both the radio and navigation system can be unusable. It affects cars equipped with Lexus' Enform system with navigation. Lexus social media channels have been flooded by frustrated owners, but the company has been unable to give any estimates for when the problem will be resolved. The company also couldn't say whether customers will see the problem fix itself with another software update or if they will need to head into dealers to get it fixed. Some users on Twitter have reported success with disconnecting their battery for a few moments to force a reset of the system.

Read more of this story at Slashdot.

Categories: Tech/Science News

A Costly Slip

The Daily WTF - Wed, 06/08/2016 - 12:30

It was a lazy, drowsy Saturday afternoon. The sun was shining, birds were singing. The kind of day when children should be playing outside, perhaps running bases in a sandlot someplace, carefree and smiling. Even indoors, thanks to the cost-saving measures at Big Online Retail Store™ HQ, it was warm enough to send tantalizing daydreams of comfortable naps in soft places to the employees working the weekend shift.

Production code pushes, of course, were anything but lazy. There were checks and balances, and the checks and balances had checks and balances. There was tension, and urgency, and the stakes were clear to all involved: don't you dare make a typo or you'll bring the whole company down. Most of the system was automated, and the rest of it was scripted by the developers who nurtured the system like a fussy toddler, willing to cater to its whims if it would just stop crying and let them get some sleep.

On the wall of the Ops War Room, a bright red digital counter ticked down the days: 13 days until Black Friday. Printed memes were tacked to the walls around it, promising dire consequences for screwing up the deployments now. The developers working on hardening the systems were haggard, bleary, frayed around the edges, and, at the time of this story, home sleeping off the previous night's deployment.

But there was a second system at Big Online Retail Store, one that had nowhere near the same oversight: the internal systems that monitored network traffic to the site and pulled out analyses from it. While the bean-counters were counting on the information it would provide during the Christmas season, the lead-up was so far more of a lazy river rafting ride, gently drifting toward the moment when the passengers would disembark and once more have to move under their own power. These systems didn't have teams of people dedicated to every aspect of their existence. Instead, a few developers maintained the dev and production environments, managing the servers themselves, the last vestiges of the maverick mentality that had gotten Big Online Retail Store this far.

On this particular Saturday, our hero Ashton was given the task of commissioning five new servers for the distributed network. They had been provisioned in a data center, shiny and new and ready for production; the system was architected as a series of small components that could be hosted on any machine, so he had about 20 machines to reconfigure in order to spread out the load evenly.

The building was nearly empty at this time of day, making it perfect for zoning out with some monotonous work and some nice, laid-back music. Ashton had definitely had worse Saturdays.

The routine was pretty straightforward:

  • ssh into server
  • check component status; copy in if necessary
  • check configurations
  • check for normal process start up to isolate config issues
  • fix config issues
  • check cron and add any monitoring scripts if needed
  • sudo to root using a new shell
  • open /etc/inittab
  • add the commands to start up the newly installed components
  • drop the ones being shifted elsewhere
  • telinit q
  • hop on to the next box

Fifteen servers in, Ashton's mind was well and truly out the window. Is it warm enough that there'll be a line at the ice cream place? he pondered.

sudo root

Probably. Maybe the deli won't be too bad though.

Paste the new configuration lines.

Hmm, deli ... pickles ... would I rather have fried pickles than ice cream?

dd to remove the old lines.

Definitely fried pickles. All right, I'll finish this up, get some lunch, head home.

telinit 1

Maybe there's still time to wash my car before—hang on a minute.

Ashton had made a horrible mistake.

On a standard QWERTY keyboard, the q key is a hair's breadth away from the 1 key—and Ashton had hit the wrong key. While telinit q would simply instruct the init service to reload the configuration file, telinit 1 would drop the entire system down to runlevel 1: single-user mode, in which certain superfluous services are stopped and only one user at a time can run programs. Superfluous services like, for example, networking. You didn't need it to run, after all, as long as you were sitting in front of the box, typing away at an attached keyboard. As long as you weren't doing something stupid, like controlling the server from your desk via PuTTY while daydreaming about pickles.

Unable to reconnect, Ashton went straight to the Network On-Call person, Tori, messaging him via IM to explain the situation.

"OK, one sec, I'll bring it back up," Tori replied, and Ashton breathed a sigh of relief.

But not for very long. A moment later, Tori came back to the IM: "Hey, where's the bleedin' server? Did you restart it?"

Ashton felt his heart sink. Clearly he hadn't explained well enough. "Um ... I told ya ... I dropped it to run level 1."

"OK..... what was the machine name again?" Tori responded, a few excruciating moments later.

Ashton told him.

What followed was the stuff of legend. We at The Daily WTF are ever conscious of our public availability, and as such, have a moral duty not to repeat the precise text Tori sent in reply to Ashton, as expletives of that sort have been recently classified in some states as class-3 weapons of mass destruction. The string filled Ashton's screen, the verbal equivalent of a full ten-minute rant. It was the sort of rant that the Internet makes possible, wherein the aggrieved party, unhindered by a need to breathe, can go on and on, becoming more and more inventive with each suggestion.

Finally, the rant ceased, culminating in a final cry of dismay: "IT'S IN SALT LAKE CITY!"

Ashton didn't dare think about anything but his work as he finished the last four servers, keeping a nervous eye on Tori's "Do Not Disturb" icon the whole time. Finally, just as he was finishing up the last one, Tori messaged him again: "Called the datacenter. Took half an hour to find the box."

"Thank you!! I owe you!" Ashton replied, relieved, as he pinged the errant server and got a response.

"No. You owe Sam in Salt Lake. And you better believe he'll come collecting."

Ashton swallowed, closing out the IM window. Whatever the fallout might be, he knew he had no choice but to face it with grim determination.

hljs.initHighlightingOnLoad(); code { font-family: Consolas, monospace; } [Advertisement] Incrementally adopt DevOps best practices with BuildMaster, ProGet and Otter, creating a robust, secure, scalable, and reliable DevOps toolchain.
Categories: Fun/Other

Researchers Say The Aliens Are Silent Because They Are Extinct

Slashdot - Wed, 06/08/2016 - 12:00
HughPickens.com writes: The Conversation reports that according to research by Dr. Charles Lineweaver and Dr. Aditya Chopra, a plausible solution to Fermi's paradox is near universal early extinction of life on exoplanets, which they have named the Gaian Bottleneck. "The universe is probably filled with habitable planets, so many scientists think it should be teeming with aliens," says Chopra. "The mystery of why we haven't yet found signs of aliens may have less to do with the likelihood of the origin of life or intelligence and have more to do with the rarity of the rapid emergence of biological regulation of feedback cycles on planetary surfaces." According to the researchers, most early planetary environments are unstable. To produce a habitable planet, life forms need to regulate greenhouse gases such as water and carbon dioxide to keep surface temperatures stable. About four billion years ago, Earth, Venus and Mars may have all been habitable. However, a billion years or so after formation, Venus turned into a hothouse and Mars froze into an icebox. Even if wet rocky Earth-like planets are in the "Goldilocks Zone" of their host stars, it seems that runaway freezing or heating may be their default fate. Large impactors and huge variation in the amounts of water and greenhouse gases can also induce positive feedback cycles that push planets away from habitable conditions. The difference on Earth may be that as soon as life became widespread on our planet, the earliest metabolisms began to modulate the greenhouse gas composition of the atmosphere. "The emergence of life's ability to regulate initially non-biological feedback mechanisms could be the most significant factor responsible for life's persistence on Earth, conclude Lineweaver and Chopra. "Even if life does emerge on a planet, it rarely evolves quickly enough to regulate greenhouse gases, and thereby keep surface temperatures compatible with liquid water and habitability."

Read more of this story at Slashdot.

Categories: Tech/Science News

Pages

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer