Sorry, you need to enable JavaScript to visit this website.

Feed aggregator

In the three years since IETF said pervasive monitoring is an attack, what's changed?

El Reg - Tue, 06/12/2016 - 8:02am
IETF Security director Stephen Farrell offers a report card on evolving defences

Feature  After three years of work on making the Internet more secure, the Internet Engineering Task Force (IETF) still faces bottlenecks: ordinary peoples' perception of risk, sysadmins worried about how to manage encrypted networks, and – more even than state snooping – an advertising-heavy 'net business model that relies on collecting as much information as possible.…

Software can be more secure, says NIST, and we think we know how

El Reg - Tue, 06/12/2016 - 7:30am
Standards org's wish-list probably looks a bit like yours

The National Institute of Standards and Technology (NIST) has completed its long-running research into cutting software vulnerabilities and dropped the big envelope into the White House letterbox.…

Standards body warned SMS 2FA is insecure and nobody listened

El Reg - Tue, 06/12/2016 - 7:02am
Duo Security says NIST's advice to deprecate out-of-band passwords has been ignored

The US National Institute of Standards and Technology's (NIST) advice that SMS is a poor way to deliver two factor authentication is having little impact, according to Duo Security.…

Standards body warned SMS 2FA is insecure and nobody listened

El Reg - Tue, 06/12/2016 - 7:02am
Duo Security says NIST's advice to deprecate out-of-band passwords has been ignored

The US National Institute of Standards and Technology's (NIST's) advice that SMS is a poor way to deliver two factor authentication is having little impact, according to Duo Security.…

Facebook Begins Asking Users To Rate Articles' Use of 'Misleading Language'

Slashdot - Tue, 06/12/2016 - 7:00am
Facebook is finally cracking down on the fake news stories that run rampant on its site and many other social media sites across the web. The company is rolling out a new feature in the form of a survey that asks users to rate articles' use of "misleading language." The feedback received will likely help Facebook train its algorithms to better detect misleading headlines. TechCrunch reports: The "Facebook Survey," noticed by Chris Krewson of Philadelphia's Billy Penn, accompanied (for him) a Philadelphia Inquirer article about the firing of a well-known nut vendor for publicly espousing white nationalist views. "To what extent do you think that this link's title uses misleading language?" asks the "survey," which appears directly below the article. Response choices range from "Not at all" to "Completely," though users can also choose to dismiss it or just scroll past. Facebook confirmed to TechCrunch that this is an official effort, though it did not answer several probing questions about how it works, how the data is used and retained, and so on. The company uses surveys somewhat like this to test the general quality of the news feed, and it has used other metrics to attempt to define rules for finding clickbait and fake stories. This appears to be the first direct coupling of those two practices: old parts doing a new job.

Read more of this story at Slashdot.

Apple Watch sales go over a cliff: Down 2.8 meellion per quarter in a year

El Reg - Tue, 06/12/2016 - 6:24am
If a wearable does much more than measure your pulse, it hardly has a pulse

Apple's Watch range sold 1.1m units in 2016's third quarter, a stunning 2.9m fewer than the same quarter in 2015.…

Online advent calendar offers mystery VM every day until Christmas

El Reg - Tue, 06/12/2016 - 6:02am
QEMU serves up festive feast of OS images and oddities like Forth scripts

Here's something fun for Christmas: the folks behind the free and open-source hosted QEMU hypervisor have whipped up an online advent calendar that offers you a new virtual machine to download every day between now and Christmas.…

Printer security is so bad HP Inc will sell you services to fix it

El Reg - Tue, 06/12/2016 - 5:00am
Finally, FINALLY, someone is turning off Telnet and FTP

Printer security is so awful HP Inc is willing to shut off shiny features and throw its own dedicated bodies at the perennial problem.…

Phoronix Test Suite 6.8-Tana Officially Released

Phoronix - Tue, 06/12/2016 - 5:00am
Phoronix Test Suite 6.8.0 is now available as the latest version of our open-source, fully-automated, reproducible benchmarking software for Linux, BSD, Solaris, macOS, Windows, and other operating systems...

Arista CloudVision Portal bug revealed, plus evidence it's been used

El Reg - Tue, 06/12/2016 - 3:56am
You know the drill: face-palm, download, patch, grumble about state of security, relax

Arista customers: if you're running a version of CloudVision Portal (CVP) older than 2016.1.2.1, get an update or risk getting p0wned.…

California State Senator Introduces Bill That Would Mandate Reporting of 'Superbug' Infections, Deaths

Slashdot - Tue, 06/12/2016 - 3:30am
An anonymous reader quotes a report from Reuters: A California state senator introduced a bill on Monday that would mandate reporting of antibiotic-resistant infections and deaths and require doctors to record the infections on death certificates when they are a cause of death. The legislation also aims to establish the nation's most comprehensive statewide surveillance system to track infections and deaths from drug-resistant pathogens. Data from death certificates would be used to help compile an annual state report on superbug infections and related deaths. In September, a Reuters investigation revealed that tens of thousands of superbug deaths nationwide go uncounted every year. The infections are often omitted from death certificates, and even when they are recorded, they aren't counted because of the lack of a unified national surveillance system. Because there is no federal surveillance system, monitoring of superbug infections and deaths falls to the states. A Reuters survey of all 50 state health departments and the District of Columbia found that reporting requirements vary widely. Hill's bill would require hospitals and clinical labs to submit an annual summary of antibiotic-resistant infections to the California Department of Health beginning July 1, 2018; amend a law governing death certificates by requiring that doctors specify on death certificates when a superbug was the leading or a contributing cause of death; and require the state Health Department to publish an annual report on resistant infections and deaths, including data culled from death certificates.

Read more of this story at Slashdot.

Pitivi 0.98 Linux Video Editor Adds Customizable Keyboard Shortcuts

Phoronix - Tue, 06/12/2016 - 3:00am
Version 0.98 of the GNOME-aligned GStreamer-powered Pitivi non-linear video editor was tagged today as the newest development milestone...

1.4bn records from HaveIBeenPwned offered for your analytical pleasure

El Reg - Tue, 06/12/2016 - 2:44am
Troy Hunt's Christmas trove is a splendid gift for security and data nerds

Security researcher Troy Hunt had better hope his anonymisation works: he's decided to offer up most of his “HaveIBeenPwned” data set for other security researchers to analyse.…

NVIDIA's Next Linux Driver Release To Support Vulkan Without X11

Phoronix - Tue, 06/12/2016 - 1:47am
NVIDIA has confirmed that their next proprietary driver update for Linux will introduce support for Vulkan rendering outside of the X.Org Server...

Cassini tickles Saturn's rings ahead of final death plunge

El Reg - Tue, 06/12/2016 - 1:42am
September set for point of no return

The Cassini space probe has begun a series of orbits designed to swing it through the edges of Saturn's ring system.…

Microsoft boffins think VR visions will rival drugs by 2027

El Reg - Tue, 06/12/2016 - 1:39am
No more search boxes, no work benefits, and your social value will be your data trail

Search as people presently know it – a dialog box for typed queries – will vanish in a decade, according to Susan Dumais, distinguished scientist and deputy managing director of Microsoft Research Lab.…

Engineers say safety features got squished out of cramped Samsung Note 7

El Reg - Tue, 06/12/2016 - 1:11am
Overpacked handset was putting too much pressure on battery

A teardown analysis of the Samsung Note 7 claims that the ill-fated phablet was doomed by a design flaw that squeezed its battery pack to unsafe pressure levels.…

Windows 10 'Home Hub' Is Microsoft's Response To Amazon Echo and Google Home

Slashdot - Tue, 06/12/2016 - 1:05am
Microsoft's response to the Amazon Echo and Google Home is Home Hub, a software update for Windows 10's Cortana personal assistant that turns any Windows PC into a smart speaker of sorts. Mashable reports: Microsoft's smart digital assistant Cortana can already answer your queries, even if the PC's screen is locked. The Home Hub is tied to Cortana and takes this a few steps further. It would add a special app with features such as calendar appointments, sticky notes and shopping lists. A Home Hub-enabled PC might have a Welcome Screen, a full-screen app that displays all these, like a virtual fridge door. Multiple users (i.e. family members) could use the Home Hub, either by authenticating through Windows Hello or by working in a family-shared account. Cortana would get more powerful on Home Hub; it could, for example, control smart home devices, such as lights and locks. And even though all of this will work on any Windows 10 device -- potentially making the PC the center of your smart home experience -- third-party manufacturers will be able to build devices that work with Home Hub. You can read Windows Central's massive report here. Do note that Home Hub is not official and individual features could change over time. The update is slated for 2017.

Read more of this story at Slashdot.

Vocus to build Singapore-Australia submarine cable

El Reg - Tue, 06/12/2016 - 12:58am
40Tbps link should see first light in late 2018

Junior telco Vocus has confirmed it will build a submarine cable linking Singapore and Australia, with a stop in the Indonesian capital Jakarta.…

Fake News Prompts Gunman To 'Self-Investigate' Pizza Parlor

Slashdot - Tue, 06/12/2016 - 12:20am
An anonymous reader quotes a report from Ars Technica: A rifle-wielding North Carolina man was arrested Sunday in Washington, DC for carrying his weapon into a pizzeria that sits at the center of the fake news conspiracy theory known as "Pizzagate," authorities said Monday. DC's Metropolitan Police Department said it had arrested 28-year-old Edgar Maddison Welch on allegations of assault with a dangerous weapon. "During a post arrest interview this evening, the suspect revealed that he came to the establishment to self-investigate 'Pizza Gate' (a fictitious online conspiracy theory," the agency said in a statement. "Pizzagate" concerns a baseless conspiracy theory about a secret pedophile group, the Comet Ping Pong restaurant, and Hillary Clinton's campaign chief, John Podesta. The Pizzagate conspiracy names Comet Ping Pong as the secret headquarters of a non-existent child sex-trafficking ring run by Clinton and members of her inner circle. James Alefantis, the restaurant's owner, said he has received hundreds of death threats. According to Buzzfeed, the Pizzagate theory is believed to have been fostered by a white supremacist's tweets, the 4chan message board, Reddit, Donald Trump supporters, and right-wing blogs. The day before Thanksgiving, Reddit banned a "Pizzagate" conspiracy board from the site because of a policy about posting personal information of others. Alefantis, the pizzeria's owner, told CNN, "What happened today demonstrates that promoting false and reckless conspiracy theories comes with consequences. I hope that those involved in fanning these flames will take a moment to contemplate what happened here today, and stop promoting these falsehoods right away."

Read more of this story at Slashdot.