figure · Search · Slashdot Mirror

Yro · Communications · 2010-04-21 04:36 · posted by CmdrTaco · from the totally-legal-yup-right dept. · 139 comments

An anonymous reader writes "Two researchers say they have found a way to exploit weaknesses in the mobile telecom system to legally spy on people by figuring out the private cell phone number of anyone they want, tracking their whereabouts, and listening to their voice mail."

Cassini's Elaborate Orbital Mechanics

Science · Nasa · 2010-04-20 06:03 · posted by kdawson · from the tour-engine dept. · 116 comments

jamie found an article at the NY Times about the extreme orbital mechanics gyrations required to extend the Cassini mission at Saturn by seven more years. Here's a graphic of the mission extension, which NASA took two years to arrive at. "The plans are for Cassini to keep working for seven more years, but it currently has only 22 percent of the maneuvering propellant it had when it started. Figuring out how to more than double the duration of the mission with less than a quarter of the fuel is hard. Cassini's orbital mechanics present an astonishingly complex exercise in Keplerian physics and geometry. The enormous array of science objectives and targets — moons, rings, Saturn itself — makes it one of the most complex missions ever flown. ... 'Without Titan,' Mr. Seal [Cassini's mission planning supervisor] said, 'we would go into one orbit around Saturn and be stuck there.' Thus Titan, in the argot of orbital mechanics, is Cassini's 'tour engine.' [T]he final 'reference trajectory' ... now includes 56 passes over Titan, 155 orbits of Saturn in different inclinations, 12 flybys of Enceladus, 5 flybys of other large moons — and final destruction."

IE8's XSS Filter Exposes Sites To XSS Attacks

Tech · Msie · 2010-04-19 17:22 · posted by kdawson · from the first-do-no-harm dept. · 84 comments

Blue Taxes writes "The cross-site scripting filter that ships with Microsoft's Internet Explorer 8 browser can be abused by attackers to launch cross-site scripting attacks on websites and web pages that would otherwise be immune to this threat. The IE8 filter works by scanning outbound requests for strings that may be malicious. When such a string is detected, IE8 will dynamically generate a regular expression matching the outbound string. The browser then looks for the same pattern in responses from the server. If a match is made anywhere in the server's response, the browser assumes that a reflected XSS attack is being conducted and the browser will automatically alter the response so that the XSS attack cannot succeed. The researchers figured out a way to use IE8's altered response to conduct simple abuses and universal cross-site scripting attacks, which worked against sites that would not otherwise have been vulnerable to XSS." Here is the researchers' backgrounder (PDF) on the attack. Microsoft says that they have issued two patches that address the issue, but the researchers insist that holes remain.
Update: 04/20 14:06 GMT by KD : Microsoft's Security Response Center has issued a statement on the vulnerability.

EU Piracy Estimates — Just How Inaccurate?

Yro · Government · 2010-04-19 07:33 · posted by Soulskill · from the pirates-across-the-pond dept. · 124 comments

Last week we discussed news that a US government report questioned the reliability of piracy statistics from the media industry. Reader superapecommando sends in a follow-up written by Glyn Moody that examines a similar problem in Europe. Quoting: "As far as I know, no similar analysis has been carried out for European reports. So I thought it might be interesting to look at one particular European report on the subject — not least because I've heard that its findings influenced some of the MPs voting on the Digital Economy Act. ... the net result of this 68-page report, with all of its tables and detailed methodology, is that four out of the top five markets used for calculating the overall piracy loss in Europe draw on figures supplied by the recording industry itself. Those apparently terrifying new figures detailing the supposed loss of money and jobs due to piracy in Europe turn out to be little more than a re-statement of the industry's previous claims in a slightly different form. As a result, as little credence can be placed in the report as in those criticised by the US GAO."

Newspaper Death Notices May Be a Dying Business

News · Business · 2010-04-18 07:53 · posted by kdawson · from the it's-dead-jim dept. · 171 comments

Hugh Pickens writes "Alan D. Mutter writes in his journalism blog 'Reflections of a Newsosaur' that some newspapers exploit bereaved families with exorbitantly priced death notices — a distasteful and strategically inept way for them to try to make ends meet. 'I stumbled across the problem this week when I tried to buy a death notice in ... the San Francisco Chronicle, which proposed charging $450 for the one-day run of a crappy-looking, 182-word death notice,' writes Mutter. But lose the death notice business, and newspapers risk losing a huge audience driver as well. The solution may be partnering with websites like Legacy.com, a site that already publishes death notices for about two-thirds of the people who die each day in the US. 'It may not be easy to figure out the terms of a broader collaboration, writes Rich Gordon on Poynter.org, 'partly because some newspaper executives are wary of Legacy and feel the company could become a competitive threat for audiences and revenue. But this is exactly the reaction many newspaper executives had to collaborating with Internet companies in other classified advertising categories. I'd hate to see newspapers make the same mistake with death notices and obituaries.'"

Apple Blocks Cartoonist From App Store

Apple · Censorship · 2010-04-15 09:05 · posted by timothy · from the so-don't-support-apple's-gateway dept. · 664 comments

ink writes "Here is another troubling anecdote on the iWeb front: 'This week cartoonist Mark Fiore made Internet and journalism history as the first online-only journalist to win a Pulitzer Prize. Fiore took home the editorial cartooning prize for animations he created for SFGate, the website for the San Francisco Chronicle... But there's just one problem. In December, Apple rejected his iPhone app, NewsToons, because, as Apple put it, his satire "ridicules public figures," a violation of the iPhone Developer Program License Agreement, which bars any apps whose content in "Apple's reasonable judgement may be found objectionable, for example, materials that may be considered obscene, pornographic, or defamatory."' Whether or not you agree with Fiore's political sentiments, I believe we can all agree that the censorship of his work should be denigrated."

Sun Pushes Emergency Java Patch

It · Security · 2010-04-15 07:53 · posted by timothy · from the emergency-shot-of-soy-latte dept. · 90 comments

Trailrunner7 writes "In a sudden about-face, Sun has rushed out a Java update to fix a drive-by download vulnerability that exposed Windows users to in-the-wild malware attacks. The patch comes less than a week after Sun told a Google researcher it did not consider the issue serious enough to warrant an out-of-cycle patch and less than a day after researchers spotted live exploits on a booby-trapped Web site. The flaw, which was also discovered independently by Ruben Santamarta, occurs because the Java-Plugin Browser is running 'javaws.exe' without validating command-line parameters. Despite the absence of documentation, a researcher was about to figure out that Sun removed the code to run javaws.exe from the Java plugin. The about-face by Sun is another sign that some big vendors still struggle to understand the importance of working closely with white hat researchers to understand the implications of certain vulnerabilities. In this case, Google's Tavis Ormandy was forced to use the full-disclosure weapon to force the vendor into a proper response."

Twitter Grows Up, Adds "Promoted Tweets"

News · Advertising · 2010-04-13 10:32 · posted by kdawson · from the what-biz-means dept. · 149 comments

CWmike writes "Twitter is finally taking off the training wheels and moving into the world where real businesses tread with the launch on Tuesday of its first advertising model, dubbed 'Promoted Tweets.' The microblogging phenom has long avoided coming up with a business plan or even talking about one. But the time has come for Twitter to figure out how to make money over the long haul. Analyst Dan Old isn't so sure that Twitter users will welcome the change. 'There will be a vocal minority of users who will hate any advertising at all,' Olds said. '[Many] users understand that it's necessary and will accept it as long as it doesn't interfere with their usage. But if the ads look like regular tweets, that could cause some serious outrage from users who feel that Twitter is attempting to deceive them.'"

Ubuntu Claims 12 Million Users — Before Lucid

Linux · Ubuntu · 2010-04-07 10:12 · posted by timothy · from the or-is-that-a-lucid-dream dept. · 360 comments

darthcamaro writes "It's always a challenge to try and figure out how many users a particular Linux distro has — but Canonical is now providing a new figure for Ubuntu that is 50 percent more than what they were claiming just 18 months ago. 'We have no phone home or registration process, so it's always a guesstimate. But based on the same methodology that we came up with for the 2008 number, our present belief is that it's somewhere north of 12 million users at the moment,' Chris Kenyon, vice president for OEM at Canonical, told InternetNews.com. Just in case you were wondering, Fedora still claims more — actually almost double, at 24 million."

365 Days of Photojournalism With Stormtroopers

Entertainment · 2010-04-02 05:30 · posted by samzenpus · from the it's-good-to-have-friends dept. · 30 comments

Lanxon writes "Wired reports that for one French fan, the Stormtrooper has become an obsession. Stormtroopers 365 is a collection of wacky, witty, and artistic photographs that its creator Stéfan Le Dû has been adding to daily since 3 April 2009 when the project began. 'I got a new camera and I had some Stormtrooper figures sleeping in their blister packs for months. I wanted to start something a bit challenging on Flickr, and I had previously seen some awesome Star Wars toys pictures, and other "365" projects that I really liked,' he says. The two starring Stormtroopers — TK455 and TK479 — have run into cats, clocks, various household implements, and even a DeLorean sports car."

MIT Finds 'Grand Unified Theory of AI'

Science · Science · 2010-03-31 03:57 · posted by CmdrTaco · from the no-excuse-for-haley-joel-osment dept. · 301 comments

aftab14 writes "'What's brilliant about this (approach) is that it allows you to build a cognitive model in a much more straightforward and transparent way than you could do before,' says Nick Chater, a professor of cognitive and decision sciences at University College London. 'You can imagine all the things that a human knows, and trying to list those would just be an endless task, and it might even be an infinite task. But the magic trick is saying, "No, no, just tell me a few things," and then the brain — or in this case the Church system, hopefully somewhat analogous to the way the mind does it — can churn out, using its probabilistic calculation, all the consequences and inferences. And also, when you give the system new information, it can figure out the consequences of that.'"

Laptop Computers Detect and Monitor Earthquakes

Science · Science · 2010-03-23 07:54 · posted by CmdrTaco · from the we're-gonna-need-more-granularity-in-here dept. · 78 comments

Pickens writes "Live Science reports that 1,000 people from 61 countries have signed up with the Quake-Catcher Network to take advantage of built-in accelerometers in newer laptops that transmit data about earthquakes to researchers at UC Irvine and Stanford University. 'It's providing additional data that can be fed into the seismic networks,' says Elizabeth Cochran, a UC Irvine geoscientist. 'It also allows us to record earthquakes at a scale that we haven't been able to before because of the cost.' Cochran came up with the idea for the Quake-Catcher Network when she learned that most new laptops come equipped with accelerometers designed to switch off the hard drive if the laptop is dropped. 'I figured that we could easily tap into this data and use it to record earthquakes.' While traditional seismic monitors can detect earthquakes of magnitude 1.0 or less, the lowest magnitude the Quake-Catcher Network can detect is about 4.0, a moderate quake much like the one that hit LA on March 16. But what the network lacks in sensitivity, it makes up for in price as traditional seismic sensors cost $5,000 to $10,000 apiece. 'Ideally we would have seismometers in every building, or at least on every block. And in tall buildings, we'd have multiple sensors [on different floors],' says Cochran. 'That way, we would be able to actually get much higher detail images of how the ground shakes during an earthquake.'"

Carbon-14 Dating Reveals 5% of Vintage Wines May Be Frauds

Science · Australia · 2010-03-21 16:00 · posted by timothy · from the better-than-backdating-a-check dept. · 336 comments

Carbon dating isn't used only for such academic pursuits as trying to determine the age of the Shroud of Turin, or figure out how old some rocks are. An anonymous reader writes "Up to 5% of fine wines are not from the year the label indicates, according to Australian researchers who have carbon-dated some top dollar wines."

Lag Analysis For the PlayStation Move

Games · Inputdev · 2010-03-18 20:26 · posted by Soulskill · from the swing-and-a-miss dept. · 71 comments

The $64,000 question about Sony's upcoming motion control system, the PlayStation Move, is how responsive it will be compared to traditional console controllers and its counterparts from Nintendo and Microsoft. Eurogamer slowed down videos of Sony's tech demo software to establish a rough baseline latency that developers will have to work with. Quoting: "While exact latency measurements aren't possible in these conditions, a ballpark idea of the level of response isn't a problem at all. The methodology is remarkably straightforward. Keep your hand as steady as possible, then make fast motions with the controller. Count the frames between your hand moving, and the motion being carried out on-screen. Equally illuminating is to stop your movement suddenly, then count the frames necessary for your on-screen counterpart to catch up. While not 100 per cent accurate, repeat the process enough times and the frame difference becomes fairly evident. Bearing all of that in mind, and recognizing that we don't know how much latency the display itself is adding, I'd say that a ballpark figure of around 133ms of controller lag (give or take a frame) seems reasonable, certainly not the ultra-fast crispness of response we see from games like Burnout Paradise or Modern Warfare, but fine for most of the applications you would want from such a controller."

Milgram's Experiment — the TV Show

Idle · 2010-03-18 04:45 · posted by samzenpus · from the shock-it-to-me dept. · 13 comments

vieux schnock writes "A controversy has arisen over a French television show reproducing Milgram's experiment in front of a live audience. Milgram's original experiment wanted to show the willingness of study participants to 'obey an authority figure who instructed them to perform acts that conflicted with their personal conscience.' But this time, it seems that television can play that deadly 'authority' figure with more devastating results: While Milgran got 65% of the participants to hit the maximum jolt button, '[in] the final tally, 81 percent of the contestants turned up the juice to the maximum.'"

Cisco's New Router — Trouble For Hollywood

Tech · Networking · 2010-03-17 05:11 · posted by Soulskill · from the giving-pirates-a-bigger-pipe dept. · 335 comments

Shakrai writes "Time Magazine has published an article about the impact of Cisco's new CRS-3 router on the business practices of the MAFIAA. This new router was previously mentioned here on Slashdot and is expected to alleviate internet bottlenecks that currently impede steaming video-on-demand services. Some of the highlights from the article: 'The ability to download albums and films in a matter of seconds is a harbinger of deep trouble for the Motion Picture Association of America (MPAA) and the Recording Industry Association of America (RIAA), which would prefer to turn the clock back, way back. ... The hard fact is that the latest developments at Cisco, Google and elsewhere may do more than kill the DVD and CD and further upset entertainment-business models that have changed little since the Mesozoic Era. With superfast streaming and downloading, indie filmmakers will soon be able to effectively distribute feature films online and promote them using social media such as Facebook and Twitter. ... Meanwhile, both the MPAA and the RIAA continue to fight emerging technologies like peer-to-peer file sharing with costly court battles rather than figuring out how to appeal to the next generation of movie enthusiasts and still make a buck."

What Aspects of Open Source Projects Do You Avoid?

Ask · Bug · 2010-03-14 07:49 · posted by timothy · from the don't-you-want-to-cuddle? dept. · 344 comments

paulproteus writes "I'm a Debian developer and a part-time contributor to a few smaller projects. I do a lot of free software-y and open source-y things. Sometimes, though, I don't do them. I figure some other Slashdotters might have similar hang-ups — we contribute to a project, but there are parts that we really dread thinking about. So I wrote a post about having these hang-ups, and I made a place on the web to share how others can help your project. What are the parts that, in your projects, you would be relieved if someone else looked at for you?"

Permanent Undersea Homes Soon; Temporary Ones Now

Science · Earth · 2010-03-13 00:20 · posted by timothy · from the meet-our-butcher-dexter dept. · 122 comments

MMBK writes "Dennis Chamberland is one of the world's preeminent aquanauts. He's worked with NASA to develop living habitats and underwater plant growth labs, among other cool things. His next goal is establishing the world's first permanent underwater colony. This video gets to the heart of his project, literally and figuratively, as most is shot in his underwater habitat, Atlantica, off the coast of Key Largo, FL. The coolest part might be the moon pool, the room you swim into underwater."

Best Resource For Identifying Legit Applications?

Ask · It · 2010-03-09 08:30 · posted by kdawson · from the x-ray-goggles dept. · 255 comments

bjb writes "While helping a somewhat computer illiterate person figure out a problem recently, they mentioned that PDF files had recently stopped working. Upon investigation I found something installed called 'PDF Suite.' Never having heard of it, I Googled it with 'malware' and other key words, but nothing turned up, though my suspicion remained (and was somewhat confirmed by WOT.) So my question is, where can you go to find out if something is legitimate? Because the person I'm helping is on a dial-up connection, downloading malware detection applications (and updates) is too heavy consider. And I don't maintain a USB stick with such apps, since I don't do this kind of thing very often. Where can you quickly find information?"

The Secret Origin of Windows

Tech · Windows · 2010-03-09 06:12 · posted by Soulskill · from the sounds-like-a-comic-book-character dept. · 402 comments

harrymcc writes "Windows has been so dominant for so long that it's easy to forget Windows 1.0 was vaporware, mocked both outside and inside of Microsoft — and that its immediate successors were considered stopgaps until OS/2 was everywhere. Tandy Trower, the product manager who finally got Windows 1.0 out the door a quarter century ago, has written a memoir of the experience. (He thought being assigned the much-maligned project was Microsoft's fiendish way of trying to get rid of him.) The story involves such still-significant figures as Bill Gates, Steve Ballmer, Ray Ozzie, and Nathan Myhrvold; Trower left Microsoft only in November of 2009 after 28 years with the company."

Search

Stories · 3,462