Sorry, you need to enable JavaScript to visit this website.

Feed aggregator

TRAPPIST-1's planets are quiet. Quiet as the grave, in fact

El Reg - Thu, 23/03/2017 - 2:57am
Sorry, ET fans: these aren't the exoplanets you're looking for

Boiled dry or extra-terrestrial snowballs, it turns out that the multi exoplanets orbiting the star dubbed TRAPPIST-1 are almost certainly inhospitable to life.…

Ubuntu splats TITSUP bug spread in update

El Reg - Thu, 23/03/2017 - 2:02am
Fat-thumbed DNS patch unpatched, time to re-patch

A simple library update turned into a white-knuckle ride for Ubuntu sysadmins, who have lit up Reddit and StackOverflow to complain that their 'net connections went TITSUP (Total Inability To Support Usual Performance).…

Japanese Company Develops a Solar Cell With Record-Breaking 26%+ Efficiency

Slashdot - Thu, 23/03/2017 - 1:25am
An anonymous reader quotes a report from Ars Technica: The silicon-based cells that make up a solar panel have a theoretical efficiency limit of 29 percent, but so far that number has proven elusive. Practical efficiency rates in the low-20-percent range have been considered very good for commercial solar panels. But researchers with Japanese chemical manufacturer Kaneka Corporation have built a solar cell with a photo conversion rate of 26.3 percent, breaking the previous record of 25.6 percent. Although it's just a 2.7 percent increase in efficiency, improvements in commercially viable solar cell technology are increasingly hard-won. Not only that, but the researchers noted in their paper that after they submitted their article to Nature Energy, they were able to further optimize their solar cell to achieve 26.6 percent efficiency. That result has been recognized by the National Renewable Energy Lab (NREL). In the Nature Energy paper, the researchers described building a 180.4 cm2 cell using high-quality thin-film heterojunction (HJ) -- that is, layering silicon within the cell to minimize band gaps where electron states can't exist. Controlling heterojunctions is a known technique among solar cell builders -- Panasonic uses it and will likely incorporate it into cells built for Tesla at the Solar City plant in Buffalo, and Kaneka has its own proprietary heterojunction techniques. For this record-breaking solar cell, the Kaneka researchers also placed low-resistance electrodes toward the rear of the cell, which maximized the number of photons that collected inside the cell from the front. And, as is common on many solar cells, they coated the front of the cell with a layer of amorphous silicon and an anti-reflective layer to protect the cell's components and collect photons more efficiently.

Read more of this story at Slashdot.

LastPass Bugs Allow Malicious Websites To Steal Passwords

Slashdot - Thu, 23/03/2017 - 12:45am
Earlier this month, a Slashdot reader asked fellow Slashdotters what they recommended regarding the use of password managers. In their post, they voiced their uncertainty with password managers as they have been hacked in the past, citing an incident in early 2016 where LastPass was hacked due to a bug that allowed users to extract passwords stored in the autofill feature. Flash forward to present time and we now have news that three separate bugs "would have allowed a third-party to extract passwords from users visiting a malicious website." An anonymous Slashdot reader writes via BleepingComputer: LastPass patched three bugs that affected the Chrome and Firefox browser extensions, which if exploited, would have allowed a third-party to extract passwords from users visiting a malicious website. All bugs were reported by Google security researcher Tavis Ormandy, and all allowed the theft of user credentials, one bug affecting the LastPass Chrome extension, while two impacted the LastPass Firefox extension [1, 2]. The exploitation vector was malicious JavaScript code that could be very well hidden in any online website, owned by the attacker or via a compromised legitimate site.

Read more of this story at Slashdot.

Libinput 1.7 Released With Support For Lid Switches, Scroll Wheel Improvements

Phoronix - Thu, 23/03/2017 - 12:26am
Peter Hutterer has announced the new release of libinput 1.7.0 as the input handling library most commonly associated with Wayland systems but also with Ubuntu's Mir as well as the X.Org Server via the xf86-input-libinput driver...

W3C Erects DRM As Web Standard

Slashdot - Thu, 23/03/2017 - 12:05am
The World Wide Web Consortium (W3C) has formally put forward highly controversial digital rights management as a new web standard. "Dubbed Encrypted Media Extensions (EME), this anti-piracy mechanism was crafted by engineers from Google, Microsoft, and Netflix, and has been in development for some time," reports The Register. "The DRM is supposed to thwart copyright infringement by stopping people from ripping video and other content from encrypted high-quality streams." From the report: The latest draft was published last week and formally put forward as a proposed standard soon after. Under W3C rules, a decision over whether to officially adopt EME will depend on a poll of its members. That survey was sent out yesterday and member organizations, who pay an annual fee that varies from $2,250 for the smallest non-profits to $77,000 for larger corporations, will have until April 19 to register their opinions. If EME gets the consortium's rubber stamp of approval, it will lock down the standard for web browsers and video streamers to implement and roll out. The proposed standard is expected to succeed, especially after web founder and W3C director Sir Tim Berners-Lee personally endorsed the measure, arguing that the standard simply reflects modern realities and would allow for greater interoperability and improve online privacy. But EME still faces considerable opposition. One of its most persistent vocal opponents, Cory Doctorow of the Electronic Frontier Foundation, argues that EME "would give corporations the new right to sue people who engaged in legal activity." He is referring to the most recent controversy where the W3C has tried to strike a balance between legitimate security researchers investigating vulnerabilities in digital rights management software, and hackers trying to circumvent content protection. The W3C notes that the EME specification includes sections on security and privacy, but concedes "the lack of consensus to protect security researchers remains an issue." Its proposed solution remains "establishing best practices for responsible vulnerability disclosure." It also notes that issues of accessibility were ruled to be outside the scope of the EME, although there is an entire webpage dedicated to those issues and finding solutions to them.

Read more of this story at Slashdot.

Strike that: 17,000 AT&T workers down tools in California, Nevada

El Reg - Wed, 22/03/2017 - 11:48pm
I dreamed I called Joe Hill last night

More than 17,000 workers for AT&T belonging to the Communications Workers of America downed tools and went on strike in California and Nevada on Wednesday after restructuring talks broke down.…

'Dig Once' Bill Could Bring Fiber Internet To Much of the US

Slashdot - Wed, 22/03/2017 - 11:20pm
An anonymous reader quotes a report from Ars Technica: If the U.S. adopts a "dig once" policy, construction workers would install conduits just about any time they build new roads and sidewalks or upgrade existing ones. These conduits are plastic pipes that can house fiber cables. The conduits might be empty when installed, but their presence makes it a lot cheaper and easier to install fiber later, after the road construction is finished. The idea is an old one. U.S. Rep. Anna Eshoo (D-Calif.) has been proposing dig once legislation since 2009, and it has widespread support from broadband-focused consumer advocacy groups. It has never made it all the way through Congress, but it has bipartisan backing from lawmakers who often disagree on the most controversial broadband policy questions, such as net neutrality and municipal broadband. It even got a boost from Rep. Marsha Blackburn (R-Tenn.), who has frequently clashed with Democrats and consumer advocacy groups over broadband -- her "Internet Freedom Act" would wipe out the Federal Communications Commission's net neutrality rules, and she supports state laws that restrict growth of municipal broadband. Blackburn, chair of the House Communications and Technology Subcommittee, put Eshoo's dig once legislation on the agenda for a hearing she held yesterday on broadband deployment and infrastructure. Blackburn's opening statement (PDF) said that dig once is among the policies she's considering to "facilitate the deployment of communications infrastructure." But her statement did not specifically endorse Eshoo's dig once proposal, which was presented only as a discussion draft with no vote scheduled. The subcommittee also considered a discussion draft that would "creat[e] an inventory of federal assets that can be used to attach or install broadband infrastructure." Dig once legislation received specific support from Commerce Committee Chairman Greg Walden (R-Ore.), who said that he is "glad to see Ms. Eshoo's 'Dig Once' bill has made a return this Congress. I think that this is smart policy and will help spur broadband deployment across the country."

Read more of this story at Slashdot.

Hackers Claim Access To 300 Million iCloud Accounts, Demand $75,000 From Apple To Delete the Cache of Data

Slashdot - Wed, 22/03/2017 - 10:40pm
A hacker or group of hackers calling themselves the "Turkish Crime Family" claim they have access to at least 300 million iCloud accounts, and will delete the alleged cache of data if Apple pays a ransom by early next month. Motherboard is reporting that the hackers are demanding "$75,000 in Bitcoin or Ethereum, another increasingly popular crypto-currency, or $100,000 worth of iTunes gift cards in exchange for deleting the alleged cache of data." From the report: The hackers provided screenshots of alleged emails between the group and members of Apple's security team. One also gave Motherboard access to an email account allegedly used to communicate with Apple. "Are you willing to share a sample of the data set?" an unnamed member of Apple's security team wrote to the hackers a week ago, according to one of the emails stored in the account. (According to the email headers, the return-path of the email is to an address with the @apple.com domain). The hackers also uploaded a YouTube video of them allegedly logging into some of the stolen accounts. The hacker appears to access an elderly woman's iCloud account, which includes backed-up photos, and the ability to remotely wipe the device. Now, the hackers are threatening to reset a number of the iCloud accounts and remotely wipe victim's Apple devices on April 7, unless Apple pays the requested amount. According to one of the emails in the accessed account, the hackers claim to have access to over 300 million Apple email accounts, including those use @icloud and @me domains. However, the hackers appear to be inconsistent in their story; one of the hackers then claimed they had 559 million accounts in all. The hackers did not provide Motherboard with any of the supposedly stolen iCloud accounts to verify this claim, except those shown in the video.

Read more of this story at Slashdot.

GNOME 3.24 Released

Slashdot - Wed, 22/03/2017 - 10:00pm
prisoninmate quotes a report from Softpedia: GNOME 3.24 just finished its six-month development cycle, and it's now the most advanced stable version of the modern and popular desktop environment used by default in numerous GNU/Linux distributions. It was developed since October 2016 under the GNOME 3.23.x umbrella, during which it received numerous improvements. Prominent new features of the GNOME 3.24 desktop environment include a Night Light functionality that promises to automatically shift the colors of your display to the warmer end of the spectrum after sunset, and a brand-new GNOME Control Center with redesigned Users, Keyboard and Mouse, Online Accounts, Bluetooth, and Printer panels. As for the GNOME apps, we can mention that the Nautilus file manager now lets users browse files as root (system administrator), GNOME Photos imitates Darktable's exposure and blacks adjustment tool, GNOME Music comes with ownCloud integration and lets you edit tags, and GNOME Calendar finally brings the Week view. New apps like GNOME Recipes are also part of this release. The full release notes can be viewed here. Softpedia notes in conclusion: "As mentioned before, it will take at least a couple of weeks for the new GNOME 3.24 packages to land on the stable repositories of your favorite distro, which means that you'll most probably be able to upgrade from GNOME 3.22 when the first point release, GNOME 3.24.1, is out on April 12, 2017."

Read more of this story at Slashdot.

17 Fresh AMDGPU DC Patches Posted Today

Phoronix - Wed, 22/03/2017 - 9:41pm
Seventeen more "DC" display code patches were published today for the AMDGPU DRM driver, but it's still not clear if it will be ready -- or accepted -- for Linux 4.12...

17,000 AT&T Workers Go On Strike In California and Nevada

Slashdot - Wed, 22/03/2017 - 9:20pm
An anonymous reader quotes a report from Fortune: Approximately 17,000 workers in AT&T's traditional wired telephone business in California and Nevada walked out on strike on Wednesday, marking the most serious labor action against the carrier in years. The walkout -- formally known as a grievance strike -- occurred after AT&T changed the work assignments of some of the technicians and call center employees in the group, the Communications Workers of America union said. The union would not say how long the strike might last. A contract covering the group expired last year and there has been little progress in negotiations over sticking points like the outsourcing of call center jobs overseas, stagnant pay, and rising health care costs. The union said it planned to file an unfair labor charge with the National Labor Relations Board over the work assignment changes. "A walkout is not in anybody's best interest and it's unfortunate that the union chose to do that," an AT&T spokesman told Fortune. "We're engaged in discussion with the union to get these employees back to work as soon as possible."

Read more of this story at Slashdot.

Grab 'em by the pussy! Trump's lawyers 'send cease-and-desist letters' to a KITTEN website

El Reg - Wed, 22/03/2017 - 9:01pm
Sad!

Lawyers for US President Donald Trump have sent not one, but two cease-and-desist letters to a website featuring his face being pawed by kittens, it is claimed.…

Nintendo Is Repairing Left Joy-Cons With<nobr> <wbr></nobr>... a Piece of Foam?

Slashdot - Wed, 22/03/2017 - 8:40pm
While Nintendo remains silent on the issue of some left Joy-Con controllers becoming desynced from the Switch console, it appears it has a solution for those affected. No, it's not avoidance of aquariums or all other wireless devices; instead, it's apparently as simple as a foam sticker placed in the right spot. From a report: Early reviews and, later, actual retail units of the Nintendo Switch highlighted an apparent hardware flaw in the design of the left Joy-Con controller. In certain scenarios -- like when played some distance from the console using the Joy-Con Grip -- some left Joy-Cons could lose sync and players would find themselves unable to accurately control what's happening on the screen. While a day one console update fixed this issue for some, it's remained for others and Nintendo has done little to assuage would-be consumers that it's solved the issue for good. But, a Joy-Con sent in for repair by CNET's Sean Hollister was returned with one small enhancement a week later and -- lo and behold -- it works. That enhancement: A small piece of conductive foam.

Read more of this story at Slashdot.

It's happening! It's happening! W3C erects DRM as web standard

El Reg - Wed, 22/03/2017 - 8:39pm
World has until April 19 to make its views known on latest draft

The World Wide Web Consortium has formally put forward highly controversial digital rights management as a new web standard.…

Russian mastermind of $500m bank-raiding Citadel coughs to crimes

El Reg - Wed, 22/03/2017 - 8:23pm
Chap's code infected 11m PCs, helped crooks make off with half a billion bucks, say Feds

The Russian programmer who built the bank-acount-raiding Citadel Trojan has admitted his crimes.…

Plans For London-Paris Electric Flight in 'Next Decade' Unveiled

Slashdot - Wed, 22/03/2017 - 8:00pm
A start-up has unveiled ambitious plans to offer an electric-powered commercial flight between London and Paris in the next ten years. From a report: Wright Electric believes the proposed low-emission electric plane would offer a cheaper alternative to jet fuel for airlines and consumers. However, the start-up's bid to revolutionize short-haul flights relies on the continued advancement of battery technology. The company, who pitched to investors this week, would be forced to switch to a hybrid of aviation fuel and electricity if the advances in battery technology fail to materialise.

Read more of this story at Slashdot.

Error prone, insecure, inevitable: Say hello to today's facial recog tech

El Reg - Wed, 22/03/2017 - 7:45pm
If you want a picture of the future, imagine a database with every human visage

Facial recognition technology represents a valuable, and likely inevitable, method of identification for cops and Feds. Unfortunately, it's largely unregulated, error prone, and insecure.…

Malware 'disguised as Siemens software drills into 10 industrial plants'

El Reg - Wed, 22/03/2017 - 7:34pm
Four years of active infection, claims security biz Dragos

Malware posing as legitimate software for Siemens control gear has apparently infected industrial equipment worldwide over the past four years.…

Ebay Asks Users To Downgrade Security

Slashdot - Wed, 22/03/2017 - 7:20pm
Ebay has started to inform customers who use a hardware key fob when logging into the site to switch to receiving a one-time code sent via text message. The move from the company, which at one time was well ahead of most e-commerce companies in providing more robust online authentication options, is "a downgrade to a less-secure option," say security reporter Brian Kerbs. He writes: In early 2007, PayPal (then part of the same company as Ebay) began offering its hardware token for a one-time $5 fee, and at the time the company was among very few that were pushing this second-factor (something you have) in addition to passwords for user authentication. I've still got the same hardware token I ordered when writing about that offering, and it's been working well for the past decade. Now, Ebay is asking me to switch from the key fob to text messages, the latter being a form of authentication that security experts say is less secure than other forms of two-factor authentication (2FA). The move by Ebay comes just months after the National Institute for Standards and Technology (NIST) released a draft of new authentication guidelines that appear to be phasing out the use of SMS-based two-factor authentication.

Read more of this story at Slashdot.

Syndicate content