Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
Anonymous Says US Senators Were 'Incorrectly Outed' As KKK Members
Dave Knott writes: Nine names, 23 email addresses and 57 unlabelled phone numbers were published by hackers last weekend as part of an Anonymous-organized effort to "unhood" members of the Ku Klux Klan. There are doubts, however, about the Operation KKK data dump's veracity — and about one file, in particular, that alleges four U.S. senators and five mayors have hate group associations. The questionable data was released on PasteBin by an individual called Amped Attacks, who has now distanced himself from Anonymous, stating "i am not apart of anonymous nor have i ever claimed to be. i am my own man that acts on my own accord. i do however respect #OpKKK." To clarify the situation, Anonymous took to Twitter on Tuesday evening to state that "the twitter account that released the pastebin with the government officials that are clearly not KKK". Meanwhile, the Anonymous members behind Operation KKK say that "the actual release for Operation KKK will be 5 Nov." This is of course a date that has no small significance for Anonymous. -
Vivaldi Hits Its First Beta (vivaldi.com)
An anonymous reader writes: Following well over 50 developer snapshots and 4 technical previews (Alpha), the new browser upstart has hit its first Beta release today. Following almost a year of work on alpha, Vivaldi is coming out with many unique features such as tab stacking and tiling, notes, and quick commands for navigating and feature use. Other features are in the works, such as sync and built-in mail client that will be introduced when they hit a more stable state. It's a refreshing take on the browser: as many others are diverging to a common design template, Vivaldi is taking a more feature-rich and customization-heavy approach. (We linked to a hands-on report about Vivaldi earlier this year, too.) -
Internet Firms To Be Banned From Offering Unbreakable Encryption Under New UK Laws (telegraph.co.uk)
Retron writes: Despite statements from the minister for internet safety and security Baroness Shields last week that the UK government would not require software developers to build backdoors into their products, the Telegraph is reporting that the UK Government is going to ban companies from offering 'unbreakable' encryption, effectively requiring a backdoor in products from the likes of Google and Apple. The reasons given are that they don't want the likes of terrorists and paedophiles to communicate in places the Police can't reach. A Home Office spokesman said: “The Government is clear we need to find a way to work with industry as technology develops to ensure that, with clear oversight and a robust legal framework, the police and intelligence agencies can access the content of communications of terrorists and criminals in order to resolve police investigations and prevent criminal acts." -
NASA Eagleworks Has Tested an Upgraded EM Drive
An anonymous reader writes: A team of researchers at NASA's Eagleworks Laboratories recently completed yet another round of testing on Engineer Roger Shawyer's controversial EM Drive. While no peer reviewed paper has been published yet, engineer Paul March posted to the NASA Spaceflight forum to explain the group's findings. From the article: "In essence, by utilizing an improved experimental procedure, the team managed to mitigate some of the errors from prior tests — yet still found signals of unexplained thrust." -
Book Review: the Network Security Test Lab: a Step-by-Step Guide
benrothke writes: It wasn't that long ago that building a full network security test lab was an expensive prospect. In The Network Security Test Lab: A Step-by-Step Guide, author Michael Gregg has written a helpful hands-on guide to provide the reader with an economical method to do that. The book is a step-by-step guide on how to create a security network lab, and how to use some of the most popular security and hacking tools. Read below for the rest of Ben's review. The Network Security Test Lab: A Step-by-Step Guide author Michael Gregg pages 480 publisher Wiley rating 9/10 reviewer Ben Rothk ISBN 978-1118987056 summary Good reference to use to build out home test lab for information security The book is a straightforward guide that will help the reader in their quest to master the art of effective use of security and hacking tools. The reader that can put in the time and plow through the 400 pages will certainly come out with a strong understanding of how to run the most common set of popular security tools.
The book is written for the reader on the budget. In the introduction, Gregg writes how one can easily find inexpensive networking equipment at budget prices on eBay. While brand new hardware devices can cost in the thousands; one can find Cisco Catalyst switches, and Nokia IP and Check Point firewalls for under $50. Combined with his emphasis on open source software and tools, this is a most practical reference for those looking to increase their security skills without breaking the bank.
The Network Security Test Lab is meant for the reader with a strong technical background looking to gain experience with network security and related security tools. Other similar books will often waste paper and the reader's time by devoting the first 50 to 100 pages with unwanted introductory text. This book hits the ground running and by page 100, the reader is already analyzing network packets with Wireshark.
As to Wireshark, the book references often. The books online site includes 6 pcap files that can be downloaded and used by the tool in order to analyze various attacks.
The book provides a good balance of coverage between Windows and Linux, and details the use of the many tools for each operating system. Each chapter ends with a series of exercises which can be used to help the reader put the information covered into practice. Those looking to gain experience on a wide variety of tools will enjoy the book. It covers a wide-range of tools and utilities.
The Network Security Test Lab is in the same genre as books such as Hacking Exposed 7: Network Security Secrets and Solutions. The difference is that Hacking Exposed focuses more on the tools, while this book shows the reader how to build a lab to mimic a real world environment. In addition, this book focuses a bit more on using a holistic approach to creating a secure network, as opposed to just hacking in.
In the effort to make the test lab as inexpensive to build as possible, the book places on emphasis on using virtualization. The book focuses on using the VMware Player; a free virtualization software toolkit for Linux and Windows.
The book is a straightforward read for the serious reader. Those willing to put in the effort and the time, to learn through the various tools will find The Network Security Test Lab: A Step-by-Step Guide a great resource in which to build and develop their information security skills.
Reviewed by Ben Rothke.
You can purchase The Network Security Test Lab: A Step-by-Step Guide from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know. -
Book Review: the Network Security Test Lab: a Step-by-Step Guide
benrothke writes: It wasn't that long ago that building a full network security test lab was an expensive prospect. In The Network Security Test Lab: A Step-by-Step Guide, author Michael Gregg has written a helpful hands-on guide to provide the reader with an economical method to do that. The book is a step-by-step guide on how to create a security network lab, and how to use some of the most popular security and hacking tools. Read below for the rest of Ben's review. The Network Security Test Lab: A Step-by-Step Guide author Michael Gregg pages 480 publisher Wiley rating 9/10 reviewer Ben Rothk ISBN 978-1118987056 summary Good reference to use to build out home test lab for information security The book is a straightforward guide that will help the reader in their quest to master the art of effective use of security and hacking tools. The reader that can put in the time and plow through the 400 pages will certainly come out with a strong understanding of how to run the most common set of popular security tools.
The book is written for the reader on the budget. In the introduction, Gregg writes how one can easily find inexpensive networking equipment at budget prices on eBay. While brand new hardware devices can cost in the thousands; one can find Cisco Catalyst switches, and Nokia IP and Check Point firewalls for under $50. Combined with his emphasis on open source software and tools, this is a most practical reference for those looking to increase their security skills without breaking the bank.
The Network Security Test Lab is meant for the reader with a strong technical background looking to gain experience with network security and related security tools. Other similar books will often waste paper and the reader's time by devoting the first 50 to 100 pages with unwanted introductory text. This book hits the ground running and by page 100, the reader is already analyzing network packets with Wireshark.
As to Wireshark, the book references often. The books online site includes 6 pcap files that can be downloaded and used by the tool in order to analyze various attacks.
The book provides a good balance of coverage between Windows and Linux, and details the use of the many tools for each operating system. Each chapter ends with a series of exercises which can be used to help the reader put the information covered into practice. Those looking to gain experience on a wide variety of tools will enjoy the book. It covers a wide-range of tools and utilities.
The Network Security Test Lab is in the same genre as books such as Hacking Exposed 7: Network Security Secrets and Solutions. The difference is that Hacking Exposed focuses more on the tools, while this book shows the reader how to build a lab to mimic a real world environment. In addition, this book focuses a bit more on using a holistic approach to creating a secure network, as opposed to just hacking in.
In the effort to make the test lab as inexpensive to build as possible, the book places on emphasis on using virtualization. The book focuses on using the VMware Player; a free virtualization software toolkit for Linux and Windows.
The book is a straightforward read for the serious reader. Those willing to put in the effort and the time, to learn through the various tools will find The Network Security Test Lab: A Step-by-Step Guide a great resource in which to build and develop their information security skills.
Reviewed by Ben Rothke.
You can purchase The Network Security Test Lab: A Step-by-Step Guide from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know. -
The Rise of Political Doxing (schneier.com)
An anonymous reader writes: Security guru Bruce Schneier predicts a new trend in hacking: political doxing. He points to the recent hack of CIA director Jack Brennan's personal email account and notes that it marks a shift in the purpose of email hacking: "Here, the attacker had a more political motive. He wasn't out to intimidate Brennan; he simply wanted to embarrass him. His personal papers were dumped indiscriminately, fodder for an eager press." Schneier continues, "As people realize what an effective attack this can be, and how an individual can use the tactic to do considerable damage to powerful people and institutions, we're going to see a lot more of it. ... In the end, doxing is a tactic that the powerless can effectively use against the powerful." -
Could Go Community's Threat of Public Shaming, Lifetime Bans Make Go a No-Go?
theodp writes: At first glance, the proposal for A Code of Conduct for the Go Community (attributed to Google's Andrew Gerrand) seems reasonable enough. How can you argue with the goal of treating everyone with respect and kindness? But the Devil is in the detail, and the proposed Code notes there soon could be consequences for calling someone an "idiot" or saying something is "so simple even my grandma could understand it" (the latter "marginalises women and the elderly by implying that something need be simple for an old woman to understand it"). And the punishment meted out by the Go Code of Conduct Working Group to those who find themselves on the receiving end of an anonymous complaint could be anything from nothing to "a request for a private or public apology, a private reprimand from the working group to the individual(s) involved, a public reprimand, an imposed vacation (for instance, asking someone to 'take a week off' from a mailing list or IRC), or a permanent or temporary ban from some or all Go spaces (mailing lists, IRC, etc.)." And no, this doesn't appear to be a goof. So, might individuals and companies think twice about embracing a programming language whose community's Code of Conduct threatens to ruin reputations and ban people from technical support resources for life? Too late to get this added to the list of questions for Alan Donovan and Brian Kernighan? -
Botnet Takes Over Twitch Install and Partially Installs Gentoo
WarJolt writes: The plug was pulled on the attempt to crowd-source an Arch Linux install after a botnet threatened to take over the process. Twitch Installs has been rebooted by the twitchintheshell community and Twitch Installs users managed to reinstall Arch only to be thwarted by the botnet. The botnet managed to partially install Gentoo. Users are currently in the process of reinstalling Arch. -
Linux 4.3 Released As Stable; Improves On Open-Source Graphics, SMP Performance (lkml.org)
An anonymous reader writes: The Linux 4.3 kernel was released as stable today. The Linux 4.3 kernel brings Intel Skylake support, reworked NVIDIA open-source graphics support, and many other changes with the code count hitting 20.6 million lines of code. -
Real-World Roadblocks To Implementing CISA
An anonymous reader writes: The recent approval of CISA (the Cybersecurity Information Sharing Act) by the US Congress and Senate is paving the way for broader security collaboration. If and when CISA is ratified into law, the chief obstacles to cybersecurity collaboration within the private sector will remain. CISA promotes sharing – but when dealing with cyber threat data companies are also concerned about other mandates which may govern the information being shared. These include anti-trust, privacy, sectorial directives and data protection regulations that affect many multi-national organizations. -
EFF Asks Appeals Court To "Shut Down the Eastern District of Texas" (arstechnica.com)
An anonymous reader writes: The Electronic Frontier Foundation and Public Knowledge have asked a federal appeals court to make big changes to the rules governing venue in patent cases. The two public interest groups are seeking to file an amicus brief (PDF) which attacks the Eastern District of Texas as being one of the "most notorious situations of forum shopping in recent history." This district has made quite a few appearances on Slashdot; this is one of my favorites. -
Amazon Follows Through: Drops Apple TV, Chromecast
Hot Hardware notes that Amazon has stopped selling two pieces of hardware -- Apple TV and Google's Chromecast -- that compete with Amazon's own streaming business. (They promised to drop them a while back; not everyone though they actually would.) From the article: While some have likened this move to being anti-competitive, it's hard to grasp whether the legal system would agree. Amazon's defense is that since these devices don't support Prime Video, it doesn't want to sell products to its customers and have them assume that they will." -
UK Police Make Third Arrest Over TalkTalk Cyber Attack (reuters.com)
An anonymous reader writes: British police have made a third arrest in connection with a cyber attack this month on telecoms company TalkTalk, in which the company said bank details of more than 20,000 customers were hacked. We mentioned the first of the three arrests on Monday; a second arrest took place Thursday, as related by Ars Technica, of a 16-year-old from west London. The latest arrest is of a 20-year-old from Staffordshire. -
Finland Begins To Shape Basic Income Proposal (yle.fi)
jones_supa writes: The Finnish social insurance institution is to begin drawing up plans for a citizens' basic income model. If eventually deployed after an experimental phase, the model could revolutionize the Finnish social welfare system. Under basic income all citizens would be paid a taxless benefit sum free of charge by the government. The proposal's director Olli Kangas says that the model would see Finns being paid some 800 euros a month in its full form, 550 euros monthly in the model's pilot phase. The full-fledged form of the model would make some earnings-based benefits obsolete, but in the partial pilot format benefits would not be affected, and housing and income support would remain as separate packages. We first mentioned this plan a few months ago, and at the start of the year touched on a program that tied a basic income program with the Fimkrypto cryptocurrency. -
Finland Begins To Shape Basic Income Proposal (yle.fi)
jones_supa writes: The Finnish social insurance institution is to begin drawing up plans for a citizens' basic income model. If eventually deployed after an experimental phase, the model could revolutionize the Finnish social welfare system. Under basic income all citizens would be paid a taxless benefit sum free of charge by the government. The proposal's director Olli Kangas says that the model would see Finns being paid some 800 euros a month in its full form, 550 euros monthly in the model's pilot phase. The full-fledged form of the model would make some earnings-based benefits obsolete, but in the partial pilot format benefits would not be affected, and housing and income support would remain as separate packages. We first mentioned this plan a few months ago, and at the start of the year touched on a program that tied a basic income program with the Fimkrypto cryptocurrency. -
Ask Slashdot: Securing a Journalist's Laptop Against a Police Search?
Bruce66423 writes: In the light of the British police's seizure of a BBC laptop what is the right configuration and practices to ensure that such a seizure provides zero information to the cops? This post from Thursday might be a good place for some ideas, but that one's expressly about securing a Chromebook; what would you advise for securing a more conventional laptop? (Or desktop, for that matter.) -
Getting Small: Modular Data Center Designs Play Large Role In Edge Growth (datacenterfrontier.com)
1sockchuck writes: After years of focus on hyperscale server farms, there's new demand for data centers to serve edge content and the service provider market in smaller cities. How do you match the size of the data center to the demand profile of smaller markets? Pre-fabricated data center designs are playing a key role, deploying server space in smaller, digestible chunks. This avoids the overbuilding that led to the data center glut during the dot-com boom, but also allows customers to expand gradually. But the "data center in a box" has evolved since the Sun Blackbox, and now includes a focus on factory-built power rooms and lean construction of data halls, as well as the evolving designs for containerized solutions. -
SXSW Reinstates Panels On Harassment, Adds All-Day Harassment Summit (arstechnica.com)
An anonymous reader writes: On Tuesday, the South by Southwest Festival announced that it had canceled a pair of panels about online harassment after receiving threats involving them. The cancellation generated a massive outcry, including threats from media organizations to withdraw their support for the festival. Now, SXSW has announced that they're reinstating the panels as part of an all-day summit dedicated to talking about online harassment. They said, "By canceling two sessions we sent an unintended message that SXSW not only tolerates online harassment but condones it, and for that we are truly sorry. The resulting feedback from the individuals involved and the community-at-large resonated loud and clear. While we made the decision in the interest of safety for all of our attendees, canceling sessions was not an appropriate response." They've scheduled more than two dozen speakers for the event, and they plan to stream it live online. "Online harassment is a serious matter and we stand firmly against hate speech and cyber-bullying. It is a menace that has often resulted in real world violence; the spread of discrimination; increased mental health issues and self-inflicted physical harm." -
Junkyard Owner Saves Lunar Rover Prototype (vice.com)
An anonymous reader writes: On Tuesday, Slashdot users learned that a man in Alabama sold a lunar rover prototype for scrap metal. We now learn that the junkyard owner has saved this important piece of scientific history. The man claims that, upon receiving the prototype at his scrap facility, he set it aside because he knew exactly what it was. -
Batman Demands 12GB RAM For Windows 10 (steamcommunity.com)
An anonymous reader writes: Back in June, Warner Brothers removed Batman: Arkham Knight from sale after a lot of graphics and performance issues found on the PC version. Now, after spending five months trying to fix this mess, Rocksteady and Warner Bros re-released the game on Steam with some free Batman titles for those who acquired the launch edition. However, Warner Bros noted there are still a few caveats with Windows 10 users recommended to have 12GB of RAM to avoid paging issues: "For Windows 10 users, we've found that having at least 12GB of system RAM on a PC allows the game to operate without paging and provides a smoother gameplay experience." Some initial tests show no performance gains on the re-released version. Warner Bros claims that it's still working closely with its GPU partners in order to enable SLI/Crossfire for the game. -
Open-Source GPU Drivers Show Less Than Ideal Experience For SteamOS/Linux Gaming (phoronix.com)
An anonymous reader writes: Phoronix's recent 22-Way SteamOS Graphics Card Comparison showed that NVIDIA wins across the board when it comes to closed-source OpenGL driver performance. However, when it comes to the open-source driver performance for Steam Linux gaming, no one is really the winner. A new article, "Are The Open-Source Graphics Drivers Good Enough For Steam Linux Gaming?" answers that question with "heck no" by its author. While AMD is generally regarded as having better open-source support, their newer graphics cards still can't run at their rated clock frequencies due to lack of power management support, the lack of enough OpenGL 4.x support means many AAA Linux games simply cannot run yet, not enough QA means regressions are common, and other issues were noted when it comes to testing a number of modern graphics cards on the open-source drivers. -
Revisiting the Infamous Sony BMG Rootkit Scandal 10 Years Later (networkworld.com)
alphadogg writes: Hackers really have had their way with Sony over the past year, taking down its Playstation Network last Christmas Day and creating an international incident by exposing confidential data from Sony Pictures Entertainment in response to The Interview. Some say all this is karmic payback for what's become known as a seminal moment in malware history: Sony BMG sneaking rootkits into music CDs 10 years ago in the name of digital rights management. 'In a sense, it was the first thing Sony did that made hackers love to hate them,' says Bruce Schneier, CTO for Resilient Systems. Sony's scheme was revealed on Halloween of 2005, and was followed by a botched response, issuing and reissuing of rootkit removal tools, and lawsuits. There are object lessons from the incident which are relevant today. -
Revisiting the Infamous Sony BMG Rootkit Scandal 10 Years Later (networkworld.com)
alphadogg writes: Hackers really have had their way with Sony over the past year, taking down its Playstation Network last Christmas Day and creating an international incident by exposing confidential data from Sony Pictures Entertainment in response to The Interview. Some say all this is karmic payback for what's become known as a seminal moment in malware history: Sony BMG sneaking rootkits into music CDs 10 years ago in the name of digital rights management. 'In a sense, it was the first thing Sony did that made hackers love to hate them,' says Bruce Schneier, CTO for Resilient Systems. Sony's scheme was revealed on Halloween of 2005, and was followed by a botched response, issuing and reissuing of rootkit removal tools, and lawsuits. There are object lessons from the incident which are relevant today. -
Interviews: Ask Alan Donovan and Brian Kernighan About Programming and Go
Alan Donovan is a member of Google’s Go team in New York and holds computer science degrees from Cambridge and MIT. Since 2005, he has worked at Google on infrastructure projects and was the co-designer of its proprietary build system, Blaze. Brian Kernighan is a professor in the Computer Science Department at Princeton University. He was a member of technical staff in the Computing Science Research Center at Bell Labs, where he worked on languages and tools for Unix. He is the co-author of several books, including The C Programming Language, and The Practice of Programming. Recently, the pair have co-authored a soon to be released book titled The Go Programming Language. Alan and Brian have agreed to give us some of their time to answer any questions you may have about the upcoming book, Go, and programming in general. Ask as many questions as you'd like, but please keep them to one per post. -
Australian PLAID Crypto, ISO Conspiracies, and German Tanks
New submitter Gaglia writes: PLAID, the Australian 'unbreakable' smart card identification protocol has been recently analyzed in this scientific paper (disclaimer: I am one of the authors, and this is a personal statement.)
Technically, the protocol is a disaster. In addition to many questionable design choices, we found ways for tracing user identities and recover card access capabilities. The attacks are efficient (few seconds on 'home' hardware in some cases), and involve funny techniques such as RSA moduli fingerprinting and... German tanks. See this entry on Matt Green's crypto blog for a pleasant-to-read explanation.
But the story behind PLAID's standardization is possibly even more disturbing. PLAID was pushed into ISO with a so-called "fast track" procedure. Technical loopholes made it possible to cut off from any discussion the ISO groups responsible for crypto and security analysis. Concerns from tech-savvy experts in the other national panels were dismissed or ignored. We contacted ISO and CERT Australia before going public with our paper, but all we got was a questionable and somewhat irate response (PDF) by PLAID's project editor (our reply here). Despite every possible evidence of bad design, PLAID is now approved as ISO standard, and is coming to you very soon inside security products which will advertise non-existing privacy capabilities.
The detailed story of PLAID in the paper is worth a read, and casts many doubts on the efficacy of the most important standardizing body in the world. It is interesting to see how a "cryptography" product can be approved at ISO without undergoing any real security scrutiny.
On a related note, the enthusiastic comments to PLAID's design made by a few readers in the old Slashdot story reminds us as a cautionary tale that you need cryptographers to assess the security of cryptography. Quoting Bruce Schneier: amateurs produce amateur cryptography. -
$70k Salaries Didn't 'Backfire'; Gravity Payments' Profits Have Doubled (inc.com)
AmiMoJo writes: In April, Dan Price, CEO of the credit card payment processor Gravity Payments, announced that he will eventually raise minimum pay for all employees to at least $70,000 a year. The move sparked not just a firestorm of media attention, but also a lawsuit from Price's brother and co-founder Lucas, claiming that the pay raise violated his rights as a minority shareholder. But six months later, the financial results are starting to come in: Price told Inc. Magazine that revenue is now growing at double the rate before the raises began and profits have also doubled since then. On top of that, while it lost a few customers in the kerfuffle, the company's customer retention rate rose from 91 to 95 percent, and only two employees quit. Two weeks after he made the initial announcement, the company was flooded with 4,500 resumes and new customer inquiries jumped from 30 a month to 2,000 a month. -
Immersion Cooling Drives Server Power Densities To Insane New Heights (datacenterfrontier.com)
1sockchuck writes: By immersing IT equipment in liquid coolant, a new data center is reaching extreme power densities of 250 kW per enclosure. At 40 megawatts, the data center is also taking immersion cooling to an entirely new scale, building on a much smaller proof-of-concept from a Hong Kong skyscraper. The facility is being built by Bitcoin specialist BitFury and reflects how the harsh economics of industrial mining have prompted cryptocurrency firms to focus on data center design to cut costs and boost power. But this type of radical energy efficiency may soon be key to America's effort to build an exascale computer and the increasingly extreme data-crunching requirements for cloud and analytics. -
MAME Emulating a Sonic the Hedgehog Popcorn Machine (polygon.com)
New submitter AmericaCounterweight writes: Polygon is reporting that the MAME development team has unearthed and emulated one of the most obscure pieces of Sonic heritage: a popcorn machine. MAME developer David Haywood reports that contributors "purchased the PCB for another novelty Sonic item, this time a SegaSonic Popcorn Shop, a popcorn dispenser machine with a video display. It runs on the Sega C2 board (Genesis type hardware)." This follows news from earlier this year that the MAME team would be switching to a true Open Source license for the project and concentrating on more than just arcade games. MAME project coordinator Miodrag Milanovic also recently appeared at the BalCCon2k15 event to speak about MAME, the current direction of the project, and software preservation. -
Open Source Code Isn't a Warranty (opensource.com)
An anonymous reader writes: Automotive software issues such as the Jeep hack and Volkswagen cheating on emissions tests have made headlines this year, which means the public is thinking about software in cars like never before. Some experts have argued that mandating that such software be open source is a solution to the problem. In an article on Opensource.com, Ben Cotton writes that although there are definite benefits to public scrutiny of the software, code visibility alone is no guarantee. It's an important thing to bear in mind, because "Open, therefore secure" is an easy straw man to knock down. -
When Does School Life Begin? Zuckerberg's New School To Admit Fetuses
theodp writes: Facebook CEO Mark Zuckerberg and his wife Priscilla Chan's latest initiative to tackle educational inequity is The Primary School, a "private, non-profit school" which will eventually provide both free education and free healthcare for 700 low-income students from the Palo Alto area. "In addition to early childhood and K-12 education," Zuckerberg explained in a Facebook post, "The Primary School will also provide prenatal support for families and on-site healthcare for children. By bringing healthcare and education together in one place, the goal is to support families and help children from underserved communities reach their full potential." A job listing for Assistant Teachers notes that "the school will admit students at or before birth." Zuckerberg joins other Silicon Valley luminaries like Elon Musk and Sal Khan in what Wired calls The Tech Elite's Quest to Reinvent School in Its Own Image. -
Chase and MasterCard Jump Into Mobile Payments (itworld.com)
itwbennett writes: JP Morgan Chase said Monday that it plans to launch its own smartphone payment platform in mid-2016. 'Chase Pay will be based on CurrentC, a retailer-led mobile payment system that has largely been written off by Silicon Valley techies for its reliance on barcodes rather than the more sophisticated NFC (near-field communications) technology adopted by its competitors,' writes Martyn Williams. CurrentC, and therefore Chase Pay, is compatible with a much larger number of smartphones than the rival services from Apple, Google and Samsung. Meanwhile, MasterCard announced a program that aims to turn any type of gadget into a payment device, from car keys to fitness trackers. -
Judge: Defendant 'Had a Right' To Shoot Down Drone (wdrb.com)
EzInKy writes: Back in July, Kentucky resident William Merideth was arrested after he shot down a drone flying near his property. The arrest wasn't because of the destroyed drone, but because Merideth fired a gun within the city limits. Now, after a two-hour hearing in Bullitt District Court, a judge has dismissed all charges against Merideth. The owner of the drone, David Boggs, has always contested Merideth's claim that it was hovering over his yard. "But Judge Rebecca Ward says that since at least two witnesses could see the drone below the tree line, it was an invasion of privacy." Ward further said that Merideth "had a right to shoot at this drone." -
Despite $30M Tech Push, Half of US States Had Fewer Than 300 AP CS Test Takers
theodp writes: As President Obama was 'taught to code' last December, Politico reported that the $30 million tech-financed campaign to promote computer science education was a smash success. And indeed it has been, at least from a PR standpoint. But Code.org and its backers have long spun AP Computer Science test metrics as a true barometer of CS education success, and from that standpoint, things don't look quite so rosy. The College Board raved about "massive gains in AP Computer Science participation (25% growth) AND scores" in a June tweetstorm and at its July conference, where AP CS was declared the '2015 AP Subject of the Year.' But a look at the recently-released detail on 2015 AP CS scores shows wide differences in adoption and success along gender and ethnicity lines (Asian boys and girls, in particular, set themselves apart from other groups with 70%+ pass rates). And, for all the praise the NSF lavished on Code.org for 'its amazing marketing prowess', half of the states still had fewer than 300 AP CS test takers in 2015, and ten states actually saw year-over-year declines in the number of test takers (if my math is correct — scraped data, VBA code here). -
Despite $30M Tech Push, Half of US States Had Fewer Than 300 AP CS Test Takers
theodp writes: As President Obama was 'taught to code' last December, Politico reported that the $30 million tech-financed campaign to promote computer science education was a smash success. And indeed it has been, at least from a PR standpoint. But Code.org and its backers have long spun AP Computer Science test metrics as a true barometer of CS education success, and from that standpoint, things don't look quite so rosy. The College Board raved about "massive gains in AP Computer Science participation (25% growth) AND scores" in a June tweetstorm and at its July conference, where AP CS was declared the '2015 AP Subject of the Year.' But a look at the recently-released detail on 2015 AP CS scores shows wide differences in adoption and success along gender and ethnicity lines (Asian boys and girls, in particular, set themselves apart from other groups with 70%+ pass rates). And, for all the praise the NSF lavished on Code.org for 'its amazing marketing prowess', half of the states still had fewer than 300 AP CS test takers in 2015, and ten states actually saw year-over-year declines in the number of test takers (if my math is correct — scraped data, VBA code here). -
Drug Firm Offers $1 Version of $750 Daraprim Pill (chicagotribune.com)
An anonymous reader writes: We recently read about a U.S. company that bought the rights to a drug called Daraprim and then boosted the price over 5,000%. There was widespread outrage over this blatant price gouging, most of it focused on hedge fund manager Martin Shkreli. Now, a San Diego-based drug company called Imprimis has stepped in to fill the void. They announced that they'll be supplying capsules containing the same active ingredients in Daraprim for $1 per dose. Their CEO, Mark Baum, said they'll also start making alternative versions of other generic medicines that have skyrocketed in price lately. "Imprimis, which primarily makes compounded drugs to treat cataracts and urological conditions, will work with health insurers and prescription benefit managers in each state to make its new capsules and other compounded generic medicines widely available, Baum said." -
Do Not Call 911! The Life and Death of an Amazon Warehouse Temp (huffingtonpost.com)
theodp writes: Earlier this week, Amazon sicced former White House Press Secretary Jay Carney on the NY Times and the ex-Amazon employees that were interviewed for the NYT's brutal August 2015 article about Amazon's white-collar workplace culture. So, one can hardly wait to see how Amazon and Carney will respond to The Life and Death of an Amazon Warehouse Temp, Dave Jamieson's epic new HuffPo piece on what the future of low-wage work really looks like. Jamieson tells the heartbreaking tale of Jeff Lockhart Jr., who through some workforce sleight-of-hand was working-at-Amazon-but-not-entitled-to-Amazon-benefits when he met his maker after he collapsed in aisle A-215 of Amazon's Chester, VA fulfillment center and laid unconscious beneath shelves stocked with Tupperware and heating pads.
Lockhart, whose white work badge distinguished him as a member of the Integrity Staffing Solutions temp worker caste as opposed to a blue-badged Amazon employee (Google yellow-badged its benefits-less temp workers), sadly left behind a wife and three kids, the oldest of which is legally blind. Jamieson writes, "Whoever found Jeff on the third floor apparently alerted Amcare, Amazon's in-house medical team, which is staffed with EMTs and other medical personnel. In the event of a health issue, Amazon instructs workers to notify security before calling emergency services. An employee brochure from a facility in Tennessee, obtained through a public records request, reads: 'In the event of a medical emergency, contact Security. Do Not call 911! Tell Security the nature of the medical emergency and location. Security and/or Amcare will provide emergency response.'" If you're pressed for reading time, Salon's Scott Timberg has a nice TL;DR recap. -
Mozilla Giving $1 Million To Open Source Projects It Relies On (mozilla.org)
An anonymous reader writes: Mozilla has been a big part of the open source community for a long time, and their main projects rely heavily on independent open source work. They've now announced the Mozilla Open Source Support program, which aims to give back to the projects they rely on, and to also reward other projects that make the community stronger. Mozilla has allocated $1 million to award to these projects — to start. This appears to be Mozilla's efforts to fix a problem we've become painfully aware over the past year and a half: huge portions of the modern web rely on critical bits of open source software whose developers have minimal resources. The company has already begun to compile a list of the projects they rely on. Hopefully it will inspire other organizations to support the open source software projects they rely on as well. -
Hands-On WIth Dell's 4K Infinity Edge-Equipped Laptops (hothardware.com)
MojoKid writes: Dell's 2015 version of the XPS 13, the company's 13-inch premium ultrabook, is arguably one of the most acclaimed laptops of the year, with its "Infinity Edge" display that comes in resolutions from 1080p up to UHD 4K, with almost no bezel, and a carbon fiber composite chassis design with a machined aluminum lid. Based on the product's success in the market, Dell recently announced they were bringing the design approach and 4K Infinity Edge display to both their XPS 15 consumer based ultrabooks as well as their Precision 15 professional line up. At Dell World 2015 this week Austin, the company had both 15-inch versions on display for demos and this quick hands on shows just how compact and well-built the machines are, though they're also now refreshed with Intel Skylake processors and PCIe NVMe SSDs. -
In Turnabout, SunTrust Removes Contentious Severance Clause (computerworld.com)
dcblogs writes: SunTrust has removed a controversial severance clause requiring laid-off employees to be 'reasonably available' to help without pay during the two years after their employment ends, the bank said today. The severance agreements received by employees included a "continuing cooperation" clause requiring each worker "to make myself reasonably available to SunTrust regarding matters in which I have been involved in the course my employment with SunTrust and/or about which I have knowledge as a result of my employment with SunTrust." Bank IT employees believed this broadly worded clause was essentially an on-call provision, requiring them to provide technical help as needed without additional pay. The bank disputed that interpretation, and said the intent was to limit such help to legal matters. The bank, in a statement released late Friday morning, had a change of heart, and said it would be removed from the severance agreements. -
Google, Facebook, Microsoft Deliver K-12 CS Demands To Congress (politico.com)
theodp writes: Politico reports that just one day after Facebook launched TechPrep, a highly-publicized initiative to attract more minorities and women to coding, Google, Facebook, Microsoft, and Code.org quietly sent a letter to top education lawmakers in the House and Senate insisting that computer science "must" be added to the list of "core academic subjects" and states be given resources to improve STEM education programs. "Computer science is marginalized throughout K-12 education," reads the letter. "We need to improve access for all students, particularly groups who have traditionally been underrepresented." Echoing the last point at this month's Grace Hopper Women in Computer Celebration, YouTube CEO Susan Wojcicki called for mandatory computer science in schools, suggesting that boys — like her own son — are monopolizing the family computer across America, leaving girls — like her own daughter — out of the conversation when it comes to technology (video @38:33). The new round of hand-wringing comes as tech companies face the deadline for filing their 2015 EEO-1 surveys and seek more tech-friendly U.S. visa and OPT STEM policies, so it's probably worth remembering that Microsoft proposed tech could turn workforce diversity lemons into H-1B visa lemonade by connecting tech immigration to K-12 CS education. -
Google, Facebook, Microsoft Deliver K-12 CS Demands To Congress (politico.com)
theodp writes: Politico reports that just one day after Facebook launched TechPrep, a highly-publicized initiative to attract more minorities and women to coding, Google, Facebook, Microsoft, and Code.org quietly sent a letter to top education lawmakers in the House and Senate insisting that computer science "must" be added to the list of "core academic subjects" and states be given resources to improve STEM education programs. "Computer science is marginalized throughout K-12 education," reads the letter. "We need to improve access for all students, particularly groups who have traditionally been underrepresented." Echoing the last point at this month's Grace Hopper Women in Computer Celebration, YouTube CEO Susan Wojcicki called for mandatory computer science in schools, suggesting that boys — like her own son — are monopolizing the family computer across America, leaving girls — like her own daughter — out of the conversation when it comes to technology (video @38:33). The new round of hand-wringing comes as tech companies face the deadline for filing their 2015 EEO-1 surveys and seek more tech-friendly U.S. visa and OPT STEM policies, so it's probably worth remembering that Microsoft proposed tech could turn workforce diversity lemons into H-1B visa lemonade by connecting tech immigration to K-12 CS education. -
Google, Facebook, Microsoft Deliver K-12 CS Demands To Congress (politico.com)
theodp writes: Politico reports that just one day after Facebook launched TechPrep, a highly-publicized initiative to attract more minorities and women to coding, Google, Facebook, Microsoft, and Code.org quietly sent a letter to top education lawmakers in the House and Senate insisting that computer science "must" be added to the list of "core academic subjects" and states be given resources to improve STEM education programs. "Computer science is marginalized throughout K-12 education," reads the letter. "We need to improve access for all students, particularly groups who have traditionally been underrepresented." Echoing the last point at this month's Grace Hopper Women in Computer Celebration, YouTube CEO Susan Wojcicki called for mandatory computer science in schools, suggesting that boys — like her own son — are monopolizing the family computer across America, leaving girls — like her own daughter — out of the conversation when it comes to technology (video @38:33). The new round of hand-wringing comes as tech companies face the deadline for filing their 2015 EEO-1 surveys and seek more tech-friendly U.S. visa and OPT STEM policies, so it's probably worth remembering that Microsoft proposed tech could turn workforce diversity lemons into H-1B visa lemonade by connecting tech immigration to K-12 CS education. -
Google, Facebook, Microsoft Deliver K-12 CS Demands To Congress (politico.com)
theodp writes: Politico reports that just one day after Facebook launched TechPrep, a highly-publicized initiative to attract more minorities and women to coding, Google, Facebook, Microsoft, and Code.org quietly sent a letter to top education lawmakers in the House and Senate insisting that computer science "must" be added to the list of "core academic subjects" and states be given resources to improve STEM education programs. "Computer science is marginalized throughout K-12 education," reads the letter. "We need to improve access for all students, particularly groups who have traditionally been underrepresented." Echoing the last point at this month's Grace Hopper Women in Computer Celebration, YouTube CEO Susan Wojcicki called for mandatory computer science in schools, suggesting that boys — like her own son — are monopolizing the family computer across America, leaving girls — like her own daughter — out of the conversation when it comes to technology (video @38:33). The new round of hand-wringing comes as tech companies face the deadline for filing their 2015 EEO-1 surveys and seek more tech-friendly U.S. visa and OPT STEM policies, so it's probably worth remembering that Microsoft proposed tech could turn workforce diversity lemons into H-1B visa lemonade by connecting tech immigration to K-12 CS education. -
Hands-On With the Fairphone 2 Modular Android Smartphone (arstechnica.com)
An anonymous reader writes: In just a couple of months, the world's first consumer-ready modular smartphone will start shipping. It's called the Fairphone 2, and it will run Android 5.1. Ars Technica got hands-on time with the device, and they say it works surprisingly well. It's a bit thicker than most modern phones, but that's the trade-off for being able to swap out components. "The smartphone consists of seven major building blocks: the back cover, removable battery, display assembly, main chassis, receiver module, rear camera module, and speaker module. Positioned this way, the components that break most often, like the screen, are isolated for better repairability. In addition to swappable blocks, you can even change things inside the modules: for example, a mic or a speaker. They are press-fit, not glued, and can be extracted with simple tools."
Assembly and disassembly is pretty straightforward, as well: "The modules are held together by Phillips screws marked with blue circles. All screws are the same, so you won't have to remember which one goes where. It's quite hard to make a mistake in the assembling process, however Fairphone promises to release additional manuals and video instructions in collaboration with iFixit." The company also thinks it's important to get the phone's materials and components from ethical sources. -
Looking At the Hardware and Software of JAXA's Hayabusa-2 (imgtec.com)
alexvoica writes: After interviewing the NASA New Horizons team (if you've missed the original story on Slashdot, you can find it here), it's time to get the views of another famous space agency (JAXA) on spacecraft hardware and software. This interview focuses mainly on Hayabusa-2, the world's first round-trip mission to a C-type asteroid. The main goal of the Hayabusa-2 mission is to visit the near-Earth asteroid 1999 JU3, conduct on site science experiments, collect soil samples from the asteroid, and return them back to Earth. 1999 JU3 is a near-Earth C-type asteroid, and is believed to contain organic and hydrated minerals. The contact at JAXA replying to these questions is Associate Professor Yuichi Tsuda, Ph.D the project manager for Hayabusa-2. Dr. Tsuda works for the Department of Space Flight Systems at the Institute of Space and Astronautical Science (ISAS) and at JAXA. -
Not Just Paris: Community Activists Target Data Centers (datacenterfrontier.com)
1sockchuck writes: This week's case in which a Paris data center lost its license isn't an isolated incident, but the latest in a series of disputes in which community groups have fought data center projects, citing objections to generators or power lines. Data center site selection is often a secretive process, with cloud builders using codenames to cloak their identity. Community groups are using social media, blogs, research and media outreach to bring public attention to the process and voice their concerns. Protests from a Delaware group led to the cancellation of a data center project that planned to build a cogeneration plant. In Virginia, a coalition has organized to oppose a power line for an Amazon Web Services data center. Everyone wants their Internet, just not in their backyard. -
Experts Chime In To Explain Fukushima Thryoid Cancer Concerns (cancernetwork.com)
An anonymous reader writes: Experts and the lead author of the Fukushima study findings explain what the data really tells us and the flaws in claims that there is a link between the disaster and cancer rates. From the article: "It is too soon to determine the influence of radiation exposure on thyroid cancer risk among children and adolescents who were exposed to the 2011 Fukushima Daiichi nuclear power plant disaster in Japan, according to the lead author of findings presented at the 15th International Thyroid Congress (ITC) and 85th Annual Meeting of the American Thyroid Association (ATA) this week in Lake Buena Vista, Florida." -
Oracle Fixes Java Vulnerability Used By Russian Cyberspies (itworld.com)
itwbennett writes: Oracle said that it has fixed 154 security flaws in Java and a wide range of its other products, including one that Russian cyberespionage group Pawn Storm used to launch stealthy attacks earlier this year. The vulnerability, tracked as CVE-2015-4902, was being used by the Pawn Storm attackers to enable the execution of a malicious Java application without user interaction. -
Should Japan Restart More Nuclear Power Plants? (thebulletin.org)
Lasrick writes: Seth Baum, executive director of the Global Catastrophic Risk Institute, writes in the Bulletin of the Atomic Scientists that Japan should restart more of its nuclear reactors (the Sendai nuclear plant was restarted in August). The reason is simple, writes Baum: "Japan is now building 45 new coal power plants, but if it turned its nuclear power plants back on... it could cut coal consumption in half. And coal poses more health and climate change dangers than nuclear power."