Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
OpenBSD 5.5 Released
ConstantineM (965345) writes "Just as per the schedule, OpenBSD 5.5 was released today, May 1, 2014. The theme of the 5.5 release is Wrap in Time, which represents a significant achievement of changing time_t to int64_t on all platforms, as well as ensuring that all of the 8k+ OpenBSD ports still continue to build and work properly, thus doing all the heavy lifting and paving the way for all other operating systems to make the transition to 64-bit time an easier task down the line. Signed releases and packages and the new signify utility are another big selling point of 5.5, as well as OpenSSH 6.6, which includes lots of DJB crypto like chacha20-poly1305, plus lots of other goodies." -
OpenBSD 5.5 Released
ConstantineM (965345) writes "Just as per the schedule, OpenBSD 5.5 was released today, May 1, 2014. The theme of the 5.5 release is Wrap in Time, which represents a significant achievement of changing time_t to int64_t on all platforms, as well as ensuring that all of the 8k+ OpenBSD ports still continue to build and work properly, thus doing all the heavy lifting and paving the way for all other operating systems to make the transition to 64-bit time an easier task down the line. Signed releases and packages and the new signify utility are another big selling point of 5.5, as well as OpenSSH 6.6, which includes lots of DJB crypto like chacha20-poly1305, plus lots of other goodies." -
"Smart" Gun Seller Gets the Wrong Kind of Online Attention
R3d M3rcury (871886) writes "How's this for a good idea? A gun that won't fire unless it's within 10 inches of a watch? That's the iP1 from Armatrix. Of course, don't try to sell it here in the United States." From the NY Times article linked: "[Armatrix employee] Belinda Padilla does not pick up unknown calls anymore, not since someone posted her cellphone number on an online forum for gun enthusiasts. Then someone snapped pictures of the address where she has a P.O. box and put those online, too. In a crude, cartoonish scrawl, this person drew an arrow to the blurred image of a woman passing through the photo frame. 'Belinda?" the person wrote. "Is that you?" ... "I have no qualms with the idea of personally and professionally leveling the life of someone who has attempted to profit from disarming me and my fellow Americans," one commenter wrote." The article paints a fairly rosy picture of the particular technology that Armatrix is pushing, but their ID-checking gun seems to default to an unfireable state, which might not always be an attractive feature. And given that at least one state — New Jersey — has hinged a gun law on the commercial availability of these ID-linked guns, it's not surprising that some gun owners dislike a company that advertises this kind of system as "the future of the firearm." -
OpenSSH No Longer Has To Depend On OpenSSL
ConstantineM writes: "What has been planned for a long time now, prior to the infamous heartbleed fiasco of OpenSSL (which does not affect SSH at all), is now officially a reality — with the help of some recently adopted crypto from DJ Bernstein, OpenSSH now finally has a compile-time option to no longer depend on OpenSSL. `make OPENSSL=no` has now been introduced for a reduced configuration OpenSSH to be built without OpenSSL, which would leave you with no legacy SSH-1 baggage at all, and on the SSH-2 front with only AES-CTR and chacha20+poly1305 ciphers, ECDH/curve25519 key exchange and Ed25519 public keys." -
Maintaining Internet Freedom Isn't Easy (Video)
Go to Stop the Secrecy.net and you'll see that this is something that requires action now, not someday, It's about the TPP, or Trans Pacific Partnership, a trade agreement that could place major restrictions on how we use the Internet. This is far from the only attack on Internet freedom we need to fight against, just one the EFF (and others) feel is one of the worst ones in play right now. Mild-mannered Steve Anderson, founder and Executive Director of OpenMedia.ca, is today's interview guest. He's Canadian, but OpenMedia.ca doesn't stop at Canada's southern border. Steve and the rest of the group want U.S. citizens to have the same Internet freedoms they want Canadians to have -- as well as people all over the world, because Internet balkanization hurts all Internet users. Including you. And worse, this is not the only problem with the TPP. Did you notice, in the TPP link above (to Wikipedia), that parts of this trade agreement are secret? So even if you want to protest against it, you might end up holding a sign that's mostly blank. This is a "Call your Congressional representatives" situation. Unless you're in Canada, in which case it's a "Call your Member of Parliament" situation. Ditto if you're in another TPP country. In any case, it's going to take a lot of calls, letters, emails, and faxes from people like us to overcome some of the heavy money that wants the TPP to go through. (Alternate video link.) -
Interview: Ask Ben Starr About the Future of Food
samzenpus (5) writes "Ben Starr is a chef, travel writer, reality TV star, wine and beer brewer, cheesemaker, and ultimate food geek. Ben traveled all 7 continents in his early 20s, staying with local families and learning to cook the cuisines of the world in home kitchens and local markets. FRANK, his underground Dallas restaurant, has a waitlist of 3,000 and reservations are selected by random lottery. He is a passionate local and sustainable food advocate. Ben is a flag waver for the new generation of chefs who embrace modern technology, and his Camp Potluck feeds hundreds of hungry Burning Man attendees every year. Ben has agreed to put down his chef's knife and answer your questions. As usual, ask as many as you'd like, but please, one question per post." -
Target Moves To Chip and Pin Cards To Boost Security
jfruh (300774) writes "U.S. retailers must accept chip-and-pin charge cards by the end of 2015 or become liable for fraudulent purchases made with chip cards. Target, still smarting from its recent embarrassing security breach, is moving to get ahead of that trend. The company will be installing chip-and-pin terminals in all its stores, and will also be issuing chip-and-pin versions of its own branded cards, which account for about 20 percent of Target sales. Will this move by a huge retailer push the U.S. into parity with the rest of the world?" -
C++ and the STL 12 Years Later: What Do You Think Now?
profBill (98315) writes "Way back in 2002, Slashdot ran a story asking what people thought about C++ and the STL. Well, it's 2014 and C++11 is well out there with C++14 on its way.
I teach a second programming course in C++ with a heavy emphasis on the STL (containers and generic algorithms). I just wondered what people think about the situation today. Personally, I think C++11 has cleaned up a lot of problems, making it easier to use, but given all those who work with C++ for a living, I wondered what they thought today compared to then. Are people using C++11? Does it matter at all? I'd love to share the responses with my students! They are always curious about what practitioners are doing these days." -
SEC Chair On HFT: 'The Markets Are Not Rigged'
Hugh Pickens DOT Com writes "Reuters reports that U.S. Securities and Exchange Commission Chair Mary Jo White told a U.S. House of Representatives panel that she flatly rejected claims that retail investors are being fleeced by high-frequency traders who can use their speed to jump ahead with buy and sell orders that fetch better prices. 'The markets are not rigged,' says White. 'The U.S. markets are the strongest and most reliable in the world.' White's comments to the House Financial Services Committee mark the first time she has directly responded to allegations in Michael Lewis' new book Flash Boys: A Wall Street Revolt. The book alleges that high-speed traders are engaged in a form of front-running, in which the firms are able to quickly identify an investor's desire to buy a stock, rush to buy it first and then sell it back at a higher price. The SEC has been reviewing equity market structure issues, particularly following the May 6, 2010 flash crash incident when the Dow Jones Industrial Average sharply plunged before quickly rebounding. Although staff at SEC are considering whether to launch some pilot studies to test different regulatory proposals, there are no immediate plans to issue rules to crack down on high-speed trading or trading in unlit markets. 'I want to be very clear that the market metrics suggest that the retail investor is very well-served by the current market structure.'" -
Texas Sheriffs Crash $250k Drone They're Not Supposed To Be Flying
SpaceGhost writes: "The Houston Chronicle reveals that Friday morning a $250,000 drone was lost by the Sheriff's department in Lake Conroe (just north of Houston.) Divers have been searching for the drone. What's more, the drone is reportedly over the FAA's 25-pound weight limit, so they shouldn't have been flying it in the first place (the Chronicle says 49 pounds, the Montgomery County Police Reporter says 29 pounds — either way, it's too heavy). The MCPR article goes on to discuss the recently passed Texas Legislature House Bill 912 which restricts the use of drones to observe private property, likely influenced by the January 2012 discovery of illegal pig blood runoff and subsequent indictment." -
Texas Sheriffs Crash $250k Drone They're Not Supposed To Be Flying
SpaceGhost writes: "The Houston Chronicle reveals that Friday morning a $250,000 drone was lost by the Sheriff's department in Lake Conroe (just north of Houston.) Divers have been searching for the drone. What's more, the drone is reportedly over the FAA's 25-pound weight limit, so they shouldn't have been flying it in the first place (the Chronicle says 49 pounds, the Montgomery County Police Reporter says 29 pounds — either way, it's too heavy). The MCPR article goes on to discuss the recently passed Texas Legislature House Bill 912 which restricts the use of drones to observe private property, likely influenced by the January 2012 discovery of illegal pig blood runoff and subsequent indictment." -
Book Review: Designing With the Mind In Mind
benrothke (2577567) writes "Neurologists and brain scientists are in agreement that in truth, we know very little about how the brain works. With that, in the just released second edition of Designing with the Mind in Mind, a Simple Guide to Understanding User Interface Design Guidelines, author Jeff Johnson provides a fascinating introduction on the fundamentals of perceptual and cognitive psychology for effective user interface (UI) design and creation." Keep reading for the rest of Ben's review. Designing with the Mind in Mind, a Simple Guide to Understanding User Interface Design Guidelines author Jeff Johnson pages 240 publisher Morgan Kaufmann rating 9/10 reviewer Ben Rothke ISBN 978-0124079144 summary Excellent reference on the integration of user interface design and the mind Johnson heads up a consulting firm that specialized in evaluating and designing UI and brings significant experience to every chapter. He writes that following user-interface design guidelines is not as straightforward as something like following a cooking recipe; even though people often compare the two. Design rules often describe goals rather than actions, as they are purposefully very general to make them broadly applicable. The downside to that is that it means that their exact meaning and applicability to specific design situations is open to interpretation.
With that, the book provides an exceptional foundation on how to ensure effective usability is successfully implemented. The book spends a long time detailing how users make decisions and choices.
What's really good about the book is that Johnson provides ample details about the topic, but doesn't reduce it to so just a set of rules or mind-numbing (and thusly unreadable) checklists. His synopsis of the topics provides the reader with a broad understanding of the topic and what they need to do in order to ensure effective UI design is executed.
While the focus in the book is heaving on general and cognitive psychology, the book is written for the reader who is a novice in the area, and stays quite practical, without getting in the vague theoretical areas.
The book provides scores of examples of how people relate to an interface, and how to design accordingly. One of many fascinating examples is when the author details the notion of attentional blink. After we see or hear something, either in real-life or on a monitor, for a very brief amount of time following the recognition, between .15 and .45 of a second; we are nearly deaf and blind to other visual stimuli, even though our eyes and ears stay functional. Researchers call this attentional blink and it is thought to be caused by the brain's perceptual and attentional mechanism being briefly fully occupied with processing the first recognition.
What this means for a UI designer is that attentional blink can cause the user to miss information or events if things appear in rapid succession. The book then goes on to describe techniques in which to create an effective UI to deal with the effects of attentional blink. And he does this for scores of other similar issues.
Another fascinating example is around visual hierarchy, which lets people focus on the relevant information. The book notes that one of the most important goals in arranging information presentations is to provide a visual hierarchy, an arrangement that breaks the information into distinct sections, labels each section prominently, and presents the sections and subsections as a hierarchy.
The book details the myriad areas which are crucial for an effective interface. Chapters 4 and 5 provide significant detail about the importance of color for effective visual representation.
As the title suggests, the book takes a deep approach to the neuroscience and psychology in UI design. Other chapters include topics on human vision, sound, task, cognition, memory and more.
As to memory, chapter details issues around the working memory of a user. He gives numerous examples of error boxes and help screens that work and are epic failures, and how to do it right. The classic example he provides is a 4-step Windows XP wireless error message. If the user were to follow the directions, the instructions would close after step 1.
Each chapter provides numerous implications of proper and improper design, and provides the needed recommendations. While the topics may sound dry, Johnson writes in an engaging and often humorous style.
The book clearly and empirically shows how effective UI design makes all the difference on how users interact with an application or web site. The book will certainly be an important reference to software designers, web designers, web application designers and those interested in HCI, and usability.
For the designers that can't understand why their users are frustrated, they can understand why here. For designers that really want to know what is going on in their users minds, one is hard pressed to find a better reference than this.
As the subtitle of the book is Simple Guide to Understanding User Interface Design Guidelines, the book is an invaluable resource for those serious about effective UI design.
Reviewed by Ben Rothke.
You can purchase Designing with the Mind in Mind, a Simple Guide to Understanding User Interface Design Guidelines from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. -
Book Review: Designing With the Mind In Mind
benrothke (2577567) writes "Neurologists and brain scientists are in agreement that in truth, we know very little about how the brain works. With that, in the just released second edition of Designing with the Mind in Mind, a Simple Guide to Understanding User Interface Design Guidelines, author Jeff Johnson provides a fascinating introduction on the fundamentals of perceptual and cognitive psychology for effective user interface (UI) design and creation." Keep reading for the rest of Ben's review. Designing with the Mind in Mind, a Simple Guide to Understanding User Interface Design Guidelines author Jeff Johnson pages 240 publisher Morgan Kaufmann rating 9/10 reviewer Ben Rothke ISBN 978-0124079144 summary Excellent reference on the integration of user interface design and the mind Johnson heads up a consulting firm that specialized in evaluating and designing UI and brings significant experience to every chapter. He writes that following user-interface design guidelines is not as straightforward as something like following a cooking recipe; even though people often compare the two. Design rules often describe goals rather than actions, as they are purposefully very general to make them broadly applicable. The downside to that is that it means that their exact meaning and applicability to specific design situations is open to interpretation.
With that, the book provides an exceptional foundation on how to ensure effective usability is successfully implemented. The book spends a long time detailing how users make decisions and choices.
What's really good about the book is that Johnson provides ample details about the topic, but doesn't reduce it to so just a set of rules or mind-numbing (and thusly unreadable) checklists. His synopsis of the topics provides the reader with a broad understanding of the topic and what they need to do in order to ensure effective UI design is executed.
While the focus in the book is heaving on general and cognitive psychology, the book is written for the reader who is a novice in the area, and stays quite practical, without getting in the vague theoretical areas.
The book provides scores of examples of how people relate to an interface, and how to design accordingly. One of many fascinating examples is when the author details the notion of attentional blink. After we see or hear something, either in real-life or on a monitor, for a very brief amount of time following the recognition, between .15 and .45 of a second; we are nearly deaf and blind to other visual stimuli, even though our eyes and ears stay functional. Researchers call this attentional blink and it is thought to be caused by the brain's perceptual and attentional mechanism being briefly fully occupied with processing the first recognition.
What this means for a UI designer is that attentional blink can cause the user to miss information or events if things appear in rapid succession. The book then goes on to describe techniques in which to create an effective UI to deal with the effects of attentional blink. And he does this for scores of other similar issues.
Another fascinating example is around visual hierarchy, which lets people focus on the relevant information. The book notes that one of the most important goals in arranging information presentations is to provide a visual hierarchy, an arrangement that breaks the information into distinct sections, labels each section prominently, and presents the sections and subsections as a hierarchy.
The book details the myriad areas which are crucial for an effective interface. Chapters 4 and 5 provide significant detail about the importance of color for effective visual representation.
As the title suggests, the book takes a deep approach to the neuroscience and psychology in UI design. Other chapters include topics on human vision, sound, task, cognition, memory and more.
As to memory, chapter details issues around the working memory of a user. He gives numerous examples of error boxes and help screens that work and are epic failures, and how to do it right. The classic example he provides is a 4-step Windows XP wireless error message. If the user were to follow the directions, the instructions would close after step 1.
Each chapter provides numerous implications of proper and improper design, and provides the needed recommendations. While the topics may sound dry, Johnson writes in an engaging and often humorous style.
The book clearly and empirically shows how effective UI design makes all the difference on how users interact with an application or web site. The book will certainly be an important reference to software designers, web designers, web application designers and those interested in HCI, and usability.
For the designers that can't understand why their users are frustrated, they can understand why here. For designers that really want to know what is going on in their users minds, one is hard pressed to find a better reference than this.
As the subtitle of the book is Simple Guide to Understanding User Interface Design Guidelines, the book is an invaluable resource for those serious about effective UI design.
Reviewed by Ben Rothke.
You can purchase Designing with the Mind in Mind, a Simple Guide to Understanding User Interface Design Guidelines from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. -
Ask Team Trying To Return 36-Year-Old Spacecraft From Space About Their Project
samzenpus (5) writes "Last week we told you about a group that was trying to recover the 36-year-old ISEE-3 spacecraft from deep space. Led by CEO and founder of Skycorp, Dennis Wingo, and astrobiologist and editor of NASA Watch, Keith Cowing, the crowdfunded project plans to steer ISEE-3 back into an Earth orbit and return it to scientific operations. Once in orbit, they hope to turn the spacecraft and its instruments over to the public by creating an app that allows anyone access to its data. The team has agreed to take some time from lassoing spacecraft from deep space in order to answer your questions. As usual, ask as many as you'd like, but please, one question per post. Hopefully the plan goes better than xkcd predicts." -
Ask Team Trying To Return 36-Year-Old Spacecraft From Space About Their Project
samzenpus (5) writes "Last week we told you about a group that was trying to recover the 36-year-old ISEE-3 spacecraft from deep space. Led by CEO and founder of Skycorp, Dennis Wingo, and astrobiologist and editor of NASA Watch, Keith Cowing, the crowdfunded project plans to steer ISEE-3 back into an Earth orbit and return it to scientific operations. Once in orbit, they hope to turn the spacecraft and its instruments over to the public by creating an app that allows anyone access to its data. The team has agreed to take some time from lassoing spacecraft from deep space in order to answer your questions. As usual, ask as many as you'd like, but please, one question per post. Hopefully the plan goes better than xkcd predicts." -
HealthCare.gov Back-End Status: See You In September
theodp writes: "The consumer-facing parts of the Obamacare website may now work (most of the time) for people buying insurance, writes Politico, but beneath the surface, HealthCare.gov is still missing massive, critical pieces that are essential for key functions such as accurately paying insurers — and the deadline for finishing them keeps slipping. Without a fully built and operational system, federal officials can't determine how many of the 8 million Obamacare sign-ups announced last week will have actually paid their premiums. The Obama administration earlier this month indicated that insurers will continue to be paid through an 'interim' accounting process — pretty much a spreadsheet and some informed estimates — until at least September, when what is being called 'the mother of all reconciliations' will be conducted, which some fear could reveal the need for a massive correction and rate adjustments. Still, Oregon decided Friday to switch to Healthcare.gov from its own nothing-wrong-that-$78-million-couldn't-fix Cover Oregon online healthcare exchange." -
Gary Kildall, Father of the PC OS, Finally Gets His Due
theodp writes: "GeekWire reports that Gary Kildall, the creator of the landmark personal computer operating system CP/M, will be recognized posthumously by the IEEE for that contribution, in addition to his invention of BIOS, with a rare IEEE Milestone plaque. Kildall, who passed away in 1994 at the age of 52, has been called the man who could have been Bill Gates. But according to Kildall's son, his dad wasn't actually interested in being what Bill Gates became: 'He was a real inventor,' said Scott Kildall. 'He was much more interested in creating new ideas and bringing them to the world, rather than being the one that was bringing them to market and leveraging a huge amount of profits. He was such a kind human being. He was always sharing his ideas, and would sit down with people and show flowcharts of what he was thinking. I think if he were around for the open-source movement, he would be such a huge proponent of it.' Techies of a certain age will also remember Gary's work as a co-host of Computer Chronicles." -
Microsoft/Nokia Deal Closes
Last September Microsoft announced it would be purchasing Nokia's Devices and Services business. The terms have been worked out, the shareholders gave approval, and the regulatory issues were hurdled. As of today, it's official: Nokia's phone business is now Microsoft Mobile. The final price is around $7.5 billion, and 30,000 employees are transferring to Microsoft. "The purchase of the unprofitable division makes Microsoft the world’s second-largest maker of mobile phones with about 14 percent of the market, according to researcher IDC." Here's Nokia's official statement, and a rather more personal one from an employee. According to The Verge, "Nokia's Android handsets are the most intriguing part of the deal, as they shed some light on how Microsoft might approach the messy and complex nature of shipping devices that don't run the company's Windows software. The Nokia X introduces a new "forked" version of Android that’s akin to what Amazon does with its Kindle Fire line, but it also includes a Windows Phone-like UI and an Android store that's separate to Google Play. Microsoft has the chance to control another app store, but also a solid opportunity to push its own cloud-based services." One interesting note: Nokia's phone manufacturing plant in India is not part of the deal because of an ongoing tax dispute. Nokia will continue to operate it as a contract manufacturing unit for Microsoft. -
Google Mulling Wi-Fi For Cities With Google Fiber
alphadogg (971356) writes "Google is considering deploying Wi-Fi networks in towns and cities covered by its Google Fiber high-speed Internet service. The disclosure is made in a document Google is circulating to 34 cities that are the next candidates to receive Google Fiber in 2015. Specific details of the Wi-Fi plan are not included in the document, which was seen by IDG News Service, but Google says it will be 'discussing our Wi-Fi plans and related requirements with your city as we move forward with your city during this planning process.'" And while Google's had some experience running large-scale WiFi, and adding WiFi seems a much lower burden than providing fiber to the home, floating an idea (as AT&T did, to accusations of "smokescreen") is not the same as turning the switch to "On." -
New White House Petition For Net Neutrality
Bob9113 (14996) writes "On the heels of yesterday's FCC bombshell, there is a new petition on the White House petition site titled, 'Maintain true net neutrality to protect the freedom of information in the United States.' The body reads: 'True net neutrality means the free exchange of information between people and organizations. Information is key to a society's well being. One of the most effective tactics of an invading military is to inhibit the flow of information in a population; this includes which information is shared and by who. Today we see this war being waged on American citizens. Recently the FCC has moved to redefine "net neutrality" to mean that corporations and organizations can pay to have their information heard, or worse, the message of their competitors silenced. We as a nation must settle for nothing less than complete neutrality in our communication channels. This is not a request, but a demand by the citizens of this nation. No bandwidth modifications of information based on content or its source.'" -
Brazil Approves Internet Bill of Rights
First time accepted submitter Dr.Potato (247646) writes "After more than three years being discussed, Brazil's Internet Bill of Rights was approved on April 22nd (and in Portuguese). It was rushed through the senate in order that president Dilma Roussef could sign it during the meeting on internet governance that occurs in São Paulo this week. In the bill of rights, among other things, net neutrality was maintained, providers will not be legally responsible for content published by users (but are forced to take it down when legally requested) and internet providers are obliged to keep records of users' access for six months and can't pass this responsibility to other companies." Brazilian internet users may continue to have the right to be surveilled on social media, too. -
Michigan FIRST Robot Championship Bout for 2014 (Video)
For Inspiration and Recognition of Science and Technology, AKA FIRST, holds annual robot challenges, in which student teams build robots, then operate them to the cheers of an adoring crowd. Slashdot watched the Dexter Dreadbots build their 2014 contender. (The Dreadbots are Slashdot's home team.) And we've watched other FIRST competitions before, but this is the 2014 Michigan state championships. The next step after the state finals is an appearance at the National Championship Competition, which starts today, April 23, in St. Louis, although the first day is speeches and such, not actual competition. Keep an eye on usfirst.org to see who wins. And before that, you can watch the matches themselves, streamed live courtesy of NASA. (Alternate video link.) -
Michigan FIRST Robot Championship Bout for 2014 (Video)
For Inspiration and Recognition of Science and Technology, AKA FIRST, holds annual robot challenges, in which student teams build robots, then operate them to the cheers of an adoring crowd. Slashdot watched the Dexter Dreadbots build their 2014 contender. (The Dreadbots are Slashdot's home team.) And we've watched other FIRST competitions before, but this is the 2014 Michigan state championships. The next step after the state finals is an appearance at the National Championship Competition, which starts today, April 23, in St. Louis, although the first day is speeches and such, not actual competition. Keep an eye on usfirst.org to see who wins. And before that, you can watch the matches themselves, streamed live courtesy of NASA. (Alternate video link.) -
WRT54G Successor Falls Flat On Promises
New submitter JImbob0i0 writes: "Back in January, Linksys/Belkin made a big deal about their new router, the WRT1900AC, which they claimed was a successor to the venerable WRT54G, and how they were working with OpenWRT. They released it this week, but their promises have fallen far short. You need to apply patches (which don't apply cleanly) and compile yourself in order to get it to work... so long as you don't need wireless support. There has not been much response from Linksys on the mailing list to criticism of the improperly formatted patch dump and poor reviews as a result." -
Parents' Privacy Concerns Kill 'Personalized Learning' Initiative
theodp writes: "You may recall that inBloom is a data initiative that sought to personalize learning. GeekWire's Tricia Duryee now reports that inBloom, which was backed by $100 million from The Bill and Melinda Gates Foundation and others, is closing up shop after parents worried that its database technology was violating their children's privacy. According to NY Times coverage (reg.), the inBloom database tracked 400 different data fields about students — including family relationships ('foster parent' or 'father's significant other') and reasons for enrollment changes ('withdrawn due to illness' or 'leaving school as a victim of a serious violent incident') — that parents objected to, prompting some schools to recoil from the venture. In a statement, inBloom CEO Iwan Streichenberger said that personalized learning was still an emerging concept, and complained that the venture had been 'the subject of mischaracterizations and a lightning rod for misdirected criticism.' He added, 'It is a shame that the progress of this important innovation has been stalled because of generalized public concerns about data misuse, even though inBloom has world-class security and privacy protections that have raised the bar for school districts and the industry as a whole.' [Although it was still apparently vulnerable to Heartbleed.] Gates still has a couple of irons left in the data-driven personalized learning fire via his ties to Code.org, which seeks 7 years of participating K-12 students' data, and Khan Academy, which recently attracted scrutiny over its data-privacy policies." -
Parents' Privacy Concerns Kill 'Personalized Learning' Initiative
theodp writes: "You may recall that inBloom is a data initiative that sought to personalize learning. GeekWire's Tricia Duryee now reports that inBloom, which was backed by $100 million from The Bill and Melinda Gates Foundation and others, is closing up shop after parents worried that its database technology was violating their children's privacy. According to NY Times coverage (reg.), the inBloom database tracked 400 different data fields about students — including family relationships ('foster parent' or 'father's significant other') and reasons for enrollment changes ('withdrawn due to illness' or 'leaving school as a victim of a serious violent incident') — that parents objected to, prompting some schools to recoil from the venture. In a statement, inBloom CEO Iwan Streichenberger said that personalized learning was still an emerging concept, and complained that the venture had been 'the subject of mischaracterizations and a lightning rod for misdirected criticism.' He added, 'It is a shame that the progress of this important innovation has been stalled because of generalized public concerns about data misuse, even though inBloom has world-class security and privacy protections that have raised the bar for school districts and the industry as a whole.' [Although it was still apparently vulnerable to Heartbleed.] Gates still has a couple of irons left in the data-driven personalized learning fire via his ties to Code.org, which seeks 7 years of participating K-12 students' data, and Khan Academy, which recently attracted scrutiny over its data-privacy policies." -
Not Just a Cleanup Any More: LibreSSL Project Announced
An anonymous reader writes "As some of you may know, the OpenBSD team has started cleaning up the OpenSSL code base. LibreSSL is primarily developed by the OpenBSD Project, and its first inclusion into an operating system will be in OpenBSD 5.6. In the wake of Heartbleed, the OpenBSD group is creating a simpler, cleaner version of the dominant OpenSSL. Theo de Raadt, founder and leader of OpenBSD and OpenSSH, tells ZDNet that the project has already removed 90,000 lines of C code and 150,000 lines of content. The project further promises multi-OS support once they have proper funding and the right portability team in place. Please consider donating to support LibreSSL via the OpenBSD foundation." -
GitHub Founder Resigns Following Harassment Investigation
An anonymous reader writes "Late Yesterday, GitHub concluded its investigation regarding sexual harassment within its work force, and although it found no evidence of 'legal wrongdoing,' Tom Preston-Werner, one of its founding members implicated in the investigation resigned. In its statement, GitHub vows to implement 'a number of new HR and employee-led initiatives as well as training opportunities to make sure employee concerns and conflicts are taken seriously and dealt with appropriately.' Julie Ann Horvath, the former GitHub employee whose public resignation last month inspired the sexual harassment investigation, found the company's findings to be gratuitous and just plain wrong." -
AMD Not Trying To Get Its Chips Into Low-Cost Tablets
jfruh (300774) writes "While Intel is going after low-end Android tablets in a big way chipmaking x86 rival AMD is taking a more judicious approach, looking to focus on the high end. 'This idea of contra revenue is foreign to us,' said AMD's CEO, referring to Intel's strategy of selling chips at a loss to boost market share. But will Intel's vast resources keep AMD in its niche?" -
Snowden to Critics: Questioning Putin Has Opened Conversation About Surveillance
The Guardian carries Edward Snowden's detailed rebuttal to critics who say that his recent live-TV interaction with Vladimir Putin, in which Snowden asked whether the Russian government was engaged in spying on Russian citizens' communications, was a scripted moment intended to curry or maintain favor with Putin. After all, Snowden is currently living in Russia, where he has been granted only temporary harbor, goes this argument, so he is at the mercy of the Russian government, and has just gamely thrown Putin a softball. (Slashdot reader Rambo Tribble said the exchange had a "canned quality," a sentiment widely echoed.) Snowden writes that, far from being a whitewash of actual policies by the Russian government, his question ("Does [your country] intercept, analyse or store millions of individuals' communications?") "was intended to mirror the now infamous exchange in US Senate intelligence committee hearings between senator Ron Wyden and the director of national intelligence, James Clapper, about whether the NSA collected records on millions of Americans, and to invite either an important concession or a clear evasion"; he decribes Putin's answer as a combination of inconsistent denial and evasion. Snowden writes: "I blew the whistle on the NSA's surveillance practices not because I believed that the United States was uniquely at fault, but because I believe that mass surveillance of innocents – the construction of enormous, state-run surveillance time machines that can turn back the clock on the most intimate details of our lives – is a threat to all people, everywhere, no matter who runs them. Last year, I risked family, life, and freedom to help initiate a global debate that even Obama himself conceded 'will make our nation stronger.' I am no more willing to trade my principles for privilege today than I was then. I understand the concerns of critics, but there is a more obvious explanation for my question than a secret desire to defend the kind of policies I sacrificed a comfortable life to challenge: if we are to test the truth of officials' claims, we must first give them an opportunity to make those claims." -
General Mills Retracts "No Right to Sue" EULA Clause
Just a few days after General Mills changed its policies to declare that people who so much as "liked" their page on Facebook thereby waived their right to sue the company in favor of arbitration, the company has reversed itself: "The announcement resulted in huge backlash on social media, as well as from consumer groups. Legal experts expressed doubts it could ever be enforced. Hamline Law Professor David Schultz appeared on WCCO Sunday Morning. “When I first saw this earlier this week I said this is questionable at best from a legal point of view,” he said. “From a marketing point of view, it’s a dumb idea, too, but legally it didn’t rest on very sound grounds so it’s not a surprise that they are reversing it. The lawyers at General Mills should have known better.” -
Google and Facebook: Unelected Superpowers?
theodp (442580) writes "'The government is not the only American power whose motivations need to be rigourously examined,' writes The Telegraph's Katherine Rushton. 'Some 2,400 miles away from Washington, in Silicon Valley, Google is aggressively gaining power with little to keep it in check. It has cosied up to governments around the world so effectively that its chairman, Eric Schmidt, is a White House advisor. In Britain, its executives meet with ministers more than almost any other corporation. Google can't be blamed for this: one of its jobs is to lobby for laws that benefit its shareholders, but it is up to governments to push back. As things stand, Google — and to a lesser extent, Facebook — are in danger of becoming the architects of the law.' Schmidt, by the way, is apparently interested in influencing at least two current hot-button White House issues. Joined by execs from Apple, Oracle, and Facebook, the Google Chairman asserted in a March letter to Secretary of State John Kerry that the proposed Keystone XL pipeline is not in the economic interests of the U.S.; the Obama administration on Friday extended the review period on the pipeline, perhaps until after the Nov. 4 congressional elections. And as a 'Major Contributor' to Mark Zuckerberg's FWD.us PAC, Schmidt is also helping to shape public opinion on the White House's call for immigration reform; FWD.us just launched new attack ads (videos) and a petition aimed at immigration reform opponent Rep. Steve King. In Dave Eggers' The Circle, politicians who impede the company execs' agenda are immediately brought down. But that's fiction, right?" -
LADEE Probe Ends Its Mission On the Far Side Of the Moon
The mission of NASA's LADEE probe was brought to an intentional violent end yesterday, when it smashed into the far side of the moon. As the Ars Technica report explains, "NASA's policy is to treat the locations of the Moon landings as historical sites, and it takes pains to preserve them from possible damage. LADEE didn't have the fuel to control its orbit indefinitely. As a result, the controllers had been preparing to terminate the probe for several weeks. ... The exact moment of impact isn't clear, since the precise terrain it hit couldn't be determined in advance. (If it hit a ridge, it would have happened earlier than if LADEE plowed across a plain. What is clear is that the impact destroyed the probe." Before the end of LADEE's mission, besides close up observations, the craft was used to test a new laser-based communication system. -
Obama Delays Decision On Keystone Pipeline Yet Again
Hugh Pickens DOT Com (2995471) writes "The Christian Science Monitor reports that once again, the Obama administration has pushed back a final decision on the controversial Keystone XL pipeline possibly delaying the final determination until after the November midterm elections. In announcing the delay, the State Department cited a Nebraska Supreme Court case that could affect the route of the pipeline that may not be decided until next year, as well as additional time needed to review 2.5 million public comments on the project. Both supporters and opponents of the pipeline criticized the delay as a political ploy. Democratic incumbents from oil-rich states have urged President Obama to approve the pipeline but approving the pipeline before the election could staunch the flow of money from liberal donors and fund-raisers who oppose the project. The Senate Republican leader, Mitch McConnell said in a statement that "at a time of high unemployment in the Obama economy, it's a shame that the administration has delayed the construction of the Keystone XL pipeline for years." Activists say its construction could devastate the environment, but several State Department reviews have concluded that the pipeline would be safe and was unlikely to significantly increase the rate of carbon pollution in the atmosphere. Even if the pipeline was canceled, it said, the oil sands crude was likely to be extracted and brought to market by other means, such as rail, and then processed and burned." -
Bug Bounties Don't Help If Bugs Never Run Out
Bennett Haselton writes: "I was an early advocate of companies offering cash prizes to researchers who found security holes in their products, so that the vulnerabilities can be fixed before the bad guys exploited them. I still believe that prize programs can make a product safer under certain conditions. But I had naively overlooked that under an alternate set of assumptions, you might find that not only do cash prizes not make the product any safer, but that nothing makes the product any safer — you might as well not bother fixing certain security holes at all, whether they were found through a prize program or not." Read on for the rest of Bennett's thoughts.In 2007 I wrote:
It's virtually certain that if a company like Microsoft offered $1,000 for a new IE exploit, someone would find at least one and report it to them. So the question facing Microsoft when they choose whether to make that offer, is: Would they rather have the $1,000, or the exploit? What responsible company could possibly choose "the $1,000"? Especially considering that if they don't offer the prize, and as a result that particular exploit doesn't get found by a white-hat researcher, someone else will probably find it and sell it on the black market instead?
Well, I still believe that part's true. You can visualize it even more starkly this way: A stranger approaches a company like Microsoft holding two envelopes, one containing $1,000 cash, and the other containing an IE security vulnerability which hasn't yet been discovered in the wild, and asks Microsoft to pick one envelope. It would sound short-sighted and irresponsible for Microsoft to pick the envelope containing the cash — but when Microsoft declines to offer a $1,000 cash prize for vulnerabilities, it's exactly like choosing the envelope with the $1,000. You might argue that it's "not exactly the same" because Microsoft's hypothetical $1,000 prize program would be on offer for bugs which haven't been found yet, but I'd argue that's a distinction without a difference. If Microsoft did offer a $1,000 prize program, it's virtually certain that someone would come forward with a qualifying exploit (and if nobody did, then the program would be moot anyway) — so both scenarios simply describe a choice between $1,000 and finding a new security vulnerability.
But I would argue that there are certain assumptions under which it would make sense not to offer a cash prize program — and, in keeping with my claim that this is equivalent to the envelope-choice problem, under those assumptions it actually would make sense for Microsoft to turn down the envelope containing the vulnerability, and take the cash instead. (When I say it would "make sense", I mean both from a profit-motive standpoint, and for the purposes of protecting the security of their users' computers.)
On Monday night I saw a presentation put on by Seattle's Pacific Science Center "Science Cafe" program, in which Professor Tadayoshi Kohno described how he and his team were able to defeat the security protocols of a car's embedded computer system by finding and exploiting a buffer overflow. That's scary enough, but it was more interesting how his description of the task made it sound like a foregone conclusion that they would find one — you simply sink this many person-hours into the task of looking for a buffer overflow, and eventually you'll find one that can enable a complete takeover of the car. (He confirmed to me afterwards that in his estimation, once the manufacturer had fixed that vulnerability, he figured his same team could have found another one with the same amount of effort.)
More generally, I think it's reasonable to assume that for a given product, there is a certain threshold amount of money/effort/person-hours such that if you throw that much effort at finding a new security vulnerability, you will always find a new one. Suppose you call this the "infinite bug threshold." Obviously the amount of vulnerabilities is not really infinite — you can only do finitely many things to a product in a finite amount of time, after all — but suppose it's so close to infinite as to make no difference, because the manufacturer would never be able to fix all the vulnerabilities that could be found for that amount of effort. I'm sure that $10 million worth of effort, paid to the right people, will always find you a new security vulnerability in the Apache web server; the same is probably true for some dollar number much lower than that, and you could call that the "infinite bug threshold". On the other hand, by definition of that threshold, that means that the amount of vulnerabilities that can be found for any amount of money below that, will be finite and manageable.
(I'm hand-waving over some details here, such as the disputes over whether two different bugs are really considered "distinct," or the fact that once you've found one vulnerability, the cost of finding other closely related vulnerabilities in the same area of the product, often goes way down. But I don't think these complications negate the argument.)
Meanwhile, you have the black-market value of a given type of vulnerability in a given product. This may be the value that you could actually sell it for on the black market, or it may be the maximum amount of effort that a cyber-criminal would invest in finding a new vulnerability. If a cyber-criminal will only start looking for a particular type of vulnerability if they estimate they can find one for less than $50,000 worth of effort, then $50,000 is how much that type of vulnerability is worth to them.
Now consider the case where
infinite bug threshold > black-market value
This is the good case. It means that if the manufacturer offered a prize equal to the black-market value of an exploit, any rational security researcher who found a vulnerability, could sell it to the manufacturer rather than offering it on the black market (assuming they would find the manufacturer more reliable and pleasant to deal with than the Russian cyber-mafia). And we're below the infinite bug threshold, so by definition the manufacturer only has to pay out a finite and manageable number of those prizes, before all such vulnerabilities have been found and fixed. I've made a couple of optimistic assumptions here, such as that the manufacturer would be willing to pay prizes in the first place, and that they could correctly estimate what the black-market value of a bug would be. But at least there's hope.
On other hand, if
infinite bug threshold < black market value
everything gets much worse. This means that no matter how many vulnerabilities you find and fix, by the definition of the infinite bug threshold there will always be another vulnerability that a black-hat will find it worthwhile to discover and exploit.
And that's the pessimistic scenario where it doesn't really matter whether Microsoft chooses the envelope with the vulnerability or the envelope with the $1,000, if the infinite-bug-threshold happens to be below $1,000. (Let's hope it's not that low in practice! But the same analysis would apply to any higher number.) If the black-market-value of a bug is at least $1,000, so that's what the attacker is willing to spend to find one, and if that's above the infinite-bug-threshold, then you might as well not bother fixing any particular bug at that level, because the attacker can always just find another one. It doesn't even matter whether you have a prize program or not; the product is in a permanent state of unfixable vulnerability.
At that point, the only ways to flip the direction of the inequality, to reach the state where "infinite bug threshold > black-market value", would be to decrease the black market value of the vulnerability, or increase the infinite bug threshold for your product. To decrease the black market value, you could implement more severe punishments for cyber-criminals, which makes them less willing to commit risky crimes using a security exploit. Or you could implement greater checks and balances to prevent financial fraud, which decreases the incentives for exploits. But these are society-wide changes that would not be under the control of the software manufacturer. (I'm not sure if there's anything a software company could do by themselves to lower the black-market value of a vulnerability in their product, other than voluntarily decreasing their own market share so that there are fewer computers that can be compromised using their software! Can you think of any other way?)
Raising the infinite bug threshold for the product, on the other hand, may require re-writing the software from scratch, or at least the most vulnerable components, paying stricter attention to security-conscious programming standards. Professor Kohno said after his talk that he believed that if the programmers of the car's embedded systems had followed better security coding practices, such as the principle of least privilege, then his team would not have found vulnerabilities so easily.
I still believe that cash prizes have the potential to achieve security utopia, at least with regard to the particular programs the prizes are offered for — but only where the "infinite bug threshold > black-market value" inequality holds, and only if the company is willing to offer the prizes. If the software is written in a security-conscious manner such that the infinite bug threshold is likely to be higher than the black-market value, and the manufacturer offers a vulnerability prize at least equal to the black-market value, then virtually all vulnerabilities which can be found for less than that much effort, will be reported to the manufacturer and fixed. Once that nirvana has been achieved, for an attacker to find a new exploit, the attacker would have to be (1) irrational (spending an estimated $70,000 to find a vulnerability that is only worth $50,000), and (2) evil beyond merely profit motive (using the bug for $50,000 of ill-gotten gain, instead of simply turning it in to the manufacturer for the same amount of money!). That's not logically impossible, but we would expect it to be rare.
On the other hand, for programs and classes of vulnerabilities where "infinite bug threshold < black-market value", there is literally nothing that can be done to make them secure against an attacker who has time to find the next exploit. You can have multiple lines of defense, like installing anti-virus software on your PC in case a website uses a vulnerability in Internet Explorer to try and infect your computer with a virus. But Kaspersky doesn't make anything for cars.
-
Linux Voice is a New Magazine for Linux Users — On Paper (Video)
This is an interview with Graham Morrison, who is one of four people behind the shiny-new Linux Voice magazine, which is printed on (gasp) paper. Yes, paper, even though it's 2014 and a lot of people believe the idea of publishing a physical newspaper or magazine is dead. But, Graham says, when you have a tight community (like Linux users and developers) you have an opportunity to make a successful magazine for that community. This is a crowdfunded venture, through Indiegogo, where they hoped to raise £90,000 -- but ended up with £127,603, which is approximately $214,288 as of this video's publishing date. So they have a little capital to work with. Also note: these are not publishing neophytes. All four of the main people behind Linux Voice used to work on the well-regarded Linux Format magazine. Graham says they're getting subscribers and newsstand sales at a healthy rate, so they're happily optimistic about their magazine's future. (Here's an alternate video link) -
Apache OpenOffice Reaches 100 Million Downloads. Now What?
We're thankfully long past the days when an emailed Word document was useless without a copy of Microsoft Word, and that's in large part thanks to the success of the OpenOffice family of word processors. "Family," because the OpenOffice name has been attached to several branches of a codebase that's gone through some serious evolution over the years, starting from its roots in closed-source StarOffice, acquired and open-sourced by Sun to become OpenOffice.org. The same software has led (via some hamfisted moves by Oracle after its acquisition of Sun) to the also-excellent LibreOffice. OpenOffice.org's direct descendant is Apache OpenOffice, and an anonymous reader writes with this excellent news from that project: "The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 170 Open Source projects and initiatives, announced today that Apache OpenOffice has been downloaded 100 million times. Over 100 million downloads, over 750 extensions, over 2,800 templates. But what does the community at Apache need to do to get the next 100 million?" If you want to play along, you can get the latest version of OpenOffice from SourceForge (Slashdot's corporate cousin). I wonder how many government offices -- the U.S. Federal government has long been Microsoft's biggest customer -- couldn't get along just fine with an open source word processor, even considering all the proprietary-format documents they're stuck with for now. -
Apache OpenOffice Reaches 100 Million Downloads. Now What?
We're thankfully long past the days when an emailed Word document was useless without a copy of Microsoft Word, and that's in large part thanks to the success of the OpenOffice family of word processors. "Family," because the OpenOffice name has been attached to several branches of a codebase that's gone through some serious evolution over the years, starting from its roots in closed-source StarOffice, acquired and open-sourced by Sun to become OpenOffice.org. The same software has led (via some hamfisted moves by Oracle after its acquisition of Sun) to the also-excellent LibreOffice. OpenOffice.org's direct descendant is Apache OpenOffice, and an anonymous reader writes with this excellent news from that project: "The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 170 Open Source projects and initiatives, announced today that Apache OpenOffice has been downloaded 100 million times. Over 100 million downloads, over 750 extensions, over 2,800 templates. But what does the community at Apache need to do to get the next 100 million?" If you want to play along, you can get the latest version of OpenOffice from SourceForge (Slashdot's corporate cousin). I wonder how many government offices -- the U.S. Federal government has long been Microsoft's biggest customer -- couldn't get along just fine with an open source word processor, even considering all the proprietary-format documents they're stuck with for now. -
RCMP Arrest Canadian Teen For Heartbleed Exploit
According to PC Mag, a "19-year-old Canadian was arrested on Tuesday for his alleged role in the breach of the Canada Revenue Agency (CRA) website, the first known arrest for exploiting the Heartbleed bug. Stephen Arthuro Solis-Reyes (pictured) of London, Ontario faces one count of Unauthorized Use of Computer and one count of Mischief in Relation to Data." That exploit led to a deadline extension for some Canadian taxpayers in getting in their returns this year. The Register has the story as well. The Montreal Gazette has some pointed questions about how much the Canadian tax authorities knew about the breach, and when. -
Switching From Sitting To Standing At Your Desk
Hugh Pickens DOT Com (2995471) writes "Chris Bowlby reports at BBC that medical research has been building up for a while now, suggesting constant sitting is harming our health — potentially causing cardiovascular problems or vulnerability to diabetes. Advocates of sit-stand desks say more standing would benefit not only health, but also workers' energy and creativity. Some big organizations and companies are beginning to look seriously at reducing 'prolonged sitting' among office workers. 'It's becoming more well known that long periods of sedentary behavior has an adverse effect on health,' says GE engineer Jonathan McGregor, 'so we're looking at bringing in standing desks.' The whole concept of sitting as the norm in workplaces is a recent innovation, points out Jeremy Myerson, professor of design at the Royal College of Art. 'If you look at the late 19th Century,' he says, Victorian clerks could stand at their desks and 'moved around a lot more'. 'It's possible to look back at the industrial office of the past 100 years or so as some kind of weird aberration in a 1,000-year continuum of work where we've always moved around.' What changed things in the 20th Century was 'Taylorism' — time and motion studies applied to office work. 'It's much easier to supervise and control people when they're sitting down,' says Myerson. What might finally change things is if the evidence becomes overwhelming, the health costs rise, and stopping employees from sitting too much becomes part of an employer's legal duty of care. 'If what we are creating are environments where people are not going to be terribly healthy and are suffering from diseases like cardiovascular disease and diabetes,' says Prof Alexi Marmot, a specialist on workplace design, 'it's highly unlikely the organization benefits in any way.'" -
FBI Drone Deployment Timeline
An anonymous reader writes "The FBI insists that it uses drone technology to conduct surveillance in 'very limited circumstances.' What those particular circumstances are remain a mystery, particularly since the Bureau refuses to identify instances where agents deployed unmanned aerial vehicles, even as far back as 2006. In a letter to Senator Ron Paul last July, the FBI indicated that it had used drones a total of ten times since late 2006—eight criminal cases and two national security cases—and had authorized drone deployments in three additional cases, but did not actually fly them. The sole specific case where the FBI is willing to confirm using a drone was in February 2013, as surveillance support for a child kidnapping case in Alabama. New documents obtained by MuckRock as part of the Drone Census flesh out the timeline of FBI drone deployments in detail that was previously unavailable. While heavily redacted—censors deemed even basic facts that were already public about the Alabama case to be too sensitive for release, apparently—these flight orders, after action reviews and mission reports contain new details of FBI drone flights." -
Code Quality: Open Source vs. Proprietary
just_another_sean sends this followup to yesterday's discussion about the quality of open source code compared to proprietary code. Every year, Coverity scans large quantities of code and evaluates it for defects. They've just released their latest report, and the findings were good news for open source. From the article: "The report details the analysis of 750 million lines of open source software code through the Coverity Scan service and commercial usage of the Coverity Development Testing Platform, the largest sample size that the report has studied to date. A few key points: Open source code quality surpasses proprietary code quality in C/C++ projects. Linux continues to be a benchmark for open source quality. C/C++ developers fixed more high-impact defects. Analysis found that developers contributing to open source Java projects are not fixing as many high-impact defects as developers contributing to open source C/C++ projects." -
Ask Slashdot: What Good Print Media Is Left?
guises writes: "A recent story discussing the cover of Byte Magazine reminded me of just how much we've lost with the death of print media. The Internet isn't what took down Byte, but a lot of other really excellent publications have fallen by the wayside as a result of the shift away from the printed page. We're not quite there yet, though. There seem to still be some holdouts, so I'm asking Slashdot: what magazines (or zines, or newsletters, or newspapers) are still hanging around that are worth subscribing to?" -
Lavabit Loses Contempt Appeal
After being forced to turn over encryption keys (being held in contempt of court for several weeks after initially refusing to comply), secure mail provider Lavabit halted all operations last year. With the assistance of the EFF, an appeal was mounted. Today, the appeals court affirmed the district court decision and rejected the appeal. From Techdirt: "The ruling does a decent job explaining the history of the case, which also details some of the (many, many) procedural mistakes that Lavabit made along the way, which made it a lot less likely it would succeed here. ... The procedural oddities effectively preclude the court even bothering with the much bigger and important question of whether or not a basic pen register demand requires a company to give up its private keys. The hail mary attempt in the case was to argue that because the underlying issues are of 'immense public concern' (and they are) that the court should ignore the procedural mistakes. The court flatly rejects that notion: 'exhuming forfeited arguments when they involve matters of “public concern” would present practical difficulties. For one thing, identifying cases of a “public concern” and “non-public concern” –- divorced from any other consideration –- is a tricky task governed by no objective standards..... For another thing, if an issue is of public concern, that concern is likely more reason to avoid deciding it from a less-than-fully litigated record....'" -
Bill Gates Patents Detecting, Responding To "Glassholes"
theodp (442580) writes "As Google Glass goes on sale [ed: or rather, went on sale] to the general public, GeekWire reports that Bill Gates has already snagged one patent for 'detecting and responding to an intruding camera' and has another in the works. The invention proposes to equip computer and device displays with technology for detecting and responding to any cameras in the vicinity by editing or blurring the content on the screen, or alerting the user to the presence of the camera. Gates and Nathan Myhrvold are among the 16 co-inventors of the so-called Unauthorized Viewer Detection System and Method, which the patent application notes is useful 'while a user is taking public transportation, where intruding cameras are likely to be present.' So, is Bill's patent muse none other than NYC subway rider Sergey Brin?" A more cynical interpretation: closing the analog hole. Vaguely related, mpicpp pointed out that Google filed a patent for cameras embedded in contact lenses. -
Bill Gates Patents Detecting, Responding To "Glassholes"
theodp (442580) writes "As Google Glass goes on sale [ed: or rather, went on sale] to the general public, GeekWire reports that Bill Gates has already snagged one patent for 'detecting and responding to an intruding camera' and has another in the works. The invention proposes to equip computer and device displays with technology for detecting and responding to any cameras in the vicinity by editing or blurring the content on the screen, or alerting the user to the presence of the camera. Gates and Nathan Myhrvold are among the 16 co-inventors of the so-called Unauthorized Viewer Detection System and Method, which the patent application notes is useful 'while a user is taking public transportation, where intruding cameras are likely to be present.' So, is Bill's patent muse none other than NYC subway rider Sergey Brin?" A more cynical interpretation: closing the analog hole. Vaguely related, mpicpp pointed out that Google filed a patent for cameras embedded in contact lenses. -
San Francisco's Housing Crisis Explained
An anonymous reader writes "We've heard a few brief accounts recently of the housing situation in San Francisco, and how it's leading to protests, gentrification, and bad blood between long-time residents and the newer tech crowd. It's a complicated issue, and none of the reports so far have really done it justice. Now, TechCrunch has posted a ludicrously long article explaining exactly what's going on, from regulations forbidding Google to move people into Mountain View instead, to the political battle to get more housing built, to the compromises that have already been made. It's a long read, but well-researched and interesting. It concludes: 'The crisis we're seeing is the result of decades of choices, and while the tech industry is a sexy, attention-grabbing target, it cannot shoulder blame for this alone. Unless a new direction emerges, this will keep getting worse until the next economic crash, and then it will re-surface again eight years later. Or it will keep spilling over into Oakland, which is a whole other Pandora's box of gentrification issues. The high housing costs aren't healthy for the city, nor are they healthy for the industry. Both thrive on a constant flow of ideas and people.'" -
San Francisco's Housing Crisis Explained
An anonymous reader writes "We've heard a few brief accounts recently of the housing situation in San Francisco, and how it's leading to protests, gentrification, and bad blood between long-time residents and the newer tech crowd. It's a complicated issue, and none of the reports so far have really done it justice. Now, TechCrunch has posted a ludicrously long article explaining exactly what's going on, from regulations forbidding Google to move people into Mountain View instead, to the political battle to get more housing built, to the compromises that have already been made. It's a long read, but well-researched and interesting. It concludes: 'The crisis we're seeing is the result of decades of choices, and while the tech industry is a sexy, attention-grabbing target, it cannot shoulder blame for this alone. Unless a new direction emerges, this will keep getting worse until the next economic crash, and then it will re-surface again eight years later. Or it will keep spilling over into Oakland, which is a whole other Pandora's box of gentrification issues. The high housing costs aren't healthy for the city, nor are they healthy for the industry. Both thrive on a constant flow of ideas and people.'" -
Netflix Gets What It Pays For: Comcast Streaming Speeds Skyrocket
jfruh (300774) writes "Back in February, after a lengthy dispute, Netflix agreed to pay Comcast for network access after being dogged by complaints of slow speeds from Comcast subscribers. Two months later, it appears that Comcast has delivered on its promises, jumping up six places in Netflix's ISP speed rankings. The question of whether this is good news for anyone but Comcast is still open." -
Mozilla Appoints Former Marketing Head Interim CEO
itwbennett (1594911) writes "Following the contentious and ultimately failed appointment of Brendan Eich as CEO last month, the Mozilla Corporation has appointed Chris Beard to the board of directors and made him interim CEO. Beard starting working as chief marketing officer for Mozilla in 2004, and oversaw the launch of its current browser, Firefox, in 2005. Beard also managed the launches of Firefox on Android and the Firefox OS for mobile phones." See the official announcement. Quoting: "We began exploring the idea of Chris joining the Board of Directors some months ago. Chris has been a Mozillian longer than most. He’s been actively involved with Mozilla since before we shipped Firefox 1.0, he’s guided and directed many of our innovative projects, and his vision and sense of Mozilla is equal to anyone’s. I have relied on his judgement and advice for nearly a decade. This is an excellent time for Chris to bring his understanding of Mozilla to the Board."