Sorry, you need to enable JavaScript to visit this website.

Feed aggregator

WannaLaugh? Funsters port WannaCrypt to Commodore, Cisco, Nintendo and Tesla

El Reg - 1 hour 45 min ago
Some folk have Photoshop and too much time on their hands

The WannaCrypt ransomware is yet another reminder, if any were needed, that the networks and machines on which society is now so reliant are laughably insecure.…

ESR Announces The Open Sourcing Of The World's First Text Adventure

Slashdot - 2 hours 17 min ago
An anonymous reader writes: Open source guru Eric S. Raymond added something special to his GitHub page: an open source version of the world's first text adventure. "Colossal Cave Adventure" was first written in 1977, and Raymond remembers it as "the origin of many things; the text adventure game, the dungeon-crawling D&D (computer) game, the MOO, the roguelike genre. Computer gaming as we know it would not exist without ADVENT (as it was known in its original PDP-10 incarnation...because PDP-10 filenames were limited to six characters of uppercase)... "Though there's a C port of the original 1977 game in the BSD game package, and the original FORTRAN sources could be found if you knew where to dig, Crowther & Woods's final version -- Adventure 2.5 from 1995 -- has never been packaged for modern systems and distributed under an open-source license. Until now, that is. With the approval of its authors, I bring you Open Adventure." Calling it one of the great artifacts of hacker history, ESR writes about "what it means to be respectful of an important historical artifact when it happens to be software," ultimately concluding version control lets you preserve the original and continue improving it "as a living and functional artifact. We respect our history and the hackers of the past best by carrying on their work and their playfulness." "Despite all the energy Crowther and Woods had to spend fighting ancient constraints, ADVENT was a tremendous imaginative leap; there had been nothing like it before, and no text adventure that followed it would be innovative to quite the same degree."

Read more of this story at Slashdot.

New 'Beaver' web server has exactly ONE user outside China

El Reg - 2 hours 44 min ago
And none of those in China show anything while they wait for government paperwork

Netcraft's monthly survey of web-facing computers has turned up an oddity: a new web server called “Beaver” that's used by exactly one web site outside China.…

Network Time Protocol updated to spook-harden user comms

El Reg - 3 hours 44 min ago
Network time lords decide we don't need IP address swaps

The Internet Engineering Task Force has taken another small step in protecting everybody's privacy – this time, in making the Network Time Protocol a bit less spaffy.…

ARM talks up fresh CPUs and a GPU, all tuned for AI

El Reg - Mon, 29/05/2017 - 5:01am
Cortex-A75, A55, and Mali-G72 coming next year

Chip designer ARM on Monday plans to announce its first set of processors based on its DynamIQ microprocessor architecture, in conjunction with a revised GPU chip.…

US Senators Propose Bug Bounties For Hacking Homeland Security

Slashdot - Mon, 29/05/2017 - 4:30am
An anonymous reader quotes CNN: U.S. senators want people to hack the Department of Homeland Security. On Thursday, Senators Maggie Hassan, a Democrat and Republican Rob Portman introduced the Hack DHS Act to establish a federal bug bounty program in the DHS... It would be modeled off the Department of Defense efforts, including Hack the Pentagon, the first program of its kind in the federal government. Launched a year ago, Hack the Pentagon paved the way for more recent bug bounty events including Hack the Army and Hack the Air Force... The Hack the DHS Act establishes a framework for bug bounties, including establishing "mission-critical" systems that aren't allowed to be hacked, and making sure researchers who find bugs in DHS don't get prosecuted under the Computer Fraud and Abuse Act. "It's better to find vulnerabilities through someone you have engaged with and vetted," said Jeff Greene, the director of government affairs and policy at security firm Symantec. "In an era of constrained budgets, it's a cost-effective way of identifying vulnerabilities"... If passed, it would be among the first non-military bug bounty programs in the public sector.

Read more of this story at Slashdot.

Microsoft Master File Table bug exploited to BSOD Windows 7, 8.1

El Reg - Mon, 29/05/2017 - 4:00am
The 1990s called: they want their filepath hack back

Until Microsoft patches this problem, use Chrome: a slip in file-path handling allows attacker to crash Windows 7 and Windows 8.1 with a file call.…

Australian Taxation Office won't penalise Plutus contractors

El Reg - Mon, 29/05/2017 - 2:57am
If payroll operator accused of AU$165m scam didn't pay, neither will contractors

The Australian Taxation Office has issued guidance to clients of Plutus Payroll, the company accused of AU$165m scam, and says they “will not be penalised” if the company hasn't paid the right amount of tax on their behalf.…

Aruba bugs squashed in seven-vuln splatfest

El Reg - Mon, 29/05/2017 - 1:58am
ClearPass Policy Manager needs upgrade

In case you missed it: there's a bunch of bad bugs in HPE's Aruba ClearPass Policy Manager.…

Walt Mossberg's Last Column Calls For Privacy and Security Laws

Slashdot - Mon, 29/05/2017 - 1:30am
70-year-old Walt Mossberg wrote his last weekly column Thursday, looking back on how "we've all had a hell of a ride for the last few decades" and revisiting his famous 1991 pronouncement that "Personal computers are just too hard to use, and it isn't your fault." Not only were the interfaces confusing, but most tech products demanded frequent tweaking and fixing of a type that required more technical skill than most people had, or cared to acquire. The whole field was new, and engineers weren't designing products for normal people who had other talents and interests. But, over time, the products have gotten more reliable and easier to use, and the users more sophisticated... So, now, I'd say: "Personal technology is usually pretty easy to use, and, if it's not, it's not your fault." The devices we've come to rely on, like PCs and phones, aren't new anymore. They're refined, built with regular users in mind, and they get better each year. Anything really new is still too close to the engineers to be simple or reliable. He argues we're now in a strange lull before entering an unrecognizable world where major new breakthroughs in areas like A.I., robotics, smart homes, and augmented reality lead to "ambient computing", where technology itself fades into the background. And he uses his final weekly column to warn that "if we are really going to turn over our homes, our cars, our health and more to private tech companies, on a scale never imagined, we need much, much stronger standards for security and privacy than now exist. Especially in the U.S., it's time to stop dancing around the privacy and security issues and pass real, binding laws."

Read more of this story at Slashdot.

Raspberry Pi foundation merges with CoderDojo Foundation

El Reg - Mon, 29/05/2017 - 1:07am
Two coding-for-kids orgs already overlapped, now plan joint acceleration

The Raspberry Pi Foundation and the CoderDojo Foundation have merged in order to combine forces and accelerate both organisation's mission to teach kids how to code.…

Linux 4.12-rc3 Kernel Released

Phoronix - Mon, 29/05/2017 - 1:07am
Linus Torvalds has announced the third weekly test candidate for the upcoming Linux 4.12 kernel debut...

GNU's libmicrohttpd 0.9.55 Embeddable Web Server Released

Phoronix - Mon, 29/05/2017 - 12:58am
A new release is now available of libmicrohttpd, the GNU project making it easy to run an HTTP web server as part of another application...

Arista-cats win some, lose some against Cisco

El Reg - Mon, 29/05/2017 - 12:36am
Upside: it could be all over by September

Both Cisco and Arista have claimed victory in the latest instalment of their intellectual property lawsuit.…

Leaked 'Standing Rock' Documents Reveal Invasive Counterterrorism Measures

Slashdot - Sun, 28/05/2017 - 11:30pm
An anonymous reader writes: "A shadowy international mercenary and security firm known as TigerSwan targeted the movement opposed to the Dakota Access Pipeline with military-style counterterrorism measures," reports The Intercept, decrying "the fusion of public and private intelligence operations." Saying the private firm started as a war-on-terror contractor for the U.S. military and State Department, the site details "sweeping and invasive" surveillance of protesters, citing over 100 documents leaked by one of the firm's contractors. The documents show TigerSwan even havested information about the protesters from social media, and "provide extensive evidence of aerial surveillance and radio eavesdropping, as well as infiltration of camps and activist circles... The leaked materials not only highlight TigerSwan's militaristic approach to protecting its client's interests but also the company's profit-driven imperative to portray the nonviolent water protector movement as unpredictable and menacing enough to justify the continued need for extraordinary security measures... Internal TigerSwan communications describe the movement as 'an ideologically driven insurgency with a strong religious component' and compare the anti-pipeline water protectors to jihadist fighters." The Intercept reports that recently "the company's role has expanded to include the surveillance of activist networks marginally related to the pipeline, with TigerSwan agents monitoring 'anti-Trump' protests from Chicago to Washington, D.C., as well as warning its client of growing dissent around other pipelines across the country." They also report that TigerSwan "has operated without a license in North Dakota for the entirety of the pipeline security operation."

Read more of this story at Slashdot.

US laptops-on-planes ban may extend to flights from ALL nations

El Reg - Sun, 28/05/2017 - 11:25pm
'Real, sophisticated, threat' may mean ban on flights to and from USA says Homeland Security head John Kelly

United States Homeland Security Secretary Gen. John Kelly says he's considering a ban on laptops in airline cabins from flights that leave all nations, not just Europe and the Middle East as is currently the case.…

Seven Science Journals Have A Dog On Their Editorial Board

Slashdot - Sun, 28/05/2017 - 10:30pm
An anonymous reader writes: A professor of health policy at Australia's Curtin University got seven different science journals to put his dog on their editorial board. The dog is now associate editor for the Global Journal of Addiction & Rehabilitation Medicine, and sits on the editorial board of Psychiatry and Mental Disorders. The professor says he feels sorry for one researcher who recently submitted a paper about how to treat sheath tumors, because "the journal has sent it to a dog to review." The official profile of the dog lists its research interests as "the benefits of abdominal massage for medium-sized canines" and "avian propinquity to canines in metropolitan suburbs." An Australian news site points out that career-minded researchers pay up to $3,000 to get their work published in predatory journals so they can list more publications on their resumes. "While this started as something lighthearted," says the dog-owning professor, "I think it is important to expose shams of this kind which prey on the gullible, especially young or naive academics and those from developing countries."

Read more of this story at Slashdot.

Malicious Apps Brought Ad-Clicking 'Judy' Malware To Millions Of Android Phones

Slashdot - Sun, 28/05/2017 - 9:30pm
An anonymous reader quotes Fortune: The security firm Checkpoint on Thursday uncovered dozens of Android applications that infected users' devices with malicious ad-click software. In at least one case, an app bearing the malware was available through the Google Play app store for more than a year. While the actual extent of the malicious code's spread is unknown, Checkpoint says it may have reached as many as 36.5 million users, making it potentially the most widely-spread malware yet found on Google Play... The nefarious nature of the programs went unnoticed in large part, according to Checkpoint, because its malware payload was downloaded from a non-Google server after the programs were installed. The code would then use the infected phone to click on Google ads, generating fraudulent revenue for the attacker.

Read more of this story at Slashdot.

New Privacy Vulnerability In IOT Devices: Traffic Rate Metadata

Slashdot - Sun, 28/05/2017 - 8:30pm
Orome1 quotes Help Net Security: Even though many IoT devices for smart homes encrypt their traffic, a passive network observer -- e.g. an ISP, or a neighborhood WiFi eavesdropper -- can infer consumer behavior and sensitive details about users from IoT device-associated traffic rate metadata. A group of researchers from the Computer Science Department of Princeton University have proven this fact by setting up smart home laboratory with a passive network tap, and examining the traffic rates of four IoT smart home devices: a Sense sleep monitor, a Nest Cam Indoor security camera, a WeMo smart outlet, and an Amazon Echo smart speaker... "Once an adversary identifies packet streams for a particular device, one or more of the streams are likely to encode device state. Simply plotting send/receive rates of the streams revealed potentially private user interactions for each device we tested," the researchers noted. [PDF] In addition, the article notes, "Separating recorded network traffic into packet streams and associating each stream with an IoT device is not that hard."

Read more of this story at Slashdot.

Silicon Valley Continues To Explore Universal Basic Incomes

Slashdot - Sun, 28/05/2017 - 7:30pm
A Silicon Valley Congressman "is pushing for a plan that has been described as a first step toward universal basic income...a long-shot $1 trillion expansion to the earned income tax credit that is already available to low-income families." An anonymous reader quotes the Mecury News: Stanford University also has created a Basic Income Lab to study the idea, and the San Francisco city treasurer's office has said it's designing pilot tests -- though the department told this news organization it has no updates on the status of that project... The problem is that giving all Americans a $10,000 annual income would cost upwards of $3 trillion a year -- more than three-fourths of the federal budget, said Bob Greenstein, president of Washington, D.C.-based Center for Budget and Policy Priorities. Some proponents advocate funding the move by cutting programs like food stamps and Medicaid. But that approach would take money set aside for low-income families and redistribute it upward, exacerbating poverty and inequality, Greenstein said... Jennifer Lin, deputy director of the East Bay Alliance for a Sustainable Economy, is skeptical that basic income can do much lasting good in Oakland. What the city needs is more high-paying jobs and affordable housing, she said... The idea, [Sam Altman, president of Y Combinator] said at the Commonwealth Club, tackles the question not enough people are asking: "What do we as the tech industry do to solve the problem that we're helping to create?" This summer Y Combinator is expected to announce a larger Universal Basic Income program, though the article also describes "small pilot studies" in the 1960s and 1970s in Canada and in several U.S. states including New Jersey, Pennsylvania, North Carolina, Iowa and Indiana, where "Some studies showed improvements in participants' physical and mental health, and found children performed better in school or stayed in school longer. But some also showed that people receiving a basic income were inclined to spend fewer hours working."

Read more of this story at Slashdot.

Syndicate content