Sorry, you need to enable JavaScript to visit this website.

Feed aggregator

Linux 4.15-rc3 Kernel Released

Phoronix - Mon, 11/12/2017 - 2:08am
Linus Torvalds has announced the third weekly test release of the upcoming Linux 4.15 kernel...

Optus to refund NBN customers for slow connections

El Reg - Mon, 11/12/2017 - 2:05am
'Technical limitations' hobbled copper-based services

Optus has become the second Australian carrier to announce refunds for customers unable to get decent National Broadband Network connections.…

Dynamics 365 sandbox leaked TLS certificates

El Reg - Mon, 11/12/2017 - 12:31am
Hey Microsoft, is this your private key?

Another day, another credential found wandering without a leash: Microsoft accidentally left a Dynamics 365 TLS certificate and private key where they could leak, and according to the discoverer, took 100 days to fix the bungle.…

Researchers Say Human Lifespans Have Already Hit Their Peak

Slashdot - Mon, 11/12/2017 - 12:22am
An anonymous reader quotes Newsweek: We have reached our peak in terms of lifespan, athletic performance and height, according to a new survey of research and historical records... "These traits no longer increase, despite further continuous nutritional, medical, and scientific progress," said Jean-FranÃois Toussaint, a physiologist at Paris Descartes University, France, in a press release... For the study, published in the journal Frontiers in Physiology, a team of French scientists, including Toussaint, from a range of fields analyzed 120 years' worth of historical records and previous research to gauge the varying pace of changes seen in human athletic performance, human lifespan and human height. While, as they observe, the 20th century saw a surge in improvements in all three areas that mirrored industrial, medical and scientific advances, the pace of those advances has slowed significantly in recent years. The team looked at world records in a variety of sports, including running, swimming, skating, cycling and weight-lifting. Olympic athletes in those sports continually toppled records by impressive margins from the early 1900s to the end of the 20th century, according the study. But since then, Olympic records have shown just incremental improvements. We have stopped not only getting faster and stronger, according to the study, but also growing taller... [D]ata from the last three decades suggest that heights have plateaued among high-income countries in North America and Europe... As for our human lifespan, life expectancy in high-income countries rose by about 30 years from 1900 to 2000, according to a National Institutes of Health study cited by the authors, thanks to better nutrition, hygiene, vaccines and other medical improvements. But we may have maxed out our biological limit for longevity. The researchers found that in many human populations, says Toussaint, "it's more and more difficult to show progress in lifespan despite the advances of science."

Read more of this story at Slashdot.

Launch of Bitcoin Futures Trading Crashes CBOE Site

Slashdot - Sun, 10/12/2017 - 11:17pm
"5PM CT is the start of Bitcoin futures trading and the $CBOE website appears to be down," one market watcher posted on Twitter (and his observation was quickly confirmed by other cryptocurrency-watching accounts and confirmed by CBOE). "I'm guessing watching Bitcoin futures start trading is a more popular spectator sport than anticipated." Bitcoin futures will also begin trading on the Chicago Mercantile Exchange in eight days. The Street report that the anticipation of that "has triggered wild swings in bitcoin prices over the last week." Overall, trading bitcoin futures is a positive development for the cryptocurrency says the research team at Fundstrat... The introduction of derivatives lays the necessary market structure for institutions to allocate cash towards cryptocurrencies, points out Fundstrat... Short sellers may now express negative views on bitcoin, which could lead to short-term pricing pressure. But the ability for short sellers to hate on bitcoin could be viewed as a longer term positive, Fundstrat says. Shorting essentially creates true price discovery and means that hedge funds could take bitcoin more seriously. This should improve the long-term prospects of bitcoin as it broadens sponsorship, Fundstrat believes.

Read more of this story at Slashdot.

Top iOS Apps of 2017: Bitmoji Beats Snapchat, YouTube, and Facebook Messenger

Slashdot - Sun, 10/12/2017 - 10:27pm
An anonymous reader quotes CNN: Apple has unveiled its list of most downloaded iOS apps of the year, and topping the list is free custom emoji app Bitmoji... Bitmoji soared to the top of the list, thanks to an integration with Snapchat. (Snapchat's parent company acquired Bitmoji last year for an unknown amount)... Users must download the Bitmoji app to use it with Snapchat. Fittingly, the main Snapchat app took second place, despite a tough year on Wall Street that was attributed to slow user growth. Snapchat was the most downloaded app of 2016. Google's YouTube took the number three spot this year, while Facebook's Messenger and Instagram placed fourth and fifth, respectively.

Read more of this story at Slashdot.

Brandis' infrastructure security bill off to committee

El Reg - Sun, 10/12/2017 - 9:56pm
Report fast-tracked to Q1 2018

Australia's attorney-general George Brandis won't get his critical infrastructure register kicked off this year: the legislation was introduced late last week, but immediately sent off to the Parliamentary Joint Committee on Intelligence and Security.…

Coinbase Warns During Times of High Volatility, Access Could Become 'Unavailable'

Slashdot - Sun, 10/12/2017 - 9:22pm
An anonymous reader quotes City AM: A leading bitcoin exchange has warned that customers may be unable to get their money out quickly in the event of a crash in the cryptocurrency's price. Writing in a blog post last week, Coinbase's co-founder and chief executive Brian Armstrong, said despite "sizeable and ongoing" increases in the firm's technical infrastructure and engineering staff, access to Coinbase services could become "degraded or unavailable during times of significant volatility or volume. This could result in the inability to buy or sell for period of time," he said. Armstrong added that there would be restrictions on how much customers could sell, or sell limits, to "protect client accounts and assets"... Bitcoin's market capitalisation rose above $300 billion for the first time earlier this week when its price rocketed to an all-time high of just over $17,000. Many analysts have warned that bitcoin represents an unsustainable bubble, though no one is quite sure when it will burst.

Read more of this story at Slashdot.

Haiku OS Is Very Close To Their Long Awaited Beta, New Repository Working

Phoronix - Sun, 10/12/2017 - 8:50pm
The BeOS-inspired Haiku operating system should be issuing its long-awaited beta release by early 2018...

Exhausted Amazon Drivers Are Working 11-Hour Shifts For Less Than Minimum Wage

Slashdot - Sun, 10/12/2017 - 8:17pm
schwit1 quotes the Daily Mirror: Drivers are being asked to deliver up to 200 parcels a day for Amazon while earning less than the minimum wage, a Sunday Mirror investigation reveals today... Many routinely exceed the legal maximum shift of 11 hours and finish their days dead on their feet. Yet they have so little time for food or toilet stops they snatch hurried meals on the run and urinate into plastic bottles they keep in their vans. They say they often break speed limits to meet targets that take no account of delays such as ice, traffic jams or road closures. Many claim they are employed in a way that means they have no rights to holiday or sickness pay. And some say they take home as little as £160 for a five-day week amid conditions described by one lawyer as "almost Dickensian"... The Driving and Vehicle Standards Agency has vowed to investigate after drivers contacted them to complain about conditions.

Read more of this story at Slashdot.

Did Programming Language Flaws Create Insecure Apps?

Slashdot - Sun, 10/12/2017 - 7:12pm
Several popular interpreted programming languages are affected by severe vulnerabilities that expose apps built on these languages to attacks, according to research presented at the Black Hat Europe 2017 security conference. An anonymous reader writes: The author of this research is IOActive Senior Security Consultant Fernando Arnaboldi, who says he used an automated software testing technique named fuzzing to identify vulnerabilities in the interpreters of five of today's most popular programming languages: JavaScript, Perl, PHP, Python, and Ruby. Fuzzing involves providing invalid, unexpected, or random data as input to a software application. The researcher created his own fuzzing framework named XDiFF that broke down programming languages per each of its core functions and fuzzed each one for abnormalities. His work exposed severe flaws in all five languages, such as a hidden flaw in PHP constant names that can be abused to perform remote code execution, and undocumented Python methods that can be used for OS code execution. Arnaboldi argues that attackers can exploit these flaws even in the most secure applications built on top of these programming languages.

Read more of this story at Slashdot.

FCC Refuses Records For Investigation Into Fake Net Neutrality Comments

Slashdot - Sun, 10/12/2017 - 6:04pm
"FCC general counsel Tom Johnson has told the New York State attorney general that the FCC is not providing information for his investigation into fake net-neutrality comments, saying those comments did not affect the review, and challenging the state's ability to investigate the feds." Variety has more: The FCC's general counsel, in a letter to New York Attorney General Eric Schneiderman, also dismissed his concerns that the volume of fake comments or those made with stolen identities have "corrupted" the rule-making process... He added that Schneiderman's request for logs of IP addresses would be "unduly burdensome" to the commission, and would "raise significant personal privacy concerns." Amy Spitalnick, Schneiderman's press secretary, said in a statement that the FCC "made clear that it will continue to obstruct a law enforcement investigation. It's easy for the FCC to claim that there's no problem with the process, when they're hiding the very information that would allow us to determine if there was a problem. To be clear, impersonation is a violation of New York law," she said... "The only privacy jeopardized by the FCC's continued obstruction of this investigation is that of the perpetrators who impersonated real Americans." One of the FCC's Democratic commissioners claimed that this response "shows the FCC's sheer contempt for public input and unreasonable failure to support integrity in its process... Moreover, the FCC refuses to look into how nearly half a million comments came from Russian sources."

Read more of this story at Slashdot.

Skylake Server Scheduler Model Updated In LLVM 6.0 Along With Other Intel CPU Updates

Phoronix - Sun, 10/12/2017 - 6:03pm
The x86 scheduler model for Skylake AVX-512-enabled servers has been updated ahead of the LLVM 6.0 feature freeze next month...

Microsoft's 'Malware Protection Engine' Had A Remote Code Execution Flaw

Slashdot - Sun, 10/12/2017 - 4:59pm
Slashdot reader Trax3001BBS shares an article from The Register: Microsoft posted an out-of-band security update Thursday to address a remote code execution flaw in its Malware Protection Engine. Redmond says the flaw, dubbed CVE-2017-11937, has not yet been exploited in the wild. Because it is an out-of-band critical fix, however, it should be installed as soon as possible. For most users, this will happen automatically. The security hole is present in Windows Defender and Microsoft Security Essentials, as well as Endpoint Protection, Forefront Endpoint Protection, and Exchange Server 2013 and 2016... According to Microsoft, the vulnerability can be triggered when the Malware Protection Engine scans a downloaded file to check for threats. In many systems this is set to happen automatically for all new files. By exploiting a memory corruption error in the malware scanning tool, the attack file would be able to execute code on the target machine with LocalSystem privileges.

Read more of this story at Slashdot.

Linux 4.15 I/O Scheduler Tests: BFQ, CFQ, Kyber

Phoronix - Sun, 10/12/2017 - 4:26pm
With some BFQ performance fixes included as part of Linux 4.15 along with other I/O scheduler work and block improvements for this latest Linux kernel series, here are some fresh benchmarks of the different I/O scheduler options using the Linux 4.15 Git kernel.

New Satellite Experiment Helps Confirm Einstein's Equivalence Principle

Slashdot - Sun, 10/12/2017 - 3:54pm
Part of Einstein's theory of general relativity posits that gravity equals inertial mass -- and for the first time in 10 years, there's new evidence that he's right. Slashdot reader orsayman reports: Most stories around space today seem to revolve around SpaceX, but let's not forget that space is also a place for cool physics experiments. One such experiment currently running into low orbit is the MICROSCOPE satellite launched in 2016 to test the (weak) Equivalence Principle (also knows as the universality of free fall) a central hypothesis in General Relativity. The first results confirm the principle with a precision ten times better than previous experiments. And it's just the beginning since they hope to increase the precision by another factor of 10. If the Equivalence Principle is still verified at this precision, this could constrain or invalidate some quantum gravity theories. For those of you who are more satellite-science oriented, the satellite also features an innovative "self destruct" mechanism (meant to limit orbit pollution) based on inflatable structures described in this paper. "The science phase of the mission began in December 2016," reports France's space agency, "and has already collected data from 1,900 orbits, the equivalent of a free fall of 85 million kilometres or half the Earth-Sun distance."

Read more of this story at Slashdot.

OpenBSD Now Officially Supports 64-bit ARM

Phoronix - Sun, 10/12/2017 - 3:07pm
OpenBSD has graduated its 64-bit ARM (ARM64) architecture to being officially supported...

Touting Government/Industry 'Partnership' on Security Practices, NIST Drafts Cybersecurity Framework Update

Slashdot - Sun, 10/12/2017 - 2:49pm
Remember NIST, the non-regulatory agency of the U.S. Department of Commerce? Their mission expanded over the years to protecting businesses from cyberthreats, including a "Cybersecurty Framework" first published in 2014. "The original goal was to develop a voluntary framework to help organizations manage cybersecurity risk in the nation's critical infrastructure, such as bridges and the electric power grid," NIST wrote in January, "but the framework has been widely adopted by many types of organizations across the country and around the world." Now SC Media reports: The second draft of the update to the National Institute of Standards and Technology's cybersecurity framework, NIST 1.1, is meant "to clarify, refine, and enhance the Cybersecurity Framework, amplifying its value and making it easier to use," according to NIST. Specifically, it brings clarity to cybersecurity measurement language and tackles improving security of the supply chain. Calling the initial NIST CSF "a landmark effort" that delivered "important benefits, such as providing common language for different models" of standards and best practices already in use, Larry Clinton, president and CEO of the Internet Security Alliance, said "it fell short of some of the most critical demands of Presidential Executive Order 13636, which generated its development... "To begin with, the new draft makes it clear that our goal is not some undefined metric for use of the Framework, but for effective use of the Framework. Moreover, this use-metric needs to be tied not to some generic standard, but to be calibrated to the unique threat picture, risk appetite and business objective of a particular organization"... Clinton praised the process used by NIST as "a model 'use case' for how government needs to engage with its industry partners to address the cybersecurity issue." The internet's inherent interconnectedness makes it impossible for sustainable security to be achieved through anything other than true partnership, he contended. Slashdot reader Presto Vivace reminds you that public comments on the draft Framework and Roadmap are due to NIST by 11:59 p.m. EST on January 19, 2018. "If you have an opinion about this, NOW is the time to express it."

Read more of this story at Slashdot.

GTK4, GNOME's Wayland Support & Vulkan Renderer Topped GNOME In 2017

Phoronix - Sun, 10/12/2017 - 1:50pm
GNOME had a very successful 2017 with the excellent 3.24 and 3.26 releases that continued improving their Wayland support, adding various features to their applications, etc. GTK4 development continued heavily as well with a plethora of improvements and new features...

A Lot Of Improvements Are Building Up For GIMP 2.9.8, Including Better Wayland Support

Phoronix - Sun, 10/12/2017 - 12:27pm
It's been four months since the release of GIMP 2.9.6 and while GIMP 2.9 developments are sadly not too frequent, the next GIMP 2.9.8 release is preparing a host of changes...
Syndicate content