Sorry, you need to enable JavaScript to visit this website.

Slashdot

Slashdot
News for nerds, stuff that matters
Updated: 14 min 48 sec ago

New Illinois Law Limits Police Use Of Cellphone-Tracking Stingray

Mon, 25/07/2016 - 1:35am
An anonymous Slashdot reader quotes a report from ABC News: A new Illinois law limits how police can use devices that cast a wide net in gathering cellphone data... [Stingray] gathers phone-usage data on targets of criminal investigations, but it also gathers data on other cellphones -- hundreds or even thousands of them -- in the area. The new law requires police to delete the phone information of anyone who wasn't an investigation target within 24 hours. It also prohibits police from accessing data for use in an investigation not authorized by a judge. A dozen other states have adopted such regulations, and Congress is considering legislation that would strengthen federal guidelines already in place... Privacy advocates worry that without limits on how much data can be gathered or how long it can be stored, law enforcement could use the technology to build databases that track the behavior and movement of people who are not part of criminal investigations. Earlier this month a U.S. judge threw out evidence gathered with Stingray for the first time, saying that without a search warrant, "the government may not turn a citizen's cell phone into a tracking device." The ACLU has identified 66 agencies in 24 states using Stingray technology, "but because many agencies continue to shroud their purchase and use of stingrays in secrecy, this map dramatically underrepresents the actual use of stingrays by law enforcement agencies nationwide."

Read more of this story at Slashdot.

Glassdoor Exposes 600,000 Email Addresses

Sun, 24/07/2016 - 11:35pm
A web site where users anonymously review their employer has exposed the e-mail addresses -- and in some cases the names -- of hundreds of thousands of users. An anonymous reader quotes an article from Silicon Beat: On Friday, the company sent out an email announcing that it had changed its terms of service. Instead of blindly copying email recipients on the message, the company pasted their addresses in the clear. Each message recipient was able to see the email addresses of 999 other Glassdoor users... Ultimately, the messages exposed the addresses of more than 2 percent of the company's users... Last month, the company said it had some 30 million monthly active users, meaning that more than 600,000 were affected by the exposure... Although the company didnâ(TM)t directly disclose the names of its users, many of their names could be intuited from their email addresses. Some appeared to be in the format of "first name.last name" or "first initial plus last name." A Glassdoor spokesperson said "We are extremely sorry for this error. We take the privacy of our users very seriously and we know this is not what is expected of us. It certainly isn't how we intend to operate."

Read more of this story at Slashdot.

Clinton Campaign: Russia Leaked Emails to Help Trump

Sun, 24/07/2016 - 10:35pm
An anonymous Slashdot reader quotes the Washington Post: A top official with Hillary Clinton's campaign on Sunday accused the Russian government of orchestrating the release of damaging Democratic Party records in order to help the campaign of Republican Donald Trump -- and some cyber security experts in the U.S. and overseas agree. The extraordinary charge came as some national security officials have been growing increasingly concerned about possible efforts by Russia to meddle in the election, according to several individuals familiar with the situation. Late last week, hours before the records were released by the website Wikileaks, the White House convened a high-level security meeting to discuss reports that Russia had hacked into systems at the Democratic National Committee... Officials from various intelligence and defense agencies, including the National Security Council, the Department of Defense, the FBI and the Department of Homeland Security, attended the White House meeting Thursday, on the eve of the email release. Clinton's campaign manager told ABC News "some experts are now telling us that this was done by the Russians for the purpose of helping Donald Trump." Donald Trump's son later responded, "They'll say anything to be able to win this."

Read more of this story at Slashdot.

Linux Kernel 4.7 Officially Released

Sun, 24/07/2016 - 9:35pm
An anonymous Slashdot reader writes: The Linux 4.7 kernel made its official debut today with Linus Torvalds announcing, "after a slight delay due to my travels, I'm back, and 4.7 is out. Despite it being two weeks since rc7, the final patch wasn't all that big, and much of it is trivial one- and few-liners." Linux 4.7 ships with open-source AMD Polaris (RX 480) support, Intel Kabylake graphics improvements, new ARM platform/board support, Xbox One Elite Controller support, and a variety of other new features. Slashdot reader prisoninmate quotes a report from Softpedia: The biggest new features of Linux kernel 4.7 are support for the recently announced Radeon RX 480 GPUs (Graphic Processing Units) from AMD, which, of course, has been implemented directly into the AMDGPU video driver, a brand-new security module, called LoadPin, that makes sure the modules loaded by the kernel all originate from the same file system, and support for generating virtual USB Device Controllers in USB/IP. Furthermore, Linux kernel 4.7 is the first one to ensure the production-ready status of the sync_file fencing mechanism used in the Android mobile operating system, allow Berkeley Packet Filter (BPF) programs to attach to tracepoints, as well as to introduce the long-anticipated "schedutil" frequency governor to the cpufreq dynamic frequency scaling subsystem, which promises to be faster and more accurate than existing ones. Linus's announcement includes the shortlog, calling this release "fairly calm," though "There's a couple of network drivers that got a bit more loving."

Read more of this story at Slashdot.

Yahoo Ordered to Show How It Recovered 'Deleted' Emails

Sun, 24/07/2016 - 8:35pm
An anonymous reader quotes a report from PC Magazine: Just what kind of email retentions powers does Yahoo have? According to a policy guide from the company, Yahoo cannot recover emails that have been deleted from a user's account -- simple as that. If the email is in a user's account, it's fair game, and Yahoo can even give law enforcement the IP address of whatever computer is being used to send said email. Or, at least, that's what Yahoo has said. A magistrate judge from the Northern District of California has ordered Yahoo to produce documents, as well as a witness for deposition, related to the company's ability to recover seemingly deleted emails in a UK drug case... a UK defendant was convicted -- and is currently serving an extra 20-year prison sentence -- as part of a conspiracy to import drugs into the United Kingdom. He's currently appealing the conviction, in part because the means by which Yahoo recovered the emails in question allegedly violate British law. The drug smugglers apparently communicated by creating a draft of an email, which was then available to others who logged into that same account.

Read more of this story at Slashdot.

Programming Language Gurus Converge on 'Curry On' Conference

Sun, 24/07/2016 - 7:35pm
Videos are now online from this week's Curry On conference, which incuded talks by programming pioneers Larry Wall and Matthias Felleisen, as well as speakers from Google, Twitter, Facebook, Microsoft, and Oracle. Dave Herman from Mozilla Research also talked about building an open source research lab, while Larry Wall's keynote was titled "It's the End of the World as We Know It, and I Feel Fine." Billing itself as a non-profit conference about programming languages and emerging computer-industry challenges, this year's installment included talks about Java, Rust, Scala, Perl, Racket, Clojure, Rascal, Go and Oden. Held in a different European city each year, the annual conference hopes to provoke an open conversation between academia and the larger technology industry.

Read more of this story at Slashdot.

Transistors Will Stop Shrinking in 2021, Moore's Law Roadmap Predicts

Sun, 24/07/2016 - 6:35pm
Moore's Law, an empirical observation of the number of components that could be built on an integrated circuit and their corresponding cost, has largely held strong for more than 50 years, but its days are really numbered now. The prediction of the 2015 International Technology Roadmap for Semiconductors, which was only officially made available this month, says that transistor could stop shrinking in just five years. From an article on IEEE: After 2021, the report forecasts, it will no longer be economically desirable for companies to continue to shrink the dimensions of transistors in microprocessors. Instead, chip manufacturers will turn to other means of boosting density, namely turning the transistor from a horizontal to a vertical geometry and building multiple layers of circuitry, one on top of another. These roadmapping shifts may seem like trivial administrative changes. But "this is a major disruption, or earthquake, in the industry," says analyst Dan Hutcheson, of the firm VLSI Research. U.S. semiconductor companies had reason to cooperate and identify common needs in the early 1990s, at the outset of the roadmapping effort that eventually led to the ITRS's creation in 1998. Suppliers had a hard time identifying what the semiconductor companies needed, he says, and it made sense for chip companies to collectively set priorities to make the most of limited R&D funding.It still might not be the end of Moore's remarkable observation, though. The report adds that processors could still continue to fulfill Moore's Law with increased vertical density. The original report published by ITRS is here.

Read more of this story at Slashdot.

7-Eleven Just Used a Drone To Deliver Slurpees and a Chicken Sandwich

Sun, 24/07/2016 - 5:35pm
An anonymous Slashdot reader write: A drone has autonomously delivered Slurpees, a chicken sandwich, doughnuts, hot coffee and candy from a Reno, Nevada 7-Eleven to a nearby home. The delivery was made "in a matter of minutes" to two busy working parents near their store in Reno, Nevada, and the drone hovered in place and gently lowered each package to the ground in the family's backyard. "To find customers willing to have their order handled by a flying robot, the companies surveyed households within a one-mile radius of the store from which they planned to deliver," reports Tech Crunch. 7-Eleven partnered with drone-delivery company Flirtey, which has also used its drones to perform a ship-to-shore delivery of medical supplies . They're calling this flight the first FAA-approved drone delivery to a home and a historic milestone in commercial deliveries, and both companies plan to continue working together in the future to perform more testing on drone deliveries.

Read more of this story at Slashdot.

EU To Give Free Security Audits To Apache HTTP Server and Keepass

Sun, 24/07/2016 - 4:35pm
An anonymous reader writes: The European Commission announced on Wednesday that its IT engineers would provide a free security audit for the Apache HTTP Server and KeePass projects. The two projects were selected following a public survey that included several open-source projects deemed important for both the EU agencies and the wide public. The actual security audit will be carried out by employees of the IT departments at the European Commission and the European Parliament. This is only a test pilot program that's funded until the end of the year, but the EU said it would be looking for funding to continue it past its expiration date in December 2016.

Read more of this story at Slashdot.

Laser-Armed Martian Robot Now Vaporizing Targets of Its Own Free Will

Sun, 24/07/2016 - 3:35pm
Slashdot reader Rei writes: NASA -- having already populated the Red Planet with robots and armed a car-sized nuclear juggernaut with a laser -- have now decided to grant fire control of that laser over to a new AI system operating on the rover itself. Intended to increase the scientific data-gathering throughput on the sometimes glitching rover's journey, the improved AEGIS system eliminates the need for a series of back-and-forth communication sessions to select targets and aim the laser. Rei's original submission included a longer riff on The War of the Worlds, ending with a reminder to any future AI overlords that "I have a medical condition that renders me unfit to toil in any hypothetical subterranean lithium mines..."

Read more of this story at Slashdot.

Homeland Security Border Agents Can Seize Your Phone

Sun, 24/07/2016 - 2:36pm
Slashdot reader v3rgEz writes: A Wall Street Journal reporter has shared her experienced of having her phones forcefully taken at the border -- and how the Department of Homeland Security insists that your right to privacy does not exist when re-entering the United States. Indeed, she's not alone: Documents previously released under FOIA show that the DHS has a long-standing policy of warrantless (and even motiveless) seizures at the border, essentially removing any traveler's right to privacy. "The female officer returned 30 minutes later and said I was free to go," according to the Journal's reporter, adding. "I have no idea why they wanted my phones..."

Read more of this story at Slashdot.

UK Cybersecurity Executives Plead Guilty To Hacking A Rival Firm

Sun, 24/07/2016 - 1:35pm
An anonymous reader writes: "Five employees from cybersecurity firm Quadsys have admitted to hacking into a rival company's servers to allegedly steal customer data and pricing information," ZDNet is reporting. After a series of hearings, five top-ranking employees "admitted to obtaining unauthorised access to computer materials to facilitate the commission of an offence," including the company's owner, managing director, and account manager. Now they're facing 12 months in prison or fines, as well as additional charges, at their sentencing hearing in September. The headline at ZDNet gloats, "Not only did the Quadsys staff reportedly break into servers, they were caught doing it."

Read more of this story at Slashdot.

Star Trek's 50th Anniversary Celebrated at Comic-Con

Sun, 24/07/2016 - 11:35am
An anonymous Slashdot reader writes: Leonard Nimoy's 59-year-old son released a trailer for his upcoming documentary, For The Love Of Spock. CBS released a video teaser for their upcoming Star Trek: Discovery series. And Schmaltz brewery released a "Trouble With Tribbles" beer. It was all part of the festivities celebrating the 50th anniversary of CBS's original Star Trek series at this year's Comic-Con festival in San Diego, which culminated with an all-star panel of actors from previous Star Trek TV series. William Shatner, Michael Dorn, Brent Spiner, Jeri Ryan, and Scott Bakula all reminisced on the phenomenon of the show's fan culture, with Dorn telling the audience that Apple's iPad was inspired by Star Trek technology. And Brent Spiner told the audience, "We're in a time now where identity is under attack... Politicians could learn from Star Trek."

Read more of this story at Slashdot.

Valve Threatens Counter Strike Gambling Sites

Sun, 24/07/2016 - 7:35am
An anonymous Slashdot reader quotes a report from HNGN: Game maker Valve is threatening to shut down sites dedicated to gambling with add-ons to its popular Counter Strike game. On Thursday the company sent cease and desist letters to 23 sites, demanding that gambling operations be stopped, and that the sites had 10 days to comply. The row revolves around the software overlays that change the appearance of the characters people play in Counter Strike: Global Offensive (CSGO) and the weapons and other virtual items. Last week the company reiterated that its user agreements ban external sites from asking users to connect their Steam accounts in order to trade items for real money. The company added that it would use "all available remedies" against sites that did not stop players using virtual goods to gamble. Bloomberg reports that in June a class action lawsuit was filed against Valve "for its role in the multibillion-dollar gambling economy that has fueled the game's popularity" -- by a man who had been gambling on the site since 2014. This was followed in July by a second class action lawsuit by a mother on behalf of her son, reports ESPN. "The case alleges that the Valve knowingly allows and profits from teenagers participating in illegal, unregulated and underage gambling of in-game cosmetic weapon skins through third-party sites."

Read more of this story at Slashdot.

Can Iris-Scanning ID Systems Tell the Difference Between a Live and Dead Eye?

Sun, 24/07/2016 - 3:35am
the_newsbeagle writes: Iris scanning is increasingly being used for biometric identification because it's fast, accurate, and relies on a body part that's protected and doesn't change over time. You may have seen such systems at a border crossing recently or at a high-security facility, and the Indian government is currently collecting iris scans from all its 1.2 billion citizens to enroll them in a national ID system. But such scanners can sometimes be spoofed by a high-quality paper printout or an image stuck on a contact lens. Now, new research has shown that post-mortem eyes can be used for biometric identification for hours or days after death, despite the decay that occurs. This means an eye could theoretically be plucked from someone's head and presented to an iris scanner. The same researcher who conducted that post-mortem study is also looking for solutions, and is working on iris scanners that can detect the "liveness" of an eye. His best method so far relies on the unique way each person's pupil responds to a flash of light, although he notes some problems with this approach.

Read more of this story at Slashdot.

Phones Without Headphone Jacks Are Here... and They're Extremely Annoying

Sun, 24/07/2016 - 1:35am
A few weeks ago, we had an intense discussion on what would happen if Apple's next iPhone doesn't have a headphone port -- and what that means for the rest of the industry, as well as the pros and cons of ditching the legacy port. Over the past few months, we have seen many smartphone manufacturers launch new handsets that don't have a headphone jack. Mashable has a report today in which it says that it is already causing frustration among users. From the article: In the Android camp, phones like Lenovo's Moto Z and Moto Z Force and China's LeEco have already scrapped the 3.5mm headphone jack; to listen to music on the company's three latest phones, users need to plug in USB Type-C headphones, go wireless, or use a dongle. I'm all for letting go of old technologies to push forward, but what is happening is actually going to make things worse. The headphone jack has worked for 50 years and it can work for another 50 more because it's universal. Headphones I plug into my iPhone work in an Android phone, in a BlackBerry, in my computer, in my PS4 controller, in my tablet, in any speaker with audio-out, and so on. I can walk into any electronics store and pick up a pair of headphones and not have to worry about compatibility with any of my devices. I know it'll work. [...] With a universal headphone jack, I never have to worry whether or not the crappy pack-in iPhone EarPods I have will work with the Android phone I'm reviewing or not. I also never have to worry if I'll be able to plug my headphones into a friend's phone to listen to some new song. Same applies for when I want to use my earbuds and headphones with another person's device. And there lies the real issue. I will need different dongles -- a Lightning-to-headphone-jack and a USB-Type-C-to-headphone-jack to be prepared because I do carry both iPhone and Android phone on me daily. Dongles also get lost.

Read more of this story at Slashdot.

Do We Need The Moto Z Smartphones' New Add-On Modules?

Sat, 23/07/2016 - 11:35pm
This week saw the release of the Moto Z Droid and Force Droid, new Android smartphones from Motorola and Lenovo with snap-on modules. Slashdot reader MojoKid writes that the Z Force Droid "is sheathed behind Moto ShatterShield technology making it virtually indestructible." Motorola guarantees it not to crack or shatter if dropped... However, what's truly standout are Moto Mods, which are snap-on back-packs of sorts that add new features, like the JBL Speaker, Moto Insta-Projector and Incipio OffGrid Power Pack (2220 mAh) mods... Even the fairly complex projector mod fires up in seconds and works really well. But the Verge has called it "a good phone headed down the wrong path," adding "this company is competing in the global smartphone market, not a high school science fair, and its success will depend on presenting better value than the competition, not cleverer design. Without the benefit of the value-projecting fairy dust of brands like Apple and Beats, Lenovo will have an uphill climb trying to justify its Moto Mods pricing with functionality and looks, and our review has shown that none of the company's extras are essential."

Read more of this story at Slashdot.

Turn Your Android Phone Into a Laptop For $99 With the Superbook

Sat, 23/07/2016 - 10:35pm
An anonymous Slashdot reader writes: A company called Andromium is attempting to harness the processing power of your Android smartphone and turn it into a full fledged computer. The 'Superbook' consists of a 11.6-inch laptop shell, which you connect to your phone via a USB Micro-B or Type-C cable, and run the Andromium OS application (currently in beta, but available in the Play Store)... The leader of the project and Company co-founder Gordon Zheng, previously worked at Google and pitched the idea to them... They refused so he quit his job and founded Andromium Inc. In December 2014 the company had introduced their first product which was a dock which used the MHL standard to output to external monitor. That campaign failed, however their newest creation, the Superbook smashed their Kickstarter goal in just over 20 minutes. And within their first 38 hours, they'd crowdfunded $500,000. In an intriguing side note, Andromium "says it'll open its SDK so developers can tailor their apps for Andromium, too, though how much support that gets remains to be seen," reports Tech Insider. But more importantly, "Andromium says its prototypes are finished, and that it hopes to ship the Superbook to backers by February 2017."

Read more of this story at Slashdot.

'High-Risk Vulnerabilities' In Oracle File-Processing SDKs Affect Major Third-Party Products

Sat, 23/07/2016 - 9:35pm
itwbennett writes: "Seventeen high-risk vulnerabilities out of the 276 flaws fixed by Oracle Tuesday affect products from third-party software vendors," writes Lucian Constantin on CSOonline. The vulnerabilities, which were found by researchers from Cisco's Talos team, are in the Oracle Outside In Technology (OIT), a collection of SDKs that are used in third-party products, including Microsoft Exchange, Novell Groupwise, IBM WebSphere Portal, Google Search Appliance, Avira AntiVir for Exchange, Raytheon SureView, Guidance Encase and Veritas Enterprise Vault. "It's not clear how many of those products are also affected by the newly patched seventeen flaws, because some of them might not use all of the vulnerable SDKs or might include other limiting factors," writes Constantin. But the Cisco researchers confirmed that Microsoft Exchange servers (version 2013 and earlier) are affected if they have WebReady Document Viewing enabled. In a blog post the researchers describe how an attacker could exploit these vulnerabilities. TL;DR version: "Attackers can exploit the flaws to execute rogue code on systems by sending specifically crafted content to applications using the vulnerable OIT SDKs."

Read more of this story at Slashdot.

Salesforce CEO Told LinkedIn He Would Have Paid Much More Than Microsoft

Sat, 23/07/2016 - 8:34pm
Ina Fried, reporting for Recode: It was already known that LinkedIn chose a potentially lower all-cash acquisition offer from Microsoft rather than take on the uncertainties of a stock-and-cash deal from Salesforce. But now it has been revealed that Salesforce might have been willing to go "much higher" than Microsoft's $26.2 billion, or change other terms of its bid, had it been given the chance. In a filing with regulators on Friday, LinkedIn said a board committee met on July 7 to discuss an email from Salesforce CEO Marc Benioff. "The email indicated that Party A would have bid much higher and made changes to the stock/cash components of its offers, but it was acting without communications from LinkedIn," LinkedIn said in the updated filing with the Securities and Exchange Commission.

Read more of this story at Slashdot.