You are here

Feed aggregator

Apple Pay Competitor CurrentC Breached

Slashdot - Wed, 10/29/2014 - 18:51
tranquilidad writes "As previously discussed on Slashdot, CurrentC is a consortium of merchants attempting to create a "more secure" payment system. Some controversy surrounds CurrentC's requirements regarding the personal information required, their purchase-tracking intentions and retail stores blocking NFC in apparent support of CurrentC. Now news breaks that CurrentC has already been breached. CurrentC has issued the standard response, "We take the security of our users' information extremely seriously."

Read more of this story at Slashdot.








Categories: Tech/Science News

Researchers At Brown University Shattered a Quantum Wave Function

Slashdot - Wed, 10/29/2014 - 18:08
Jason Koebler writes: A team of physicists based at Brown University has succeeded in shattering a quantum wave function. That near-mythical representation of indeterminate reality, in which an unmeasured particle is able to occupy many states simultaneously, can be dissected into many parts. This dissection, which is described this week in the Journal of Low Temperature Physics, has the potential to turn how we view the quantum world on its head. Specifically, they found it's possible to take a wave function and isolate it into different parts. So, if our electron has some probability of being in position (x1,y1,z1) and another probability of being in position (x2,y2,z2), those two probabilities can be isolated from each other, cordoned off like quantum crime scenes.

Read more of this story at Slashdot.








Categories: Tech/Science News

Why Every Cardiac Patient Needs a Virtual Heart

Slashdot - Wed, 10/29/2014 - 17:25
the_newsbeagle writes: In the latest high-tech approach to personalized medicine, cardiologists can now create a computer model of an individual patient's heart and use that simulation to make a treatment plan. In this new field of computational medicine, doctors use a patient's MRI scans to make a model showing that patient's unique anatomy and pattern of heart disease. They can then experiment on that virtual organ in ways they simply can't with a flesh-and-blood heart. Proponents say this tech can "improve therapies, minimize the invasiveness of diagnostic procedures, and reduce health-care costs" in cardiology.

Read more of this story at Slashdot.








Categories: Tech/Science News

Hackers Breach White House Network

Slashdot - Wed, 10/29/2014 - 16:43
wiredmikey writes: The White House's unclassified computer network was recently breached by intruders, a U.S. official said Tuesday. While the White House has not said so, The Washington Post reported that the Russian government was thought to be behind the act. Several recent reports have linked Russia to cyber attacks, including a report from FireEye on Tuesday that linked Russia back to an espionage campaign dating back to 2007. Earlier this month, iSight Partners revealed that a threat group allegedly linked with the Russian government had been leveraging a Microsoft Windows zero-day vulnerability to target NATO, the European Union, and various private energy and telecommunications organizations in Europe. The group has been dubbed the "Sandworm Team" and it has been using weaponized PowerPoint files in its recent attacks. Trend Micro believes the Sandworm team also has their eyes set on compromising SCADA-based systems.

Read more of this story at Slashdot.








Categories: Tech/Science News

Drones Could 3D-Map Scores of Hectares of Land In Just a Few Hours

Slashdot - Wed, 10/29/2014 - 16:22
sciencehabit writes: Unmanned drones aren't just for warfare. In recent years, they've been used to map wildlife and monitor crop growth. But current software can't always handle the vast volume of images they gather. Now, researchers have developed an algorithm that will allow drones to 3D-map scores of hectares of land in less than a day — an advance that is important for cost-effective farming, disaster relief, and surveillance operations. Their computer program directly projects the points from each photo onto a 3D space without knowing the exact shape of the land or the camera positions. As a result, the tie points don't necessarily match up, which means the same corn plant can have two projections on the model. When that happens, the algorithm automatically takes the middle point between the two projections as the more accurate location and adjusts the camera position accordingly, one image at a time. Because the algorithm tweaks far fewer things at each step, the shortcut drastically speeds up calculations. Once the software has adjusted the camera positions for all the photos, the software repeats the entire process — starting from projecting the points to the 3D space — to correct for any errors.

Read more of this story at Slashdot.








Categories: Tech/Science News

Dangerous Vulnerability Fixed In Wget

Slashdot - Wed, 10/29/2014 - 16:01
jones_supa writes: A critical flaw has been found and patched in the open source Wget file retrieval utility that is widely used on UNIX systems. The vulnerability is publicly identified as CVE-2014-4877. "It was found that wget was susceptible to a symlink attack which could create arbitrary files, directories or symbolic links and set their permissions when retrieving a directory recursively through FTP," developer Vasyl Kaigorodov writes in Red Hat Bugzilla. A malicious FTP server can stomp over your entire filesystem, tweets HD Moore, chief research officer at Rapid 7, who is the original reporter of the bug.

Read more of this story at Slashdot.








Categories: Tech/Science News

Windows 10 Gets a Package Manager For the Command Line

Slashdot - Wed, 10/29/2014 - 15:21
aojensen writes: ExtremeTech reports that the most recent build of Windows 10 Technical Preview shows that Windows is finally getting a package manager. The package manager is built for the PowerShell command line based on OneGet. OneGet is a command line utility for PowerShell very similar to classic Linux utilities such as apt-get and yum, which enable administrators and power users comfortable with the command line to install software packages without the need for a graphical installer. ExtremeTech emphasizes that "you can open up PowerShell and use OneGet to install thousands of applications with commands such as Find-Package VLC and Install-Package Firefox." It's a missing feature Linux advocates have long used to argue against Windows in terms of automation and scale. The package manage is open to any software repository and is based on the Chocolatey format for defining package repositories."

Read more of this story at Slashdot.








Categories: Tech/Science News

Skilled Foreign Workers Treated as Indentured Servants

Slashdot - Wed, 10/29/2014 - 14:40
theodp writes: A year-long investigation by NBC Bay Area's Investigative Unit and The Center for Investigative Reporting (CIR) raises questions about the H-1B visa program. In a five-part story that includes a mini-graphic novel called Techsploitation, CIR describes how the system rewards job brokers who steal wages and entrap Indian tech workers in the U.S., including the awarding of half a billion dollars in Federal tech contracts to those with labor violations. "Shackling workers to their jobs," CIR found after interviewing workers and reviewing government agency and court documents, "is such an entrenched business practice that it has even spread to U.S. nationals. This bullying persists at the bottom of a complex system that supplies workers to some of America's richest and most successful companies, such as Cisco Systems Inc., Verizon and Apple Inc." In a presumably unrelated move, the U.S. changed its H-1B record retention policy last week, declaring that records used for labor certification, whether in paper or electronic, "are temporary records and subject to destruction" after five years under the new policy. "There was no explanation for the change, and it is perplexing to researchers," reports Computerworld. "The records under threat are called Labor Condition Applications (LCA), which identify the H-1B employer, worksite, the prevailing wage, and the wage paid to the worker." Lindsay Lowell, director of policy studies at the Institute for the Study of International Migration at Georgetown University, added: "It undermines our ability to evaluate what the government does and, in today's world, retaining electronic records like the LCA is next to costless [a full year's LCA data is less than 1 GB]." President Obama, by the way, is expected to use his executive authority to expand the H-1B program after the midterm elections.

Read more of this story at Slashdot.








Categories: Tech/Science News

Verizon Launches Tech News Site That Bans Stories On US Spying

Slashdot - Wed, 10/29/2014 - 13:57
blottsie writes: The most-valuable, second-richest telecommunications company in the world is bankrolling a technology news site called SugarString.com. The publication, which is now hiring its first full-time editors and reporters, is meant to rival major tech websites like Wired and the Verge while bringing in a potentially giant mainstream audience to beat those competitors at their own game. There's just one catch: In exchange for the major corporate backing, tech reporters at SugarString are expressly forbidden from writing about American spying or net neutrality around the world, two of the biggest issues in tech and politics today.

Read more of this story at Slashdot.








Categories: Tech/Science News

Pope Francis Declares Evolution and Big Bang Theory Are Right

Slashdot - Wed, 10/29/2014 - 13:15
HughPickens.com writes: The Independent reports that Pope Francis, speaking at the Pontifical Academy of Sciences, has declared that the theories of evolution and the Big Bang are real. "When we read about Creation in Genesis, we run the risk of imagining God was a magician, with a magic wand able to do everything. But that is not so," said Francis. "He created human beings and let them develop according to the internal laws that he gave to each one so they would reach their fulfillment." Francis explained that both scientific theories were not incompatible with the existence of a creator – arguing instead that they "require it." "Evolution in nature is not inconsistent with the notion of creation, because evolution requires the creation of beings that evolve." Experts say the Pope's comments put an end to the "pseudo theories" of creationism and intelligent design that some argue were encouraged by his predecessor, Benedict XVI who spoke out against taking Darwin too far.

Read more of this story at Slashdot.








Categories: Tech/Science News

The Alpha-Team

The Daily WTF - Wed, 10/29/2014 - 11:00

In 2010, a crack development team was formed inside of a Fortune 500 company. These developers promptly escaped the maximum security Project Management Office and instituted an Agile Scrum. Today, they survive as green-field developers. If you have a problem, if traditional corporate IT can’t help, and if you can find them, maybe you can hire… Alpha Team.

When Thom interviewed at said Fortune 500 company, he didn’t know he was interviewing for Alpha Team. He assumed that it would be like any other huge enterprise development shop- tedious line-of-business applications that helped ship widgets but didn’t do much more. The product and the team was sold to him as being very exciting, and he liked the idea of the stability a large company offered, so Thom joined the Alpha Team.

The team room was slightly larger than the inside of a large van. John, the team lead, greeted Thom with a sly grin. “Great to have you on the team. You’ll be sitting between Albert and Murdock. I hope you don’t have any plans for lunch- today’s our weekly team lunch. Good chance for you to get to know everyone.”

The team’s architect, Murdock, grabbed Thom for a few minutes to brief him on the application’s architecture. It wasn’t surprising: a SQL server backend, a web-service based middle-tier, and a hybrid ASP.NET and WebForms presentation tier. “This application is extremely flexible,” Murdock said. “That’s the main goal, really. We’ve got it set up so our business analysts have a lot of control over the display, so that we aren’t wasting time just changing field names around.” The exact details were simply described as “magic”, which Murdock didn’t have time to explain right then; “It’s documented, and I need to crank on a few tasks, our burndown is terrible this sprint.”

Albert showed Thom where to find the key documents. “You should start with the environment setup. I pity the fool that tries to set up their dev environment without reading that.” Thom spent the rest of the morning following Albert’s advice. The environment setup document covered how to install and configure Visual Studio. There was nothing unusual or surprising in the document, except perhaps its enthusiastic level of detail- it was over 100 pages of screenshots covering every possible screen and message you might encounter while configuring your environment.

Thom didn’t meet the product owner until lunch. “I’m sorry I wasn’t there in the morning, but you know how it is with meetings,” Templeton said. “User engagement, same old, same old, right? The good news is that I specced out a feature which we can sneak into this sprint. It should be easy for you to implement.”

“Oh, that sounds good,” Thom said. “Are you sure we should change the deliverables mid-sprint?”

Templeton shrugged it off. “Don’t think of it as changing the deliverables. This’ll just give you a head start on the next sprint. You’ll probably need the extra time while you’re learning the ropes.”

The new feature was a simple memo field on a transaction entry screen. It was a string field, with a 500 character max-length, and was informational only. Templeton had estimated it out as a 50 hour task, which seemed amazingly generous, but when Thom checked the backlog, “add a single field” was routinely estimated between 40 and 100 hours. Thom wondered: had he joined a team that padded out its estimates and spent only three days doing real work out of any given month? Or was there something much more wrong?

Thom dug into the docs and the code to try and find out. The first time he saw Albert’s documentation reference “the Data Dictionary”, he assumed it was a reference to the SQL Server data dictionary. “The Data Dictionary” kept appearing, again and again, which seemed odd. Then Thom saw this line:

The Data Dictionary should be stored at \CorpFileSrv01\d$\TransApp\DataDictionary.accdb. Contact the service desk to be granted write permissions. Use Access to edit the file.

Thom had found the “magic” in Murdock’s design, but it was dark, twisted and evil magic. For example, let’s say you wanted to add a memo field to the transaction screen in the accounting module. First, you needed to find out the ModuleID for the accounting module by looking in the Modules table. Then, you could go to the Screens table and find the record for the transaction entry screen. With htat ScreenID, you could now add a record to the Elements table, which described the field. The elements table required you to specify the DisplayName of the field, the DataType, ServiceName, ApplicationName, and DatabaseName. You also had to create a set of records in the Validations table, which described the validation rules which should be applied tot he field.

Once Thom had entered a set of records to describe his “TransactionMemo” field, he could then add widgets to the ASP.NET page. The label needed to have the ID lbl_TransApp_Accounting_strMemo. “Memo” was the value in ApplicationName. The actual text box needed to be IDed txt_TransApp_Accounting_strMemo, while the read-only display of the memo field needed to be IDed txt_show_TransApp_Accounting_strMemo.

The idea was that business analysts could control the DisplayName without involving the developers. Since Access databases couldn’t be versioned by source control, and since the BAs were constantly changing things in production based on user feedback, there was only one version of the Access database, shared by production, test, development, QA, etc. Since Access isn’t exactly built around multi-user deployments, or trivial things like “security”, the BAs constantly changed columns they shouldn’t, breaking one or more environments in the process.

Thom decided to keep his head down, and just do his best. After a few months, all of the team lunches in the world couldn’t help his morale, and he was ready to quit. Ready, that is, until he heard about the Beta Team. You see, in 2014, a crack development team was formed inside of that Fortune 500 company. These developers escaped from legacy code. Today, they survive as “rearchitects ”, identifying and redesigning broken applications. If you have massive technical debt, if you have an unsupportable product, and if you can find them… maybe you can apply to work on the Beta Team.

Categories: Fun/Other

Getting Lost In the Scientific Woods Is Good For You

Slashdot - Wed, 10/29/2014 - 10:18
StartsWithABang writes: Wandering into the woods unprepared and without a plan sounds like a terrible idea. But if you're interested in scientific exploration at the frontiers, confronting the unknown with whatever you happen to have at your disposal, you have to take that risk. You have to be willing to take those steps. And you have to be okay with putting your best ideas out there — for all to see — knowing full well that you might get the entire thing wrong. Sometimes, that's indeed what happens. Some of the most revered and famous scientific minds in history confronted the great mysteries of nature, and came away having done nothing but set us back many years by leading the field down a blind alley. But other times, the greatest leaps forward in our understanding occur as a result. The article shares some notable examples, and explains why this is vital for scientific progress.

Read more of this story at Slashdot.








Categories: Tech/Science News

16-Teraflops, £97m Cray To Replace IBM At UK Meteorological Office

Slashdot - Wed, 10/29/2014 - 08:37
Memetic writes: The UK weather forecasting service is replacing its IBM supercomputer with a Cray XC40 containing 17 petabytes of storage and capable of 16 TeraFLOPS. This is Cray's biggest contract outside the U.S. With 480,000 CPUs, it should be 13 times faster than the current system. It will weigh 140 tons. The aim is to enable more accurate modeling of the unstable UK climate, with UK-wide forecasts at a resolution of 1.5km run hourly, rather than every three hours, as currently happens. (Here's a similar system from the U.S.)

Read more of this story at Slashdot.








Categories: Tech/Science News

Open Consultation Begins On Italy's Internet Bill of Rights

Slashdot - Wed, 10/29/2014 - 07:19
Anita Hunt (lissnup) writes: Hot on the heels of Brazil's recent initiative in this area, Italy has produced a draft [PDF] Declaration of Internet Rights, and on Monday opened the bill for consultation on the Civici [Italian] platform, a first in Europe. "[A]s it is now, it consists of a preamble and 14 articles that span several pages. Topics range from the 'fundamental right to Internet access' and Net Neutrality to the notion of 'informational self-determination.' The bill also includes provisions on the right to anonymity and tackles the highly debated idea of granting online citizens a 'right to be forgotten.' Measures are taken against algorithmic discriminations and the opacity of the terms of service devised by 'digital platform operators' who are 'required to behave honestly and fairly' and, most of all, give 'clear and simple information on how the platform operates.'"

Read more of this story at Slashdot.








Categories: Tech/Science News

Largest Sunspot In a Quarter Century Spews Flares

Slashdot - Wed, 10/29/2014 - 06:06
schwit1 writes: The largest sunspot seen in about a quarter century has produced another powerful X-class flare today, the sixth in less than a week. "This was the sixth X-class solar flare from NOAA 2192, a record for the number of X-class flares generated by a single group so far this solar cycle. It was also the fourth X-class flare since last Friday, continuing a period of intense flaring activity. This sunspot group has grown again a bit, and maintains its magnetic complexity. A degradation of the HF radio-communication was observed over South-America, the Caribbean, and West-Africa." The last sentence is referring to some radio communications blackouts that have occurred in these areas because of the flares.

Read more of this story at Slashdot.








Categories: Tech/Science News

Help a Journalist With An NFC Chip Implant Violate His Own Privacy and Security

Slashdot - Wed, 10/29/2014 - 05:12
An anonymous reader writes: His wife thinks he's crazy, but this guy got an NFC chip implanted in his arm, where it will stay for at least a year. He's inviting everyone to come up with uses for it. Especially ones that violate his privacy and security. There must be something better to do than getting into the office or unlocking your work PC. He says, "The chip we are using is the xNTi, an NFC type 2 NTAG216, which is about the size of a grain of rice and is manufactured by the Dutch semiconductor company NXP, maker of the NFC chip for the new iPhone. It is a glass transponder with an operating frequency of 13.56MHz, developed for mass-market applications such as retail, gaming and consumer electronics. ... The chip's storage capacity is pretty limited, the UID (unique identifier) is 7 bytes, while the read/write memory is 888 bytes. It can be secured with a 32-bit password and can be overwritten about 100,000 times, by which point the memory will be quite worn. Data transmission takes place at a baud rate of 106 kbit/s and the chip is readable up to 10 centimeters, though it is possible to boost that distance."

Read more of this story at Slashdot.








Categories: Tech/Science News

Tech Giants Donate $750 Million In Goods and Services To Underprivileged Schools

Slashdot - Wed, 10/29/2014 - 03:00
mrspoonsi sends news that a group of major tech companies has combined to donate $750 million worth of gadgets and services to students in 114 schools across the U.S. Apple is sending out $100 million worth of iPads, MacBooks, and other products. O'Reilly Media is making $100 million worth of educational content available for free. Microsoft and Autodesk are discounting software, while Sprint and AT&T are offering free wireless service. This is part of the ConnectED Initiative, a project announced by the Obama Administration last year to bring modern technology to K-12 classrooms. The FCC has also earmarked $2 billion to improve internet connectivity in schools and libraries over the next two years. Obama also plans to seek funding for training teachers to utilize this infusion of technology.

Read more of this story at Slashdot.








Categories: Tech/Science News

Antares Rocket Explodes On Launch

Slashdot - Wed, 10/29/2014 - 00:40
sneakyimp writes: The Antares rocket operated by Orbital Sciences Corporation exploded on launch due to a "catastrophic anomaly" after a flawless countdown. No injuries are reported and all personnel are accounted for. According to the audio stream hosted by local news affiliate WTVR's website, the Cygnus spacecraft contained classified crypto technology and efforts are being made to cordon off the wreckage area. Additionally, interviews of personnel and witness reports are to be limited to appropriate government agencies so that an accident report can be generated. This accident is likely to have a detrimental effect on the stock price of Orbital Sciences Corp, traded on the NYSE. The Antares rocket's engines are based on old soviet designs from the '60s. While this is sure to be a blow to NASA due to the cost, it may well boost the fortunes of SpaceX, a chief competitor of Orbital Sciences. Both companies were recently awarded resupply contracts by NASA.

Read more of this story at Slashdot.








Categories: Tech/Science News

US Post Office Increases Secret Tracking of Mail

Slashdot - Wed, 10/29/2014 - 00:21
HughPickens.com writes: Ron Nixon reports in the NY Times that the United States Postal Service says it approved nearly 50,000 requests last year from law enforcement agencies and its own internal inspection unit to secretly monitor the mail of Americans for use in criminal and national security investigations, in many cases without adequately describing the reason or having proper written authorization. In addition to raising privacy concerns, the audit questioned the efficiency and accuracy of the Postal Service in handling the requests. The surveillance program, officially called mail covers, is more than a century old, but is still considered a powerful investigative tool. The Postal Service said that from 2001 through 2012, local, state and federal law enforcement agencies made more than 100,000 requests to monitor the mail of Americans. That would amount to an average of some 8,000 requests a year — far fewer than the nearly 50,000 requests in 2013 that the Postal Service reported in the audit (PDF). In Arizona in 2011, Mary Rose Wilcox, a Maricopa County supervisor, discovered that her mail was being monitored by the county's sheriff, Joe Arpaio. Wilcox had been a frequent critic of Arpaio, objecting to what she considered the targeting of Hispanics in his immigration sweeps. Wilcox sued the county, was awarded nearly $1 million in a settlement in 2011 and received the money this June when the Ninth Circuit Court of Appeals upheld the ruling. Andrew Thomas, the former county attorney, was disbarred for his role in investigations into the business dealings of Ms. Wilcox and other officials and for other unprofessional conduct. "I don't blame the Postal Service," says Wilcox, "but you shouldn't be able to just use these mail covers to go on a fishing expedition. There needs to be more control."

Read more of this story at Slashdot.








Categories: Tech/Science News

Location of Spilled Oil From 2010 Deepwater Horizon Event Found

Slashdot - Tue, 10/28/2014 - 23:36
Chipmunk100 writes: A study published in the journal Proceedings of the National Academy of Sciences (abstract) claims to have identified the location of two million barrels of submerged oil thought to be trapped in the deep ocean following the 2010 Deepwater Horizon spill. By analyzing data from more than 3,000 samples collected at 534 locations over 12 expeditions, they identified a 1,250-square-mile patch of the deep sea floor upon which 2 to 16 percent of the discharged oil was deposited. The fallout of oil to the sea floor created thin deposits most intensive to the southwest of the Macondo well. The oil was most concentrated within the top half inch of the sea floor and was patchy even at the scale of a few feet."

Read more of this story at Slashdot.








Categories: Tech/Science News

Pages

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer