Domain: wikipedia.org
Stories and comments across the archive that link to wikipedia.org.
Stories · 7,048
-
Fructose As Culprit In the Obesity Epidemic
drewtheman writes "According to an interview with Dr. Robert Lustig, Professor of Pediatric Endocrinology from the University of California, San Francisco, fructose, once touted as diabetic-friendly because it doesn't raise insulin levels directly, could be a major culprit for the obesity epidemic, high blood pressure, and elevated blood levels of LDL in Americans and others worldwide as they adopt American-style diets. Fructose comprises 50% of table sugar and up to 90% of high-fructose corn syrup, both ingredients found in copious quantity in most American prepared foods." -
BBC Trust to Meet With OSC Over iPlayer
Virgil Tibbs writes "With the Launch of the BBC's iPlayer imminent, the BBC trust has agreed to hear the Open Source Consortium's concerns regarding the BBC iPlayer's tie in with Microsoft's software. The move by the BBC to use Windows Media DRM & their apparent lack of commitment towards other platforms has caused outrage in many circles and prompted several online petitions." -
The Dusty Concern for the Mission to Mars
eldavojohn writes "Astronauts sent to the red planet may find much of their job involving the task of dusting off their equipment and suits. The president says we're going there but the dusty planet has some obstacles and uncertainties for engineers because we don't have a sample of Martian dust. Is it toxic? Will it conduct electricity and short circuits? Will astronauts suffer from the triboelectric effect? How large is the average grain? Will humans be allergic to it? Will sinuses jeopardize a mission? Will a dust storm stop a take off and return flight? So many uncertainties from something as simple as dust but one thing is clear — we need samples!" -
Canonical Begins To Open-Source Launchpad
kripkenstein writes "Canonical, the corporation behind Ubuntu, has begun to open-source Launchpad. Canonical has been criticized for not doing so earlier. The first component of Launchpad to be open-sourced is Storm, described as an 'object-relational mapper for Python.' A tutorial with many examples is available. The license for Storm is the LGPL 2.1. Inspection of the source files shows they contain the common phrase, 'either version 2.1 of the License, or (at your option) any later version,' meaning that Storm is LGPLv3-compatible." -
Did We Really Need Seven New Wonders?
freakxx writes "Seven new 'wonders of the world' have been announced today in a ceremony in Lisbon, Portugal. People throughout the world have voted actively to elect the new 7 out of 21 finalists. The final lineup is: Chichen Itza, Mexico; Christ Redeemer, Brazil; The Great Wall, China; Machu Picchu, Peru; Petra, Jordan; The Roman Colosseum, Italy; and The Taj Mahal, India. The Pyramids of Giza was the only candidate that used to be among the original seven wonders. Did we really need seven new wonders of the world? Why was this decided via a website poll (pdf) and SMS messages?" -
Did We Really Need Seven New Wonders?
freakxx writes "Seven new 'wonders of the world' have been announced today in a ceremony in Lisbon, Portugal. People throughout the world have voted actively to elect the new 7 out of 21 finalists. The final lineup is: Chichen Itza, Mexico; Christ Redeemer, Brazil; The Great Wall, China; Machu Picchu, Peru; Petra, Jordan; The Roman Colosseum, Italy; and The Taj Mahal, India. The Pyramids of Giza was the only candidate that used to be among the original seven wonders. Did we really need seven new wonders of the world? Why was this decided via a website poll (pdf) and SMS messages?" -
Did We Really Need Seven New Wonders?
freakxx writes "Seven new 'wonders of the world' have been announced today in a ceremony in Lisbon, Portugal. People throughout the world have voted actively to elect the new 7 out of 21 finalists. The final lineup is: Chichen Itza, Mexico; Christ Redeemer, Brazil; The Great Wall, China; Machu Picchu, Peru; Petra, Jordan; The Roman Colosseum, Italy; and The Taj Mahal, India. The Pyramids of Giza was the only candidate that used to be among the original seven wonders. Did we really need seven new wonders of the world? Why was this decided via a website poll (pdf) and SMS messages?" -
Did We Really Need Seven New Wonders?
freakxx writes "Seven new 'wonders of the world' have been announced today in a ceremony in Lisbon, Portugal. People throughout the world have voted actively to elect the new 7 out of 21 finalists. The final lineup is: Chichen Itza, Mexico; Christ Redeemer, Brazil; The Great Wall, China; Machu Picchu, Peru; Petra, Jordan; The Roman Colosseum, Italy; and The Taj Mahal, India. The Pyramids of Giza was the only candidate that used to be among the original seven wonders. Did we really need seven new wonders of the world? Why was this decided via a website poll (pdf) and SMS messages?" -
Did We Really Need Seven New Wonders?
freakxx writes "Seven new 'wonders of the world' have been announced today in a ceremony in Lisbon, Portugal. People throughout the world have voted actively to elect the new 7 out of 21 finalists. The final lineup is: Chichen Itza, Mexico; Christ Redeemer, Brazil; The Great Wall, China; Machu Picchu, Peru; Petra, Jordan; The Roman Colosseum, Italy; and The Taj Mahal, India. The Pyramids of Giza was the only candidate that used to be among the original seven wonders. Did we really need seven new wonders of the world? Why was this decided via a website poll (pdf) and SMS messages?" -
Did We Really Need Seven New Wonders?
freakxx writes "Seven new 'wonders of the world' have been announced today in a ceremony in Lisbon, Portugal. People throughout the world have voted actively to elect the new 7 out of 21 finalists. The final lineup is: Chichen Itza, Mexico; Christ Redeemer, Brazil; The Great Wall, China; Machu Picchu, Peru; Petra, Jordan; The Roman Colosseum, Italy; and The Taj Mahal, India. The Pyramids of Giza was the only candidate that used to be among the original seven wonders. Did we really need seven new wonders of the world? Why was this decided via a website poll (pdf) and SMS messages?" -
Did We Really Need Seven New Wonders?
freakxx writes "Seven new 'wonders of the world' have been announced today in a ceremony in Lisbon, Portugal. People throughout the world have voted actively to elect the new 7 out of 21 finalists. The final lineup is: Chichen Itza, Mexico; Christ Redeemer, Brazil; The Great Wall, China; Machu Picchu, Peru; Petra, Jordan; The Roman Colosseum, Italy; and The Taj Mahal, India. The Pyramids of Giza was the only candidate that used to be among the original seven wonders. Did we really need seven new wonders of the world? Why was this decided via a website poll (pdf) and SMS messages?" -
Are 80 Columns Enough?
ThinkGeek writes "Dating back to the venerable DEC VT100, the 80 column terminal has served us well for over 25 years. Even now, many open source projects and common conventions require lines of code and documentation to fit on that terminal. I am not alone, judging by code I've seen in and out of the open source world, in finding that number insufficient for coding, much less more verbose writing. Given that modern graphical displays (and all popular editors) are capable of far more, is it time we came up with a new standard-sized terminal? If so, what should the new standard be?" -
Ancient Robot Was Programmed with Rope
Pingu93 writes "New Scientist has a feature about the 'worlds first' programmable robot, dating from 60AD. It was designed by a Greek inventor who was, appropriately enough, called Hero. He designed his rolling machine so that it could be programmed using rope and pegs in different configurations. Some of the writers at New Scientist went so far as to build their own version of the robot and the technology blog has some video of it in action." -
Robert A. Heinlein's 100th Birthday
sasdrtx writes "Today is Robert A. Heinlein's 100th birthday. Regarded as one of the most influential hard Sci-Fi authors of the 20th century, it's definitely worth looking back at his influence on not only science fiction, but the space program, the english language, counter-culture, and political discourse. The Space Review has a piece entitled Ride the Lightning, which discusses Heinlein's history with the space program and (sometimes incorrect) assertions about the future of space flight. For a look at the official celebration, the Heinlein Centennial website has numerous resources available. The program for the event (pdf) makes it sound like they're having a great time in Kansas City." -
Mike Godwin hired by Wikimedia Foundation
Raul654 writes "Mike Godwin, first legal counsel for the EFF who is best known for coining Godwin's law, has been hired as the legal counsel for the Wikimedia Foundation." -
Mike Godwin hired by Wikimedia Foundation
Raul654 writes "Mike Godwin, first legal counsel for the EFF who is best known for coining Godwin's law, has been hired as the legal counsel for the Wikimedia Foundation." -
Mike Godwin hired by Wikimedia Foundation
Raul654 writes "Mike Godwin, first legal counsel for the EFF who is best known for coining Godwin's law, has been hired as the legal counsel for the Wikimedia Foundation." -
Deathbed Confession Says Aliens Were at Roswell
xnuandax writes "The army's explanation of weather balloons in the Roswell, New Mexico incident 60 years ago has been dealt a serious public relations blow. Late Army Lt. Walter Haut had signed a sealed affidavit prior to his death last year asserting that he had witnessed the wreckage of an egg-shaped craft and its extraterrestrial crew while working at the Roswell Army Air Field. An article at News.com.au reviews how Haut had worked as public relations officer for the Roswell base and was involved in the original weather balloon explanation of events at the time. This recent evidence would seem to confirm speculation that egg-shaped saucers are notoriously difficult to fly safely at low altitude." -
Freeman Dyson On Open Source Biology
kripkenstein sends us an article by Freeman Dyson in the NY Review of Books, in which the eminent physicist and big thinker takes on the possible end to the Darwinian era of speciation that has endured 3 billion years on this planet. He discusses the history and future of biology in terms that many in this community will find familiar: "[We can speculate about] a golden age... when horizontal gene transfer was universal and separate species did not yet exist. Life was then a community of cells of various kinds, sharing their genetic information... Evolution could be rapid... But then, one evil day, a cell resembling a primitive bacterium happened to find itself one jump ahead of its neighbors in efficiency. That cell, anticipating Bill Gates by three billion years, separated itself from the community and refused to share... [But] now, as Homo sapiens domesticates the new biotechnology, we are reviving the ancient... practice of horizontal gene transfer, moving genes easily from microbes to plants and animals, blurring the boundaries between species. We are moving rapidly into the post-Darwinian era, when... the rules of Open Source sharing will be extended from the exchange of software to the exchange of genes. Then the evolution of life will once again be communal, as it was in the good old days before separate species and intellectual property were invented." -
Fuzzing Toolkit For Web Server Testing
prostoalex writes "Dr. Dobb's Journal runs an article discussing the tools necessary for fuzzing (testing a system by generating random input in order to cause program failure or crash). Quoting: 'You are fuzzing a Web server's capability to handle malformed POST data and discover a potentially exploitable memory corruption condition when the 50th test case you sent that crashes the service. You restart the Web daemon and retransmit your last malicious payload, but nothing happens... The issue must rely on some combination of inputs. Perhaps an earlier packet put the Web server in a state that later allowed the 50th test to trigger the memory corruption. We can't tell without further analysis and we can't narrow the possibilities down without the capability of replaying the entire test set in a methodical fashion.'" -
Russia Claims Large Chunk of North Pole
kungfoofairy writes "Russia has laid claim to over one million square kilometers of the Artic. This announcement comes on the return of a scientific expedition into the region which found that the Lomonosov Ridge connects to Russia. The area is supposed to have a reserve of 10 billion tons of natural gas and oil. 'A BBC map shows Russia's proposal; this set of maps from The New York Times illustrates the area at stake and different ways it might be divided ... The Russians have tried to advance their claim before, and were turned away by the United Nations in 2001. The new geological data is evidently meant to improve the odds for a second try. '" -
Hans Reiser Interview from Prison
JLester writes "Wired Magazine has an interview this month with Hans Reiser (of the ReiserFS journaling file system for Linux) from prison. It contains more details about the murder case against him. Some of the questions still go unanswered though." -
Innovation's Role Is Sorely Exaggerated
Strudelkugel writes "The New Yorker has a book review describing our common misunderstanding of the value of technology and its ultimate uses. The reviewer notes that the way we think about technology tends to ignore older objects of technology. Quoting: '[W]hen we do consider technology in historical terms we customarily see it as a driving force of progress: every so often... an innovation — the steam engine, electricity, computers — brings a new age into being. In "The Shock of the Old: Technology and Global History Since 1900", by David Edgerton, a well-known British historian of modern military and industrial technology, offers a vigorous assault on this narrative. He thinks that traditional ways of understanding technology, technological change, and the role of technology in our lives, have been severely distorted by what he calls "the innovation-centric account" of technology.'" Money quote: "Seen in this light, my kitchen is a technological palimpsest." -
I Heart Bees Again - Halo 3's Iris ARG
I Love Bees is regarded as one of the more successful alternate reality games (ARGs) ever run in the US. It should be no surprise, then, that the game's spiritual sequel entitled simply Iris , is causing quite a stir. It began on June 11th, with cryptic messages in the Bungie forums. Designed to take players through the history of the Halo world over the course of the summer, players have already uncovered some 'pre-game' information; for all intents and purposes the actual game hasn't started yet. Michael VanderZand probably wish it was already over, though: then he might have some peace and quiet. The climax is expected sometime on September 26th, the day after Halo 3 releases to stores. -
Marvel Studios to Produce Its Own Movies
Dekortage writes "According to the New York Times, Marvel Studios will be producing its own superhero movies instead of licensing the superheros to other Hollywood studios. It's all about the money: despite the enormous popularity of Sony Pictures' Spiderman 1 and 2, the licensing deal only netted Marvel $62 million. The article includes some tips about upcoming works: Edward Norton as Bruce Banner in a new Incredible Hulk, and Robert Downey, Jr. as Tony Stark in Iron Man." -
Marvel Studios to Produce Its Own Movies
Dekortage writes "According to the New York Times, Marvel Studios will be producing its own superhero movies instead of licensing the superheros to other Hollywood studios. It's all about the money: despite the enormous popularity of Sony Pictures' Spiderman 1 and 2, the licensing deal only netted Marvel $62 million. The article includes some tips about upcoming works: Edward Norton as Bruce Banner in a new Incredible Hulk, and Robert Downey, Jr. as Tony Stark in Iron Man." -
The Impossibility of Colonizing the Galaxy
OriginalArlen writes "The science fiction writer Charlie Stross has written an excellent and comprehensive explanation of why, thousands of SF books, movies, and games notwithstanding, human colonization of other star systems is impossible. Although interstellar colonization seems common-sensical to many, Charlie makes a clear-headed and unarguable case, so far as I can see, that it ain't gonna happen without a 'magic wand' or two. Nevertheless it would be interesting to see reasoned responses from the community who believe that colonization is not merely possible, but inevitable — and even, as Hawking has said, vital for the survival of the species. So, who's right — Hawking or Stross?" -
Kodak Unveils Brighter CMOS Color Filters
brownsteve writes "Eastman Kodak Co. has unveiled what it says are 'next-generation color filter patterns' designed to more than double the light sensitivity of CMOS or CCD image sensors used in camera phones or digital still cameras. The new color filter system is a departure from the widely used standard Bayer pattern — an arrangement of red, green and blue pixels — also created by Kodak. While building on the Bayer pattern, the new technology adds a 'fourth pixel, which has no pigment on top,' said Michael DeLuca, market segment manager responsible for image sensor solutions at Eastman Kodak. Such 'transparent' pixels — sensitive to all visible wavelengths — are designed to absorb light. DeLuca claimed the invention is 'the next milestone' in digital photography, likening its significance to ISO 400 color film introduced in the mid-1980's." -
Apple Confirms No (Default) ZFS In Leopard
javipas writes "Despite recent rumors about the possible inclusion of ZFS as the filesystem of choice for MacOS X 10.5 'Leopard', an Apple executive has denied this possibility. Brian Croll, senior director of product marketing for the Mac OS has as much as said 'ZFS is not happening ... Croll declined to comment on statements made last week by Sun Chief Executive Jonathan Schwartz, who said the use of ZFS would be announced at the Apple Worldwide Developers Conference in San Francisco. Upon further questioning, Croll would only confirm that Apple had never said ZFS would be a part of Leopard. A representative with Sun did not have any immediate comment.' Users of the future operating system will have to keep working with HFS+, a filesystem that is almost ten years old now." Update: 06/12 19:57 GMT by KD : An Apple spokesman contacted InformationWeek with a correction, which they ran as a comment on their original story: What Apple meant to say was, "ZFS would be available as a limited option, but not as the default file system." -
Far-Fetched Time Travel Concept Receives Private Funds
WED Fan writes "A University of Washington researcher who couldn't find funds the old fashioned way has raised funds from private parties to continue with his studies of 'time travel'. He is studying the Einstein-Podolsky-Rosen Paradox. Basically, using spooky action, he wants to be able to use entangled pairs to send messages, not only through space, but also in time. 'As the evidence for this has accumulated, several fairly contorted and unsatisfying efforts have been aimed at solving the puzzle. Cramer has proposed an explanation that doesn't violate the speed of light but does kind of mess with the traditional concept of time.' Despite the implausibility of the science here laypeople have been inspired by the researcher's idea, enough to donate almost $35,000 to his project." -
Church Threatens Legal Action Over Sony Game
An anonymous reader writes "The Church of England is threatening legal action against Sony over the game Resistance: Fall of Man. The game features a shootout in Manchester Cathedral, and the Church claims that Sony did not ask permission to use the interior of the Cathedral in the game. The Bishop of Manchester called the game 'highly irresponsible' due to the history of gun crime in the city. Sony denies the charge — a spokesman said 'We believe we have sought and received all permissions necessary for the creation of the game.'" -
How Private Are Sites' Membership Lists?
Slashdot contributor Bennett Haselton has written an essay on a subtle privacy issue affecting many websites (including Slashdot!) He says "Suppose your girlfriend called up Match.com and said, "I think my boyfriend might be cheating on me. His e-mail address is joeblow - at - aol - dot - com. Can you tell me if he's a member?" And Match.com phone support told her, "Why, yes, he is a member. You'd better have a talk with him." After you had gotten over the guilt of getting caught -- I mean, the guilt of cheating -- would you not feel like Match.com had violated your privacy by telling a third party that you were a member?" Keep reading to see what he's getting at and to decide if and when it's a problem.Something like this is actually possible with quite a few well-known sites -- given a person's e-mail address, it is possible to find out if they have an account with Match.com, PayPal, Netflix, eBay, Amazon, and Google (and, by the way, Slashdot [CT: We'd fix it if I thought it mattered]). For some of those sites, it may even be possible to take a long list of e-mail addresses and use an automated process to find out which of those addresses have accounts with those sites (something I didn't want to risk trying myself, but as a general rule, if you can do it once, you can do it many times, at least if you do it slowly enough). It does not enable the attacker to extract addresses from a site's membership rolls, which is a much more serious type of breach -- in this case, the attacker would have to already know a list of e-mail addresses, and would only be able to find out which of those addresses have accounts with a given service. And it definitely wouldn't enable an attacker to extract more sensitive information like passwords or personal data. But the ability to get a yes/no answer for whether an e-mail address belongs to a member of a given site, should be something that the site designer should take into account. I'm not even saying that it should necessarily be considered a security hole in most cases, just that it should be something that the site designers decide whether or not they want to permit it -- not something that was left in the open accidentally. Representatives from PayPal and Netflix assured me that they knew about the possibility of this attack and had countermeasures to detect it. In the case of Match.com, on the other hand, I would argue it looks like an oversight. For other sites, whether it's a security hole or not depends on your point of view.
There are three main causes for concern with this issue. The first is simple privacy -- for a site like Match.com, a person may not want other people to be able to find out that they're a member. The second is the possibility of making phishing attacks easier. If a phisher sends spam to a huge number of recipients, hoping to trick them into entering their login details on a counterfeit site, then generally their success rate would be proportional to the number of recipients who are members of that site (of which a certain percentage will be duped into entering their login info), but the speed at which the phishing site is shut down would be proportional to the total number of recipients (since any recipient would carry the same likelihood of reporting the phishing site to an ISP and helping to get it shut down). So if the phisher could find out which addresses on their list belong to actual members of a given site, and send mail to just those people, they could get more successful attacks in proportion to the number of e-mails sent. This is especially true of "puddle phishing" attacks, where only a small percentage of recipients are likely to be members of the site being phished. The third possibility is that the data could be valuable to spammers wanting to advertise a competing site -- a spammer advertising a dating site, for example, could get more band for their buck by advertising only to Match.com members. (Maybe even try a hybrid spam-with-just-a-hint-of-phish -- spam that says "Rejected a lot on Match.com?" to make the user think at first that the e-mail really is from Match.com, but then steer them towards a competitor.)
With a build-up like this, the attack is disappointingly simple. (In fact, I listed the possible consequences of the attack first, because otherwise the attack itself is too easy to dismiss.) If you haven't already guessed at least one of these methods, the three easy ways to find out if an e-mail address is associated with an account at a given site, are:
- Try to create a new account with that e-mail address. See if you get an error message saying the address is already associated with an account.
- Log in under an existing account, and try to switch to another e-mail address. See if you get an error message saying the address is already associated with an account.
- Use the forgot-your-password feature to request a password be sent to a given e-mail address. See if you get an error message saying that address is not associated with an account.
With most popular sites that I tested, at least one of the above methods fail, but at least one other method succeeds. On Netflix, for example, the forgot-your-password form requires you to enter a last name and a credit card number, so that form can't be used to find out who is a member. On the new member signup page, though, you can enter an e-mail address and be told whether that e-mail address already belongs to a member. With Match.com, on the other hand, I already mentioned the weakness in the password-reset form, but if I tried to sign up for a new account but I didn't correctly pass the Turing test (reading numbers off a graphic and entering them in a text field), Match.com wouldn't tell me if the e-mail address was associated with an existing account. So that form could not be used to sift through 100,000 addresses and find which ones were Match.com members, but it could be used to find out if an individual person was a subscriber.
There are at least two simple countermeasures to this type of attack. The first is to require a Turing test when a user creates a new account, requests a password reset, or changes their e-mail address on file, and make sure that if the Turing test isn't completed correctly, then no error message is displayed about whether a given e-mail address does or does not exist in the system. This makes it hard for attackers to sift through a mountain of e-mail addresses finding out which ones already belong to accounts, but it still enables someone to check if someone is a member, one person at a time. For sites where that would be a privacy concern (again I'm thinking of Match.com), the other solution is better: send an error message to the e-mail address entered, not displayed to the user in their browser. If you try to sign up as joeblow@aol.com, and that address is already associated with an account, then display the normal message telling the user to check their inbox for confirmation -- but then send them a message saying their address is already in the system. eBay, for example, gets this right on their "forgot your userid" page -- if you enter an e-mail address not associated with an eBay account, it simply says, "eBay just sent your User ID to joeblow@aol.com. Check your email to get your User ID." (On the other hand, eBay's new user signup page lets you check if an e-mail address is assigned to an existing member, without needing to pass a Turing test.)
Netflix, eBay and PayPal also responded to say that they had monitors in place to detect "suspicious" activity, saying that even in cases where the forms did not require a Turing test, they could dynamically detect if someone were using a script to submit the form over and over to harvest data, but they declined to go into more detail. It seems to me this could work for forms that require you to be logged-in, but not for forms that don't. For example, on the Netflix new user page, how would they detect if it's the same person submitting e-mail addresses over and over again? Not by IP address -- you can use Tor and farms of open proxies scattered across the Internet to make it appear as if you're coming from lots of different IP addresses. However, consider the PayPal add-a-new-email-address form. This form does not require a Turing test, and does give you an error message if you try to add an address associated with another account. At first I thought this might be a loophole that an attacker could use to find all the PayPal users in a long list of addresses, but PayPal told me that if you do this enough times under the same account, eventually you will hit a limit where the form starts requiring a Turing test. I never got high enough to hit that limit. However, in this case the "dynamic detection" could actually work -- because you can only perform this action while logged in, and after you hit the limit, to continue testing more addresses would require another PayPal account -- and creating additional throwaway PayPal accounts does require a Turing test for each one. So I'll take their word for it that that attack is blocked, although, it seems to me it would be easier just to require a Turing test on the add-a-new-address page.
On the other hand, perhaps in the case of a site like Netflix, it's not something that users really need to worry about, if the company has no problem with it. Big deal, an attacker can find out whether you're a Netflix user -- but that's not a huge privacy violation, it's not like I shamefully hide those red envelopes under my shirt while I'm scurrying back from the mailbox. Now, a spammer can take a list of addresses and run them through the form to find out who is a Netflix customer, and then spam those users trying to lure them to a competing service -- but that's Netflix's problem, not ours, isn't it? (Well, it's our problem that we get the spam. But without using this attack, the alternative was that the spammer was just going to spam everybody on their list anyway, so by that argument, this attack actually results in less spam all around!)
Except... perhaps an attacker could try the third type of attack, a phishing attack to get people's Netflix usernames and passwords, but not in order to compromise their Netflix account, rather to see if the person has an account with the same password at eBay or PayPal. Perhaps a user would be wary of a PayPal phish since they see so many of them, but they might fall for a Netflix one -- although then the attacker's success would be limited to people who had Netflix and PayPal accounts, and were using the same password for them both...
So it seems to me it's not obvious when this should be considered a problem. (All of the sites mentioned in this article were e-mailed about this issue months ago, and so far none of them considered it a serious enough threat to block all three of the avenues of attack listed above.) If abuse of this type becomes common, perhaps eventually these "queryable membership lists" will come to be considered in the same way as open mail relays -- which were never considered a glaring security hole, but were abused in ways that triggered a shift in people's thinking that got them to be gradually phased out, going from open relays being the default standard up to the early 90's, to the point where many ISPs today prohibit customers from running them. Maybe "queryable membership lists" will start to be abused more, if anti-spam technologies get smart enough that spammers can't send 1 million messages at a time any more and have to limit themselves to, say, 100,000 messages at a time to get through people's filters, so they have to pick which 100,000 of their addresses they could get the most value out of. Or maybe things will go in a completely different direction and this will never become a problem. I just think that, for now, we should be aware that some form of this trick works on the majority of sites that require an account, and the types of abuses described are at least possible.
-
Tech Review Sites and Payola
cheesecake23 writes "How often have you read a hardware review and thought: 'No way was that an honest opinion, the reviewer was bought'—? The Daily Tech has gone undercover to find out whether or not payola is accepted among the 35 largest online English-language hardware review sites. Questions asked and answered — Q: How many sites would take money (or sell ads) in exchange for a product review? A: 20 percent. Q: How many sites would additionally consider selling an Editor's Choice award? A: None. Q: Were any regions of the world more corrupt than others? A: No, it was 20-25% almost everywhere. Q: Does it depend on the size or age of the site? A: RTFA. Although no bad actors were explicitly unmasked, the article contains enough information to make a whitelist of quite a few good guys." -
Radio Wave on Saturn's Moon Hints at Hidden Ocean
SleepyHappyDoc writes "The European Space Agency has announced that a mysterious radio wave may indicate the existence of a hidden ocean underneath the surface of Titan. The Cassini-Huygens spaceprobe, which entered Titan's atmosphere over two years ago, collected evidence and information which has led to this potential discovery. This technology may lead to entirely new ways of finding out information about other planets." -
Russia Claims IP Rights In Manufacture of AK-47
Daniel Dvorkin writes "In the latest example of over-the-top intellectual property demands, Russia wants licensing fees for the production of AK-47s. According to first deputy prime minister Sergei Ivanov, the unlicensed production of Kalashnikovs (which have been around in very nearly their current form for 60 years) in ex-Soviet Bloc countries is 'intellectual piracy.' A giant but declining power starts demanding royalties on commonly used methods and materials that are widely understood, well known, and by any reasonable standard have long been in the public domain — does this sound familiar?" Wikipedia notes that the Izhevsk Machine Tool Factory in Russia obtained a patent on the manufacture of the AK-47 in 1999. -
Some Journals Rejecting Office 2007 Format
hormiga writes "Some scholarly journals are rejecting submissions made using new Office 2007 formats. Science and Nature are among publishers unwilling to deal with incompatibilities in the new formats, and recommend using older versions of Office or converting to older formats before submission. The new equation editor is cited as a specific problem. Rob Wier recommends that those publishers consider using ODF instead." -
NASA To Release Landsat 7 Data On the Web
UAVThumper writes "The US Geological Survey homepage is featuring an article about the upcoming release of select Landsat 7 image data (on June 4) at glovis.usgs.gov or earthexplorer.usgs.gov. This is to be a pilot project for a larger effort called the Landsat Data Continuity Mission, whose end result looks like a version of Google Earth using Landsat data. Seven Landsat satellites were launched over a period of 27 years, the last in 1999. More on Landsat can be found here on Wikipedia or here at the official NASA Page." -
CG Television Clone Wars Trailer Released
Ant writes "The official Star Wars site has up the one minute and 50 second trailer for the upcoming computer rendered Clone Wars." I'm still not sold on the CG, but the models seem to be somewhat based on Genndy Tartakovsky's designs from the original Clone Wars series. Wikipedia offers a bevy of details on the series. -
BBC Kicked out of School Over Wi-Fi Scaremongering
h2g2bob writes "Ben Goldacre reports that the BBC Panorama team, while scaremongering over the dangers of Wi-fi, were told to leave the school because even the kids could see it was dumb: 'When the children saw Alasdair's Powerwatch website, and the excellent picture of the insulating mesh beekeeper hat that he sells (£27) to protect your head from excess microwave exposure, they were astonished and outraged. Panorama were calmly expelled from the school.' Should we be pleased that the kids can out-think TV producers?" -
Best Presidential Candidate for Nerds?
blast writes "Given the broad field of candidates, I was wondering who the community thinks will make the best President when it comes to representing issues Slashdot readers might care about? Eg: privacy, 'total information awareness', Internet regulation and taxation, net neutrality, copyright/patent reform, the right to read, the right to secure communications, the right to tinker. Who do you think best represents your views? " -
Holocaust Dropped From Some UK Schools
dteichman2 writes "It appears that some UK schools are ignoring the Holocaust. A government-backed study, funded by the Department for Education and Skills, found that some teachers are reluctant to teach history lessons on the Holocaust for fear of offending Muslim students whose beliefs include Holocaust denial. Additionally, similar problems are being encountered with lessons on the Crusades because these lessons contradict teachings from local mosques." -
Holocaust Dropped From Some UK Schools
dteichman2 writes "It appears that some UK schools are ignoring the Holocaust. A government-backed study, funded by the Department for Education and Skills, found that some teachers are reluctant to teach history lessons on the Holocaust for fear of offending Muslim students whose beliefs include Holocaust denial. Additionally, similar problems are being encountered with lessons on the Crusades because these lessons contradict teachings from local mosques." -
Female Sharks Can Reproduce Alone
mikesd81 writes "The Washington Post has an article about a team of American and Irish researchers that have discovered that some female sharks can reproduce without having sex, the first time that scientists have found the unusual capacity in such an ancient vertebrate species. Their report concludes that sharks can reproduce asexually through the process known as parthenogenesis (the growth and development of an embryo or seed without fertilization by a male). Scientists started investigating after a female hammerhead shark was mysteriously born at Omaha's Henry Doorly Zoo in a tank that housed 3 female sharks. It was originally thought one had stored sperm from a male shark before fertilizing an egg. However, baby shark's genetic makeup perfectly matched one of the females in the tank, with no sign of a male parent." -
Robot Submarine Maps World's Deepest Sinkhole
holy_calamity writes "The world's deepest water-filled sinkhole has finally been mapped — by a robotic submarine whose descendants may one day swim on one of Jupiter's moons. The last attempt to find the bottom resulted in the SCUBA diving depth record and the death of a diving legend. The sub's sonar found that the divers had descended to only about 10m from the floor. The sub's mapping also indicated that the sinkhole, which is over 300m deep, could connect to even deeper caves." -
Microsoft Using .MS TLD
mqudsi writes "Microsoft is using the .MS top-level domain, assigned to the Caribbean island of Montserrat, for its Web 2.0-flavored Popfly project. You can get your own .MS name if you really want to — there are no restrictions on foreign ownership — at $180 US for 2 years. As of this writing microsoft.ms is available." In an obliquely related note, TechBlorge has up a rumination on the resemblance of the Popfly logo to Tux. -
German Linux Community Boycotting LinuxTag
em8chel writes "LinuxTag, Germany's major fair for Linux and Free Software, is facing a massive boycott from open source enthusiasts in the country this year. Although the event doesn't open for a week, the community is voicing their anger and disappointment on various forums about this year's LinuxTag running under the auspices of Wolfgang Schaeuble, the conservative Minister of Interior, whose positions on issues of interest to the community are controversial to say the very least. Due to online protests and calls for a boycott, the organizer of LinuxTag has released a statement (German version, serviceable Google translation), holding that the politician's policies and political views have nothing to do with supporting free software, adding that if the community boycotts LinuxTag, it's the open source software that will be hit the hardest, and that Schaeuble probably won't even notice." -
Microsoft Votes to Add ODF to ANSI Standards List
RzUpAnmsCwrds writes "In a puzzling move, Microsoft today voted to support the addition of the OpenDocument file formats to the American National Standards List. OpenDocument is used by many free-software office suites, including OpenOffice.org. Microsoft is still pushing its own Office Open XML format, which it hopes will also become an ANSI standard. Is Microsoft serious about supporting ODF, or is this a merely a PR stunt to make Office Open XML look more like a legitimate standard?" -
What is Your Favorite Way to Make Coffee?
markov_chain asks: "For a while I've been making coffee using home-ground whole beans and a standard drip maker. I settled on this method for its simplicity and good taste, even after trying numerous other methods (such as the French press, gravity percolators, and pressure percolators), each coupled with either pre-ground or whole beans. So far, the fresh ground beans are the only factor that made a significant difference in taste. However, when I recently spotted a a site that vaguely extols freshness, I began to wonder how much the freshness of the beans themselves affects the quality. Normally I thought the whole beans would retain the quality far longer, due to less surface area exposed to air, but clearly there still must be a decline; worse yet, it is difficult to gauge that decline since the sellers usually do not advertise the age of the beans. I would now like to pose a few questions. What is your preferred coffee-making method, and how does it compare to other methods you've tried? What are your favorite beans?" -
What is Your Favorite Way to Make Coffee?
markov_chain asks: "For a while I've been making coffee using home-ground whole beans and a standard drip maker. I settled on this method for its simplicity and good taste, even after trying numerous other methods (such as the French press, gravity percolators, and pressure percolators), each coupled with either pre-ground or whole beans. So far, the fresh ground beans are the only factor that made a significant difference in taste. However, when I recently spotted a a site that vaguely extols freshness, I began to wonder how much the freshness of the beans themselves affects the quality. Normally I thought the whole beans would retain the quality far longer, due to less surface area exposed to air, but clearly there still must be a decline; worse yet, it is difficult to gauge that decline since the sellers usually do not advertise the age of the beans. I would now like to pose a few questions. What is your preferred coffee-making method, and how does it compare to other methods you've tried? What are your favorite beans?" -
First Map of an Extrasolar Planet
jiawen writes "Data from the Spitzer Space Telescope has been used by researchers to make the first-ever map of an extrasolar planet. It's a weather map, more precisely, showing temperature variations over the surface of a Hot Jupiter. It really is hot: even the coldest regions are about 1200 degrees F."