Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
Book Review: Countdown To Zero Day
benrothke writes A word to describe the book Takedown: The Pursuit and Capture of Americas Most Wanted Computer Outlaw was hyperbole. While the general storyline from the 1996 book was accurate, filler was written that created the legend of Kevin Mitnick. This in turn makes the book a near work of historical fiction. Much has changed in nearly 20 years and Countdown to Zero Day: Stuxnet and the Launch of the Worlds First Digital Weapon has certainly upped the ante for accurate computer security journalism. The book is a fascinating read and author Kim Zetters attention to detail and accuracy is superb. In the inside cover of the book, Kevin Mitnick describes this as an ambitious, comprehensive and engrossing book. The irony is not lost in that Mitnick was dogged by misrepresentations in Markoff's book. Keep reading for the rest of Ben's review. Countdown to Zero Day: Stuxnet and the Launch of the Worlds First Digital Weapon author Author: Kim Zetter pages 448 publisher Crown rating 10/10 reviewer Ben Rothke ISBN 978-0770436179 summary Outstanding narrative about Stuxnet and how it was developed, quarantined and debugged For those that want to know the basics about Stuxnet, its Wikipedia entry will suffice. The book take a detailed look at how the Stuxnet worm of 2010 came to be, how it was written, discovered and deciphered, and what it means for the future and provides nearly everything known to date about Stuxnet.
The need to create Stuxnet was the understanding that a nuclear Iran was dangerous to the world. The book notes that it just wasn't the US and Israel that wanted a nuclear free Iran; Egypt and Saudi Arabia were highly concerned about the dangers a nuclear Iran would bring to the region.
What is eminently clear is that Iran chronically lied about their nuclear intentions and actions (chapter 17 notes that former United Kingdom Prime Minister Gordon Brown told the international community that they had to do something over Iran's serial deception of many years) and that the United Nations International Atomic Energy Agency (IAEA) is powerless to do anything, save for monitoring and writing reports.
Just last week, President Obama said a big gap remains in international nuclear negotiations with Iran and he questioned whether talks would succeed. He further said "are we going to be able to close this final gap so that (Iran) can reenter the international community, sanctions can be slowly reduced and we have verifiable, lock tight assurances that they cant develop a nuclear weapon, there's still a big gap. We may not be able to get there". It's that backdrop to which Stuxnet was written.
While some may debate if Stuxnet was indeed the worlds first digital weapon, it's undeniable that it is the first piece of known malware that could be considered a cyber-weapon. Stuxnet was unlike any other previous malware. Rather than just hijacking targeted computers or stealing information from them, it created physical destruction on centrifuges the software controlled.
At just over 400 pages, the book is a bit wordy at times, but Zetter does a wonderful job of keeping the book extremely readable and the narrative enthralling. Writing about debugging virus code, Siemens industrial programmable logic controllers (PLC) and Step7 software (which was what Stuxnet was attacking) could easily be mind-numbingly boring, save for Zetter's ability to make it a compelling read.
While a good part of the book details the research Symantec, Kaspersky Lab and others did to debug Stuxnet, the book doesn't have any software code, which makes it readable for the non-programmer. The book is technical and Zetter gets into the elementary details of how Stuxnet operated; from reverse engineering, digital certificates and certificate authorities, cryptographic hashing and much more. The non-technical reader certainly won't be overwhelmed, but at the same time might not be able to appreciate what went into designing and making Stuxnet work.
As noted earlier, the book is extremely well researched and all significant claims are referenced. The book is heavily footnoted, which makes the book much more readable than the use of endnotes. Aside from the minor error of mistakenly calling Kurt Gödel a cryptographer on page 295, he was a logician; Zetter's painstaking attention to detail is to be commended.
Whoever wrote Stuxnet counted on the Iranians not having the skills to uncover or decipher the malicious attacks on their own. But as Zetter writes, they also didn't anticipate the crowdsourced wisdom of the hive — courtesy of the global cybersecurity community that would handle the detection and analysis for them. That detection and analysis spanned continents and numerous countries.
The book concludes with chapter 19 — Digital Pandora — which departs from the details of Stuxnet and gets into the bigger picture of what cyber-warfare means and its intended and unintended consequences. There are no simple answers here and the stakes are huge.
The chapter quotes Marcus Ranum who is outspoken on the topic of cyber-warfare. At the 2014 MISTI Infosec World Conference, Ranum gave a talk on Cyberwar: Putting Civilian Infrastructure on the Front Lines, Again. Be it the topic or Marcus just being Marcus, a third of the participants left within the first 15 minutes. But they should have stayed, as Ranum, agree with him or not, provided some riveting insights on the topic.
The book leaves two unresolved questions; who did it, and how did it get into the Nantanz enrichment facility. It is thought the US with some assistance from Israel created Stuxnet; but Zetter also writes that Germany and Great Britain may have done the work or at least provided assistance.
It's also unknown how Stuxnet got into the air-gapped facility. It was designed to spread via an infected USB flash drive. It's thought that since they couldn't get into the facility, what needed to be done was to infect computers belonging to a few outside firms that sold devices that would in turn be connected to the facility. The book identified a few of these companies, but it's still unclear if they were the ones, or the perpetrators somehow had someone on the inside.
As to zero day in the title, what was unique about Stuxnet is that it contained 5 zero day exploits. Zero day is also relevant in that Zetter describes the black and gray markets of firms that discover zero-day vulnerabilities who in turn sell them to law enforcement and intelligence agencies.
Creating Stuxnet was a huge challenge that took scores of programmers from a nation state many months to create. Writing a highly readable and engrossing book about the obscure software vulnerabilities that it exploited was also a challenge, albeit one that few authors could do efficaciously. In Countdown to Zero Day: Stuxnet and the Launch of the Worlds First Digital Weapon, Kim Zetter has written one of the best computer security narratives; a book you will likely find quite hard to put down.
Reviewed by Ben Rothke.
You can purchase Countdown to Zero Day: Stuxnet and the Launch of the Worlds First Digital Weapon from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know. -
Apple Releases iMessage Deregistration Utility
tlhIngan writes When moving from an iPhone to something else, if you were an avid user of iMessage, you may find your messages missing, especially from iOS-using friends. Indeed, it has been such a problem that there are even lawsuits about it. While Apple has maintained that users can always switch off iMessage, that only works if you still have your iOS device. Unless one also has other iOS devices or a Mac, they may not even realize their friends have been sending messages that are queued up on Apple's services via iMessage. Well, that problem has been resolved with Apple creating a deregistration utility to remove your phone number from the iMessage servers so friends will no longer send you texts via iMessage that you can no longer receive. It's a two-step process involving proof of number ownership (via regular SMS) before deregistration takes place. -
Apple Releases iMessage Deregistration Utility
tlhIngan writes When moving from an iPhone to something else, if you were an avid user of iMessage, you may find your messages missing, especially from iOS-using friends. Indeed, it has been such a problem that there are even lawsuits about it. While Apple has maintained that users can always switch off iMessage, that only works if you still have your iOS device. Unless one also has other iOS devices or a Mac, they may not even realize their friends have been sending messages that are queued up on Apple's services via iMessage. Well, that problem has been resolved with Apple creating a deregistration utility to remove your phone number from the iMessage servers so friends will no longer send you texts via iMessage that you can no longer receive. It's a two-step process involving proof of number ownership (via regular SMS) before deregistration takes place. -
Interviews: Ask Executive Director Andrew Lewman About Tor and Privacy
samzenpus writes Andrew Lewman wears many hats: biologist, advocate against domestic violence, programmer, Executive Director of the Tor project and a member of the board of directors. He works to preserve the right to speak and read freely online by fighting laws and technology that threaten anonymity. Just how hard that has become is much clearer now that the NSA's interest in Tor has become public. Andrew has agreed to give us some of his time and answer any questions you might have. As usual, ask as many as you'd like, but please, one per post. -
Interviews: Ask Executive Director Andrew Lewman About Tor and Privacy
samzenpus writes Andrew Lewman wears many hats: biologist, advocate against domestic violence, programmer, Executive Director of the Tor project and a member of the board of directors. He works to preserve the right to speak and read freely online by fighting laws and technology that threaten anonymity. Just how hard that has become is much clearer now that the NSA's interest in Tor has become public. Andrew has agreed to give us some of his time and answer any questions you might have. As usual, ask as many as you'd like, but please, one per post. -
Interviews: Ask Executive Director Andrew Lewman About Tor and Privacy
samzenpus writes Andrew Lewman wears many hats: biologist, advocate against domestic violence, programmer, Executive Director of the Tor project and a member of the board of directors. He works to preserve the right to speak and read freely online by fighting laws and technology that threaten anonymity. Just how hard that has become is much clearer now that the NSA's interest in Tor has become public. Andrew has agreed to give us some of his time and answer any questions you might have. As usual, ask as many as you'd like, but please, one per post. -
Eben Upton Explains the Raspberry Pi Model A+'s Redesign
M-Saunders writes It's cheaper, it's smaller, and it's curvier: the new Raspberry Pi Model A+ is quite a change from its predecessor. But with Model Bs selling more in a month than Model As have done in the lifetime of the Pi, what's the point in releasing a new model? Eben Upton, a founder of the Raspberry Pi Foundation, explains all. "It gives people a really low-cost way to come and play with Linux and it gives people a low-cost way to get a Raspberry Pi. We still think most people are still going to buy B+s, but it gives people a way to come and join in for the cost of 4 Starbucks coffees." -
Mozilla Launches Browser Built For Developers
HughPickens.com writes "Mozilla announced that they are excited to unveil Firefox Developer Edition, the first browser created specifically for developers that integrates two powerful new features, Valence and WebIDE that improve workflow and help you debug other browsers and apps directly from within Firefox Developer Edition. Valence (previously called Firefox Tools Adapter) lets you develop and debug your app across multiple browsers and devices by connecting the Firefox dev tools to other major browser engines. WebIDE allows you to develop, deploy and debug Web apps directly in your browser, or on a Firefox OS device. "It lets you create a new Firefox OS app (which is just a web app) from a template, or open up the code of an existing app. From there you can edit the app's files. It's one click to run the app in a simulator and one more to debug it with the developer tools."
Firefox Developer Edition also includes all the tools experienced Web developers are familiar with including: Responsive Design Mod, Page Inspector, Web Console, JavaScript Debugger, Network Monitor, Style Editor, and Web Audio Editor. At launch, Mozilla is starting off with Chrome for Android and Safari for iOS. and the eventual goal is to support more browsers, depending on what developers tell Mozilla they want, but the primary focus is on the mobile Web. "One of the biggest pain points for developers is having to use numerous siloed development environments in order to create engaging content or for targeting different app stores. For these reasons, developers often end up having to bounce between different platforms and browsers, which decreases productivity and causes frustration," says the press release. "If you're a new Web developer, the streamlined workflow and the fact that everything is already set up and ready to go makes it easier to get started building sophisticated applications." Mozilla released a teaser trailer for the browser last week. -
Pirate Bay Co-Founder Peter Sunde Is a Free Man Again
jones_supa writes Former Pirate Bay spokesperson Peter Sunde was released from prison this morning. Peter is expected to take some time off to spend with family and loved ones before returning to the normal grind. He was arrested in late May this year. Despite being accused of non-violent crimes, Peter was transferred to a high-security unit. His time in prison is described as being tough. There was no concern for high values such as a vegan diet or even proper treatment of depression. Peter also lost 15 kg of weight. After the experience he tweeted, "My body just got re-united with my soul and mind, the parts of me that matters and that never can be held hostage." -
Mayday PAC Goes 2 For 8
An anonymous reader writes: Lawrence Lessig's Mayday.us project had a bold goal: create a super PAC to end all super PACs. It generated significant support and raised over $10 million, which it spent endorsing a group of candidates for the recent mid-term elections and the primaries beforehand. The results weren't kind. Only two of the eight candidates backed by Mayday won their elections, and both of those candidates were quite likely to win anyway. Lessig was understandably displeased with the results. In a post on the Mayday site, he said, "What 2014 shows most clearly is the power of partisanship in our elections. Whatever else voters wanted, they wanted first their team to win."
Kenneth Vogel, author of Big Money, a recent book on the rise of super PACs, was critical of of Mayday's efforts, saying, "While voters do express high levels of disgust about the state of campaign finance and the level of corruption in Washington, they tend to actually cast votes more on bread-and-butter economic issues." Still, Lessig is hopeful for the future: "We moved voters on the basis of that message. Not enough. Not cheaply enough. But they moved." -
Raspberry Pi A+ Details Leaked
mikejuk writes Despite trying to keep it secret, a major Raspberry Pi retailer has published some details of the upcoming model A+ Raspberry Pi thanks to a product page that went live early. The board layout looks different and is much smaller than the model A or B+. Judging from the photograph, the A+ board encompasses the four standard mounting holes, which makes it approximately 56x65mm — the model B+ is 56x85mm.
The key improvement is the new 40-pin GPIO socket, which makes the model A+ fully compatible with the HAT expansion standard. This means that any new HAT expansion cards should now work with the A+. It also has what's likely a connector for the yet-unreleased Raspberry Pi touchscreen. Another welcome change is the micro SD slot. One downside of the A+ is that it still has only a single USB 2 connector. -
Amazon's Echo Chamber
An anonymous reader writes: The announcement this Thursday of another dubious piece of hardware from Amazon led Dustin Curtis to write an article critical of Amazon's hardware strategy, saying the company just doesn't understand what makes a device good or bad. Curtis says, "With Amazon.com, it can heavily and successfully promote and sell its products, giving it false indicators of success. It's an echo chamber. They make a product, they market the product on Amazon.com, they sell the product to Amazon.com customers, they get a false sense of success, the customer puts the product in a drawer and never uses it, and then Amazon moves on to the next product. Finally, with the Fire Phone, customers have been pushing back.
The media strategy that seems to be driving Jeff Bezos to make mobile consumption devices (with Amazon's media stores and Prime video/music) is flawed. No one makes money selling media for consumption anymore. That market is quickly and brutally dying. The media market is now so efficient that all profit is completely sucked out of the equation by the time you get to the consumption delivery system, to the point that it is barely possible to break even." -
Florida-Based Magic Leap Builds Its Team With Bay Area Hires
Tekla Perry writes Stealthy 'cinematic reality' company Magic Leap may be based in Florida--but it's doing a lot of hiring from the Bay Area, scooping up engineers from Pixar, Google, Apple, and Intel--along with a few Willow Garage alums. And it's got openings for many many more. Are all these folks with long-term Silicon Valley roots really going to move to South Florida? Or is Magic Leap getting ready to open up a Silicon Valley research center to house the brain trust it is gathering? Here's what we know about Magic Leap and its technology, who's joining it, and what other kinds of engineers the company aims to hire. Magic Leap has a lot of money to do all that hiring, having just raised more than half a billion dollars, the bulk of it from Google. If you're working in the Bay Area now, would you look forward to a move to Florida, or rather stay where you are? -
After Silk Road 2.0 Bust, Eyes Turn To 'Untouchable' Decentralized Market
apexcp sends this article from The Daily Dot: Following a wave of Dark Net arrests that brought down the famous anonymous drug market Silk Road 2.0, all eyes have turned to a marketplace called OpenBazaar that is designed to be impossible to shut down. Described as the "next generation of uncensored trade" and a "safe untouchable marketplace," OpenBazaar is fundamentally different from all the online black markets that have come before it, because it is completely decentralized. If authorities acted against OpenBazaar users, they could arrest individuals, but the network would survive. "If you're thinking about OpenBazaar as Silk Road 3.0, you're thinking about it much too narrowly," said OpenBazaar operations lead Sam Patterson in an interview last night. "I actually think it's much more powerful as eCommerce 2.0." -
Interviews: Ask Robert Ballard About Ocean Exploration
samzenpus writes A former Navy officer and a professor of oceanography at the University of Rhode Island, Robert Ballard is one of the most famous ocean explorers in the world. He is best known for his discoveries of hydrothermal vents, the Titanic, and the German battleship the Bismarck. Ballard is the "Explorer-in-Residence" for the National Geographic Society. He works extensively on exploration through telepresence capabilities and distance learning programs including the JASON Project, which reaches more than 1 million students. His latest work involves the Ocean Exploration Trust, the organization that manages his exploration ship the E/V Nautilus. The ship carries with it two ROVs named Hercules and Argus that explore the seafloor in real-time online. Dr. Ballard has just concluded the 2014 season and has agreed to answer your questions. As usual, ask as many as you'd like, but please, one per post. -
Landfill Copies of Atari's 'E.T.' End Up On eBay
Nerval's Lobster writes "In the early 1980s, Atari made what seemed like a slam-dunk bet: a game based on E.T.: The Extra-Terrestrial, one of the most beloved (and highest-grossing) films of all time. The company was so sure it had a hit in the making, in fact, that it manufactured millions of E.T. game cartridges, which flooded store shelves just in time for holiday shopping in December 1982. The game sold well at the outset, but it didn't sell well enough: By early 1983, Atari still had 3.5 million unsold cartridges on its hands. Embarrassed by the failure, Atari dumped those cartridges into a city landfill in Alamogordo, New Mexico. In 2003, Canadian entertainment company Fuel Industries received permission from Alamogordo's town counsel to excavate the landfill for the long-lost cartridges. Now some of those cartridges have surfaced on eBay, selling for $50 and up; if you ever wanted to own a little slice of video-game history, now's your chance." (You might recall the news from earlier this year that some copies of E.T. had been found.) -
CNN Anchors Caught On Camera Using Microsoft Surface As an iPad Stand
MojoKid writes Since the release of its Surface Pro 3 tablet, Microsoft has pushed their new slate hard. It's as if the company wanted it to overwrite that part of our memory that recalls the Surface RT and its monumental losses. This past August, we saw the company make a big move by deploying a boatload of Surface Pro tablets to every team in the NFL, gratis. All season so far, coaches and even players have made use of them to plan their next course-of-action, and for the most part, they seemed to be well-received. Unlike some of the products Microsoft tries to get us to adopt, the Surface Pro 3 really is a solid tablet / convertible. Unfortunately, at least where the CNN political team is concerned, Microsoft hasn't won over a few anchors, like they have in NFL, when they were supplied with brand-new Surface Pros. In recent shots captured and tweeted about, a Surface Pro 3 can be seen acting as an "iPad stand," and quite an expensive one. As humorous as this is, it might not seem that interesting if it were just one correspondent who pulled that stunt. Let's be honest, some people just like their iPads. That wasn't the case, though. There were at least two commentators using an iPad on the same set, despite having the Surface right in front of them and seemingly hiding it behind Microsoft's darling Windows 8 slate. -
LibraryBox is an Open Source Server That Runs on Low-Cost Hardware (Video)
The world is full of wireless servers -- or at least some of it is. There are still many places, including parts of the United States, where you can have all the laptops, smart phones, and other wireless-capable devices you want, but there's no server that caters to them. Enter LibraryBox. It's open source and it runs on a variety of low-cost, low-power hardware. The project's website calls it "portable private digital distribution."
A lot of people obviously like this project and wish it well. LibraryBox ran a Kickstarter campaign in 2013, hoping for $3000, and raised $33,119. But today's interviewee, Jason Griffey, can explain his project better than we can, so please watch the video (or read the transcript) if you want to learn more about LibraryBox -- including the story behind the project's name. (Alternate Video Link) -
Study Shows Direct Brain Interface Between Humans
vinces99 writes University of Washington researchers have successfully replicated a direct brain-to-brain connection between pairs of people as part of a scientific study following the team's initial demonstration a year ago. In the newly published study, which involved six people, researchers were able to transmit the signals from one person's brain over the Internet and use these signals to control the hand motions of another person within a split second of sending that signal. -
Michelle Sleeper Creates 'Gaming, Comics, and Pop Culture Based Props'
If you go to a sci-fi or gaming convention you'll see people in exotic "character" costumes, often holding exotic props, with some of the most popular being futuristic firearm mockups of one sort or another. Who makes all these cool fannish items? A whole bunch of artists and artisans, including Michelle Sleeper (who says she got tired of jokes about her name many years ago). She's not only one of these artisans, but is also a committed 3-D printer user, since 3-D printing is how she forms a high percentage of her props (with the word "props" being used here in the theatrical rather than the nautical sense). To keep up with what Michelle is making, you should check her blog. One of her most interesting posts, titled Atlanta Mini Maker Faire: On missing deadlines, failure, and triage, is about preparing for the event where Timothy Lord met and interviewed Michelle.
Even if gamer gatherings and SF conventions aren't your thing, the interview (along with the links above) gives a nice glimpse into the life of an independent artisan who uses technology to create a lot of her art. (Alternate Video Link) -
Interviews: Ask Warren Ellis a Question
samzenpus writes "Warren Ellis is an acclaimed British author of comics, novels, and television who is well known for his sociocultural commentary. The movies Red and Iron Man 3 are based on his graphic novels. In addition to numerous other comic titles, he started a personal favorite, Transmetropolitan. Ellis has written for Vice, Wired UK, and Reuters on technological and cultural matters, and is co-writing a video project called Wastelanders with Joss Whedon. Warren has agreed to give us some of his time to answer any questions you may have. As usual, ask as many as you'd like, but please, one per post." -
Pirate Bay Co-founder Arrested In Northeastern Thailand
New submitter SeeingMole writes, just a few days after Pirate Bay founder Gottfrid Warg was found guilty in Denmark, that Thai immigration police arrested 36-year-old Fredrik Neij, aka TiAMO, while driving a car to pass through the border checkpoint from Laos into Thailand with his Lao wife. He was wearing the same shirt that he wore in his arrest warrant photo. In 2009, Neij was convicted along with Per Svartholm Warg, Peter Sunde Kolmisoppi and Carl Lundstroem of 'assisting in making copyright content available' in Stockholm, Sweden. Also at the BBC; thanks to reader iONiUM. -
Intel To Expand Core M Broadwell Line With Faster Dual-Core Processors
MojoKid writes: Intel didn't waste much time following-up on its initial Core M lineup launch. The company has added 4 more Core M models to its roster. Like the launch chips, these four are dual-core designs that support HyperThreading to enable an effective four logical threads for processing. Also like those earlier chips, these are spec'd with a TDP of 4.5W. These new chips, however, are generally faster than the launch models, with a new top-end processor called the M-5Y71. This chip has a base clock speed of 1.2GHz, but is burstable through Turbo up to 2.9GHz. What really sets these chips apart from the initial Core M models is that their TDP is scalable, based on what the builder is looking to do with it. If the chip is set to be used in a notebook with very little free space, the OEM could opt to drop the chip down to 3.5W and lose 600MHz in the process. By contrast, a bulkier notebook could handle a hotter chip better, so a higher TDP could be decided upon. If that route's taken, any one of these new chips could peak at 6W and add 200MHz to the base and top-end clocks. -
Russia Takes Down Steve Jobs Memorial After Apple's Tim Cook Comes Out
An anonymous reader writes Citing the need to abide by a law combating "gay propaganda," a memorial dedicated to the late Apple founder Steve Jobs has been torn down. This comes on the heels of new CEO Tim Cook coming out as gay. "In Russia, gay propaganda and other sexual perversions among minors are prohibited by law," ZEFS (a Russian group of companies that originally erected the statue) said, noting that the memorial had been "in an area of direct access for young students and scholars". "After Apple CEO Tim Cook publicly called for sodomy, the monument was taken down to abide to the Russian federal law protecting children from information promoting denial of traditional family values." -
"Car Talk" Co-Host Tom Magliozzi Dies At Age 77
samzenpus writes "Many outlets are reporting the death of Tom Magliozzi, co-host of the long-running weekly National Public Radio show Car Talk. Tom and his brother Ray ran a repair shop in the '70s and in 1987 landed their radio gig. They were known as "Click and Clack the Tappet Brothers." The show stopped recording two years ago and is currently airing old episodes. Tom died of complications from Alzheimer's at age 77." -
Interviews: Ask CMI Director Alex King About Rare Earth Mineral Supplies
The modern electronics industry relies on inputs and supply chains, both material and technological, and none of them are easy to bypass. These include, besides expertise and manufacturing facilities, the actual materials that go into electronic components. Some of them are as common as silicon; rare earth minerals, not so much. One story linked from Slashdot a few years back predicted that then-known supplies would be exhausted by 2017, though such predictions of scarcity are notoriously hard to get right, as people (and prices) adjust to changes in supply. There's no denying that there's been a crunch on rare earths, though, over the last several years. The minerals themselves aren't necessarily rare in an absolute sense, but they're expensive to extract. The most economically viable deposits are found in China, and rising prices for them as exports to the U.S., the EU, and Japan have raised political hackles. At the same time, those rising prices have spurred exploration and reexamination of known deposits off the coast of Japan, in the midwestern U.S., and elsewhere.
Alex King is director of the Critical Materials Institute, a part of the U.S. Department of Energy's Ames Laboratory. CMI is heavily involved in making rare earth minerals slightly less rare by means of supercomputer analysis; researchers there are approaching the ongoing crunch by looking both for substitute materials for things like gallium, indium, and tantalum, and easier ways of separating out the individual rare earths (a difficult process). One team there is working with "ligands – molecules that attach with a specific rare-earth – that allow metallurgists to extract elements with minimal contamination from surrounding minerals" to simplify the extraction process. We'll be talking with King soon; what questions would you like to see posed? (This 18-minute TED talk from King is worth watching first, as is this Q&A.) -
Interviews: Ask CMI Director Alex King About Rare Earth Mineral Supplies
The modern electronics industry relies on inputs and supply chains, both material and technological, and none of them are easy to bypass. These include, besides expertise and manufacturing facilities, the actual materials that go into electronic components. Some of them are as common as silicon; rare earth minerals, not so much. One story linked from Slashdot a few years back predicted that then-known supplies would be exhausted by 2017, though such predictions of scarcity are notoriously hard to get right, as people (and prices) adjust to changes in supply. There's no denying that there's been a crunch on rare earths, though, over the last several years. The minerals themselves aren't necessarily rare in an absolute sense, but they're expensive to extract. The most economically viable deposits are found in China, and rising prices for them as exports to the U.S., the EU, and Japan have raised political hackles. At the same time, those rising prices have spurred exploration and reexamination of known deposits off the coast of Japan, in the midwestern U.S., and elsewhere.
Alex King is director of the Critical Materials Institute, a part of the U.S. Department of Energy's Ames Laboratory. CMI is heavily involved in making rare earth minerals slightly less rare by means of supercomputer analysis; researchers there are approaching the ongoing crunch by looking both for substitute materials for things like gallium, indium, and tantalum, and easier ways of separating out the individual rare earths (a difficult process). One team there is working with "ligands – molecules that attach with a specific rare-earth – that allow metallurgists to extract elements with minimal contamination from surrounding minerals" to simplify the extraction process. We'll be talking with King soon; what questions would you like to see posed? (This 18-minute TED talk from King is worth watching first, as is this Q&A.) -
Interviews: Ask CMI Director Alex King About Rare Earth Mineral Supplies
The modern electronics industry relies on inputs and supply chains, both material and technological, and none of them are easy to bypass. These include, besides expertise and manufacturing facilities, the actual materials that go into electronic components. Some of them are as common as silicon; rare earth minerals, not so much. One story linked from Slashdot a few years back predicted that then-known supplies would be exhausted by 2017, though such predictions of scarcity are notoriously hard to get right, as people (and prices) adjust to changes in supply. There's no denying that there's been a crunch on rare earths, though, over the last several years. The minerals themselves aren't necessarily rare in an absolute sense, but they're expensive to extract. The most economically viable deposits are found in China, and rising prices for them as exports to the U.S., the EU, and Japan have raised political hackles. At the same time, those rising prices have spurred exploration and reexamination of known deposits off the coast of Japan, in the midwestern U.S., and elsewhere.
Alex King is director of the Critical Materials Institute, a part of the U.S. Department of Energy's Ames Laboratory. CMI is heavily involved in making rare earth minerals slightly less rare by means of supercomputer analysis; researchers there are approaching the ongoing crunch by looking both for substitute materials for things like gallium, indium, and tantalum, and easier ways of separating out the individual rare earths (a difficult process). One team there is working with "ligands – molecules that attach with a specific rare-earth – that allow metallurgists to extract elements with minimal contamination from surrounding minerals" to simplify the extraction process. We'll be talking with King soon; what questions would you like to see posed? (This 18-minute TED talk from King is worth watching first, as is this Q&A.) -
Interviews: Ask CMI Director Alex King About Rare Earth Mineral Supplies
The modern electronics industry relies on inputs and supply chains, both material and technological, and none of them are easy to bypass. These include, besides expertise and manufacturing facilities, the actual materials that go into electronic components. Some of them are as common as silicon; rare earth minerals, not so much. One story linked from Slashdot a few years back predicted that then-known supplies would be exhausted by 2017, though such predictions of scarcity are notoriously hard to get right, as people (and prices) adjust to changes in supply. There's no denying that there's been a crunch on rare earths, though, over the last several years. The minerals themselves aren't necessarily rare in an absolute sense, but they're expensive to extract. The most economically viable deposits are found in China, and rising prices for them as exports to the U.S., the EU, and Japan have raised political hackles. At the same time, those rising prices have spurred exploration and reexamination of known deposits off the coast of Japan, in the midwestern U.S., and elsewhere.
Alex King is director of the Critical Materials Institute, a part of the U.S. Department of Energy's Ames Laboratory. CMI is heavily involved in making rare earth minerals slightly less rare by means of supercomputer analysis; researchers there are approaching the ongoing crunch by looking both for substitute materials for things like gallium, indium, and tantalum, and easier ways of separating out the individual rare earths (a difficult process). One team there is working with "ligands – molecules that attach with a specific rare-earth – that allow metallurgists to extract elements with minimal contamination from surrounding minerals" to simplify the extraction process. We'll be talking with King soon; what questions would you like to see posed? (This 18-minute TED talk from King is worth watching first, as is this Q&A.) -
Adobe's Digital Editions Collecting Less Data, Says EFF
itwbennett writes Tests on the latest version of Adobe System's e-reader software shows the company is now collecting less data following a privacy-related dustup last month, according to the Electronic Frontier Foundation. Adobe was criticized in early October after it was discovered Digital Editions collected metadata about e-books on a device, even if the e-books did not have DRM. Those logs were also sent to Adobe in plain text. Digital Editions version 4.0.1 appears to only collect data on e-books that have DRM (Digital Rights Management), writes Cooper Quintin, a staff technologist with the EFF. -
YouTube Opens Up 60fps To Everyone
jones_supa writes Four months ago YouTube promised support for 60 frames per second videos. Back then, the feature was limited to some selected demonstration clips. Now the capability to upload 60fps videos has been opened to everyone. By searching YouTube, a lot of interesting high-FPS material can already be found. For now, some caveats apply though. To watch the clips at 60fps you currently need to use Chrome (further browser support is on the way) and be sure to select 720p60 or 1080p60 from the settings menu of the video player. A fair amount of decoding power is also required, so you will need good hardware. In addition, YouTube says that the content format will be only available on "motion-intense" videos, and the average cat video may not be detected as such. Of course gaming will be the most obvious genre that can take advantage of the higher frame rate. -
US Midterm Elections Discussion
November 4th will be election day in the U.S. Though the presidential race is still forming, this midterm election has lots of close races that may give a hint about the likely outcome in 2016. Many pundits and pollsters see a strong chance that Republicans will gain a majority in the Senate in Tuesday's election. Think of the discussion attached to this post as the place to discuss the election: candidates, political advertising, voting technology, and the wisdom of voter ID laws. If you are voting, this chart of poll closing times might be useful. (And, as with the similar post from 10 years ago today, you can take a look at the current poll to see what the Zeitgeist looks like for Slashdot readers, and mentally fill in the past tense, if you're one of the many early voters; not much room in the poll question field.) -
US Midterm Elections Discussion
November 4th will be election day in the U.S. Though the presidential race is still forming, this midterm election has lots of close races that may give a hint about the likely outcome in 2016. Many pundits and pollsters see a strong chance that Republicans will gain a majority in the Senate in Tuesday's election. Think of the discussion attached to this post as the place to discuss the election: candidates, political advertising, voting technology, and the wisdom of voter ID laws. If you are voting, this chart of poll closing times might be useful. (And, as with the similar post from 10 years ago today, you can take a look at the current poll to see what the Zeitgeist looks like for Slashdot readers, and mentally fill in the past tense, if you're one of the many early voters; not much room in the poll question field.) -
How Google Can Get the Flu Right
An anonymous reader writes Google Flu Trends was developed in 2009 to improve forecasts of flu levels in the U.S. by utilising Google search data. This early example showcased the potential which lies in the exploitation of human digital traces which all of us leave behind by using online services. The rise of Google Flu Trends was only stopped when the service dramatically overestimated the number of flu incidences recently. The fall raised questions about the value of online data for predictions in general. However, a study published yesterday demonstrates that it is not only about data but also about the adaptiveness of algorithms used for predictions. Scientists combined historic flu levels as reported by the CDC with Google Flu Trends data using an algorithmic framework which is able to adapt to changes in human search behaviour. Their results show that Google Flu Trends data sets significantly add information to the forecasts of current flu levels. -
Is Public Debate of Trade Agreements Against the Public Interest?
onproton writes The Trans Pacific Partnership (TPP), currently being negotiated in secret, has been subject to numerous draft leaks that indicate these talks are potentially harmful to everything from public health to internet freedom. So why isn't the public involved, and why are the terms of the agreement being debated behind closed doors? According to New Zealand's current Trade Minister, Tim Groser, full disclosure of what is being discussed would likely lead to "public debate on an ill-informed basis before the deal has been done." Leaving one to question how revealing the full context and scope of the agreement talks would lead to an increase in misinformation rather than clarity. -
Is Public Debate of Trade Agreements Against the Public Interest?
onproton writes The Trans Pacific Partnership (TPP), currently being negotiated in secret, has been subject to numerous draft leaks that indicate these talks are potentially harmful to everything from public health to internet freedom. So why isn't the public involved, and why are the terms of the agreement being debated behind closed doors? According to New Zealand's current Trade Minister, Tim Groser, full disclosure of what is being discussed would likely lead to "public debate on an ill-informed basis before the deal has been done." Leaving one to question how revealing the full context and scope of the agreement talks would lead to an increase in misinformation rather than clarity. -
Will HP's $200 Stream 11 Make People Forget About Chromebooks?
theodp writes With an 11.6" screen, Windows 8.1, and free Office 365 for a year, the $199.99 solid-state HP Stream 11 laptop is positioned to make people think twice about Chromebooks (add $30 for the HP Stream 13). But will it? "The HP Stream 11 is clearly both inexpensive and a great value," writes Paul Thurrott. "At just $200, it's cheap, of course. But it also features a solid-feeling construction, a bright and fun form factor, a surprisingly high-quality typing experience and a wonderful screen. This isn't a bargain bin throwaway. The Stream 11 is something special." The HP Stream Family also includes the HP Stream 7, a $99.99 Windows 8.1 Tablet that includes the Office 365 deal. By the way, at the other end of the price spectrum, HP has introduced the Sprout, which Fast Company calls a bold and weird PC that's bursting at the seams with new ideas, from 3-D scanning to augmented reality. (We mentioned the Sprout a few days ago, too; HP seems to be making some interesting moves lately, looks like they're getting on the smartwatch bandwagon, too.) If you're looking at the Stream as a cheap platform for OSes other than Windows, be cautious: one of the reviews at the Amazon page linked describes trouble getting recent Linux distributions to install. -
Video Raises Doubts About Attkisson's Claims of Malicious Hacking
Was former CBS News correspondent Sharyl Attkisson's computer hacked? Earlier claims that it was are being scoffed at by some security experts, after looking at cellphone video she has released intended to demonstrate that an intruder was deleting files. The video, say various commentators, may instead just indicate a stuck or faulty backspace key. It could be that both things are true (a stuck backspace key, as well as malicious intrusion targeting Attkisson for her political reporting), but it would be helpful to know more of the details on which CBS's (unnamed) hired experts concluded that her machine was breached. -
Video Raises Doubts About Attkisson's Claims of Malicious Hacking
Was former CBS News correspondent Sharyl Attkisson's computer hacked? Earlier claims that it was are being scoffed at by some security experts, after looking at cellphone video she has released intended to demonstrate that an intruder was deleting files. The video, say various commentators, may instead just indicate a stuck or faulty backspace key. It could be that both things are true (a stuck backspace key, as well as malicious intrusion targeting Attkisson for her political reporting), but it would be helpful to know more of the details on which CBS's (unnamed) hired experts concluded that her machine was breached. -
Facebook Wants You To Vote Tuesday
theodp (442580) writes "Six years in the making, Facebook's get-out-the-vote tool — a high-profile button that proclaims "I'm Voting" or "I'm a Voter" — will on Tuesday give many of the social network's more than 150 million American users a gentle but effective nudge to vote. "If past research is any guide," writes Micah L. Sifry in Mother Jones, "up to a few million more people will head to the polls partly because their Facebook friends encouraged them. Yet the process by which Facebook has developed this tool — what the firm calls the 'voter megaphone' — has not been very transparent, raising questions about its use and Facebook's ability to influence elections. Moreover, while Facebook has been developing and promoting this tool, it has also been quietly conducting experiments on how the company's actions can affect the voting behavior of its users." Sifry adds, "There may be another reason for Facebook's lack of transparency regarding its voting promotion experiments: politics. Facebook officials likely do not want Republicans on Capitol Hill to realize that their voter megaphone isn't a neutral get-out-the-vote mechanism. It's not that Facebook uses this tool to remind only users who identify themselves as Democrats to vote — though the company certainly has the technical means to do so. But the Facebook user base tilts Democratic." So, it's probably worth mentioning again that Facebook caught flack last summer for deliberately experimenting on users' emotions without their consent. And just last June, Facebook CEO Mark Zuckerberg's FWD.us PAC put out a call for "pissed off Data Scientists" to data mine critical legislative districts and "growth hack" ways to motivate "registered voters who are registered Republicans who we think are likely to support immigration reform."" -
Facebook Wants You To Vote Tuesday
theodp (442580) writes "Six years in the making, Facebook's get-out-the-vote tool — a high-profile button that proclaims "I'm Voting" or "I'm a Voter" — will on Tuesday give many of the social network's more than 150 million American users a gentle but effective nudge to vote. "If past research is any guide," writes Micah L. Sifry in Mother Jones, "up to a few million more people will head to the polls partly because their Facebook friends encouraged them. Yet the process by which Facebook has developed this tool — what the firm calls the 'voter megaphone' — has not been very transparent, raising questions about its use and Facebook's ability to influence elections. Moreover, while Facebook has been developing and promoting this tool, it has also been quietly conducting experiments on how the company's actions can affect the voting behavior of its users." Sifry adds, "There may be another reason for Facebook's lack of transparency regarding its voting promotion experiments: politics. Facebook officials likely do not want Republicans on Capitol Hill to realize that their voter megaphone isn't a neutral get-out-the-vote mechanism. It's not that Facebook uses this tool to remind only users who identify themselves as Democrats to vote — though the company certainly has the technical means to do so. But the Facebook user base tilts Democratic." So, it's probably worth mentioning again that Facebook caught flack last summer for deliberately experimenting on users' emotions without their consent. And just last June, Facebook CEO Mark Zuckerberg's FWD.us PAC put out a call for "pissed off Data Scientists" to data mine critical legislative districts and "growth hack" ways to motivate "registered voters who are registered Republicans who we think are likely to support immigration reform."" -
Facebook Wants You To Vote Tuesday
theodp (442580) writes "Six years in the making, Facebook's get-out-the-vote tool — a high-profile button that proclaims "I'm Voting" or "I'm a Voter" — will on Tuesday give many of the social network's more than 150 million American users a gentle but effective nudge to vote. "If past research is any guide," writes Micah L. Sifry in Mother Jones, "up to a few million more people will head to the polls partly because their Facebook friends encouraged them. Yet the process by which Facebook has developed this tool — what the firm calls the 'voter megaphone' — has not been very transparent, raising questions about its use and Facebook's ability to influence elections. Moreover, while Facebook has been developing and promoting this tool, it has also been quietly conducting experiments on how the company's actions can affect the voting behavior of its users." Sifry adds, "There may be another reason for Facebook's lack of transparency regarding its voting promotion experiments: politics. Facebook officials likely do not want Republicans on Capitol Hill to realize that their voter megaphone isn't a neutral get-out-the-vote mechanism. It's not that Facebook uses this tool to remind only users who identify themselves as Democrats to vote — though the company certainly has the technical means to do so. But the Facebook user base tilts Democratic." So, it's probably worth mentioning again that Facebook caught flack last summer for deliberately experimenting on users' emotions without their consent. And just last June, Facebook CEO Mark Zuckerberg's FWD.us PAC put out a call for "pissed off Data Scientists" to data mine critical legislative districts and "growth hack" ways to motivate "registered voters who are registered Republicans who we think are likely to support immigration reform."" -
NASA Spacecraft Images Crash Site of Retired LADEE Probe
An anonymous reader writes In April, NASA ended the mission of its Lunar Atmosphere and Dust Environment Explorer (LADEE) mission by de-orbiting (read: crashing) it on the far side of the moon. The Lunar Reconnaissance Orbiter has now directly imaged the crash site, showing a small crater and the spray of rocks and dust caused by the crash. "LADEE's grave lies about 0.5 miles (0.8 kilometers) from the eastern rim of the larger Sundman V crater, just 0.2 miles (0.3 km) north of the spot where mission team members predicted the spacecraft would go down based on tracking data, NASA officials said. ... The new crater is less than 10 feet (3 meters) wide. It's so small because LADEE was just the size of a washing machine, and the probe was traveling relatively slowly (3,800 mph, or 6,116 km/h) when it impacted the surface. The LROC team was able to spot LADEE's impact crater after developing a new tool that compared before-and-after images of the same lunar sites, researchers said." -
Hungary's Plans For Internet Tax On Hold After Protests
An anonymous reader writes: When news broke last week that the Hungarian government was planning to tax internet traffic at a rate of about 62 cents per gigabyte, people on the internet were outraged. But it went beyond that: there were protests in the streets in Hungary, and the European Union warned against the plan. Now, Hungarian Prime Minister Viktor Orban has put the plans on hold, saying, "This tax in its current form cannot be introduced." It's not completely dead — Orban has planned consultations over the next year to look for other ways to tax revenue generated over the internet. -
Google To Disable Fallback To SSL 3.0 In Chrome 39 and Remove In Chrome 40
An anonymous reader writes Google today announced plans to disable fallback to version 3 of the SSL protocol in Chrome 39, and remove SSL 3.0 completely in Chrome 40. The decision follows the company's disclosure of a serious security vulnerability in SSL 3.0 on October 14, the attack for which it dubbed Padding Oracle On Downgraded Legacy Encryption (POODLE). Following Mozilla's decision on the same day to disable SSL 3.0 by default in Firefox 34, which will be released on November 25, Google has laid out its plans for Chrome. This was expected, given that Google Security Team's Bodo Möller stated at the time: "In the coming months, we hope to remove support for SSL 3.0 completely from our client products." -
Vulnerabilities Found (and Sought) In More Command-Line Tools
itwbennett writes The critical Shellshock vulnerabilities found last month in the Bash Unix shell have motivated security researchers to search for similar flaws in old, but widely used, command-line utilities. Two remote command execution vulnerabilities were patched this week in the popular wget download agent and tnftp client for Unix-like systems [also mentioned here]. This comes after a remote code execution vulnerability was found last week in a library used by strings, objdump, readelf and other command-line tools. -
Vulnerabilities Found (and Sought) In More Command-Line Tools
itwbennett writes The critical Shellshock vulnerabilities found last month in the Bash Unix shell have motivated security researchers to search for similar flaws in old, but widely used, command-line utilities. Two remote command execution vulnerabilities were patched this week in the popular wget download agent and tnftp client for Unix-like systems [also mentioned here]. This comes after a remote code execution vulnerability was found last week in a library used by strings, objdump, readelf and other command-line tools. -
Slashdot Asks: Appropriate Place For Free / Open Source Software Artifacts?
A friend of mine who buys and sells used books, movies, etc. recently purchased a box full of software on CD, including quite a few old Linux distributions, and asked me if I'd like them. The truth is, I would like them, but I've already collected over the last two decades more than I should in the way of Linux distributions, on at least four kinds of media (starting with floppies made from a CD that accompanied a fat book on how to install some distribution or other -- very useful in the days of dialup). I've got some boxes (Debian Potato, and a few versions of Red Hat and Mandrake Linux), and an assortment of marketing knickknacks, T-shirts, posters, and books. I like these physical artifacts, and they're not dominating my life, but I'd prefer to actually give many of them to someplace where they'll be curated. (Or, if they should be tossed, tossed intelligently.) Can anyone point to a public collection of some kind that gathers physical objects associated with Free software and Open Source, and makes them available for others to examine? (I plan to give some hardware, like a pair of OLPC XO laptops, to the same Goodwill computer museum highlighted in this video, but they probably don't want an IBM-branded radio in the shape of a penguin.) -
Remote Vision Through a Virtual Reality Headset (Video)
Add some material-handling devices and you'd have software-controlled Waldos, first described by Robert A. Heinlein in the 1942 short story titled Waldo. So while the idea of a pair of artificial eyes you control by moving your head (while looking at the area around the artificial eyes, even if it's in orbit), sounds like futuristic fun, especially if you use an Oculus Virtual Reality device instead of an LED screen, it not only hasn't caught up with science fiction, but is a fair ways behind science fact. Still, the idea of being able to control a vision system deep under the sea or in orbit around Saturn is certainly interesting in and of itself. (Alternate Video Link) -
Apple Pay Competitor CurrentC Breached
tranquilidad writes "As previously discussed on Slashdot, CurrentC is a consortium of merchants attempting to create a "more secure" payment system. Some controversy surrounds CurrentC's requirements regarding the personal information required, their purchase-tracking intentions and retail stores blocking NFC in apparent support of CurrentC. Now news breaks that CurrentC has already been breached. CurrentC has issued the standard response, "We take the security of our users' information extremely seriously."