Forgot your password?
typodupeerror

Slashdot is powered by your submissions, so send in your scoop

Security

The Dismal State of SATCOM Security 15

Posted by timothy
from the my-sputnik-or-yours dept.
An anonymous reader writes "Satellite Communications (SATCOM) play a vital role in the global telecommunications system, but the security of the devices used leaves much to be desired. The list of security weaknesses IOActive foundwhile analyzing and reverse-engineering firmware used on the most widely deployed Inmarsat and Iridium SATCOM terminals does not include only design flaws but also features in the devices themselves that could be of use to attackers. The uncovered vulnerabilities include multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms. These vulnerabilities allow remote, unauthenticated attackers to compromise the affected products. In certain cases no user interaction is required to exploit the vulnerability; just sending a simple SMS or specially crafted message from one ship to another ship would be successful for some of the SATCOM systems."
Open Source

Apache OpenOffice Reaches 100 Million Downloads. Now What? 87

Posted by timothy
from the hundreds-of-millions-served dept.
We're thankfully long past the days when an emailed Word document was useless without a copy of Microsoft Word, and that's in large part thanks to the success of the OpenOffice family of word processors. "Family," because the OpenOffice name has been attached to several branches of a codebase that's gone through some serious evolution over the years, starting from its roots in closed-source StarOffice, acquired and open-sourced by Sun to become OpenOffice.org. The same software has led (via some hamfisted moves by Oracle after its acquisition of Sun) to the also-excellent LibreOffice. OpenOffice.org's direct descendant is Apache OpenOffice, and an anonymous reader writes with this excellent news from that project: "The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 170 Open Source projects and initiatives, announced today that Apache OpenOffice has been downloaded 100 million times. Over 100 million downloads, over 750 extensions, over 2,800 templates. But what does the community at Apache need to do to get the next 100 million?" If you want to play along, you can get the latest version of OpenOffice from SourceForge (Slashdot's corporate cousin). I wonder how many government offices -- the U.S. Federal government has long been Microsoft's biggest customer -- couldn't get along just fine with an open source word processor, even considering all the proprietary-format documents they're stuck with for now.
Canada

RCMP Arrest Canadian Teen For Heartbleed Exploit 57

Posted by timothy
from the they-got-their-man dept.
According to PC Mag, a "19-year-old Canadian was arrested on Tuesday for his alleged role in the breach of the Canada Revenue Agency (CRA) website, the first known arrest for exploiting the Heartbleed bug. Stephen Arthuro Solis-Reyes (pictured) of London, Ontario faces one count of Unauthorized Use of Computer and one count of Mischief in Relation to Data." That exploit led to a deadline extension for some Canadian taxpayers in getting in their returns this year. The Register has the story as well. The Montreal Gazette has some pointed questions about how much the Canadian tax authorities knew about the breach, and when.
Data Storage

SSD-HDD Price Gap Won't Go Away Anytime Soon 137

Posted by timothy
from the prices-are-offers dept.
storagedude (1517243) writes "Flash storage costs have been dropping rapidly for years, but those gains are about to slow, and a number of issues will keep flash from closing the cost gap with HDDs for some time, writes Henry Newman at Enterprise Storage Forum. As SSD density increases, reliability and performance decrease, creating a dilemma for manufacturers who must balance density, cost, reliability and performance. '[F]lash technology and SSDs cannot yet replace HDDs as primary storage for enterprise and HPC applications due to continued high prices for capacity, bandwidth and power, as well as issues with reliability that can only be addressed by increasing overall costs. At least for the foreseeable future, the cost of flash compared to hard drive storage is not going to change.'"
Piracy

5-Year Suspended Sentence For S. Africa's First Online Pirate 28

Posted by timothy
from the comparative-justice dept.
An anonymous reader writes "South Africa's first prosecution for online piracy was concluded this morning, with a five-year, wholly suspended sentence handed down to a filesharer who uploaded local movie Four Corners to The Pirate Bay. The man — who lost his job recently — said he's relieved by the verdict, which was the result of a plea bargain. Director Ian Gabriel, who made the film, recently said he was 'philosophical' about piracy."
Medicine

Switching From Sitting To Standing At Your Desk 145

Posted by samzenpus
from the throw-away-the-tuffet dept.
Hugh Pickens DOT Com (2995471) writes "Chris Bowlby reports at BBC that medical research has been building up for a while now, suggesting constant sitting is harming our health — potentially causing cardiovascular problems or vulnerability to diabetes. Advocates of sit-stand desks say more standing would benefit not only health, but also workers' energy and creativity. Some big organizations and companies are beginning to look seriously at reducing 'prolonged sitting' among office workers. 'It's becoming more well known that long periods of sedentary behavior has an adverse effect on health,' says GE engineer Jonathan McGregor, 'so we're looking at bringing in standing desks.' The whole concept of sitting as the norm in workplaces is a recent innovation, points out Jeremy Myerson, professor of design at the Royal College of Art. 'If you look at the late 19th Century,' he says, Victorian clerks could stand at their desks and 'moved around a lot more'. 'It's possible to look back at the industrial office of the past 100 years or so as some kind of weird aberration in a 1,000-year continuum of work where we've always moved around.' What changed things in the 20th Century was 'Taylorism' — time and motion studies applied to office work. 'It's much easier to supervise and control people when they're sitting down,' says Myerson. What might finally change things is if the evidence becomes overwhelming, the health costs rise, and stopping employees from sitting too much becomes part of an employer's legal duty of care. 'If what we are creating are environments where people are not going to be terribly healthy and are suffering from diseases like cardiovascular disease and diabetes,' says Prof Alexi Marmot, a specialist on workplace design, 'it's highly unlikely the organization benefits in any way.'"
IT

Ask Slashdot: System Administrator Vs Change Advisory Board 208

Posted by samzenpus
from the get-along dept.
thundergeek (808819) writes "I am the sole sysadmin for nearly 50 servers (win/linux) across several contracts. Now a Change Advisory Board (CAB) is wanting to manage every patch that will be installed on the OS and approve/disapprove for testing on the development network. Once tested and verified, all changes will then need to be approved for production. Windows servers aren't always the best for informing admin exactly what is being 'patched' on the OS, and the frequency of updates will make my efficiency take a nose dive. Now I'll have to track each KB, RHSA, directives and any other 3rd party updates, submit a lengthy report outlining each patch being applied, and then sit back and wait for approval. What should I use/do to track what I will be installing? Is there already a product out there that will make my life a little less stressful on the admin side? Does anyone else have to go toe-to-toe with a CAB? How do you handle your patch approval process?"
Robotics

The Squishy Future of Robotics 28

Posted by samzenpus
from the bend-it-shape-it dept.
An anonymous reader writes "The field of soft robotics is fast growing and may be the key to allowing robots and humans to work side-by-side. 'Roboticists are prejudiced toward rigid structures, for which algorithms can be inherited from the well-established factory robot industry. Soft robots solve two huge problems with current robots, however. They don't have to calculate their movements as precisely as hard robots, which rely on springs and joints, making them better for navigating uncontrolled environments like a house, disaster area, or hospital room. They're naturally "cage free," meaning they can work shoulder-to-shoulder with humans. If a soft robot tips over or malfunctions, the danger is on par with being attacked by a pillow. The robot is also less prone to hurt itself.'"
AT&T

Bidding At FCC TV Spectrum Auction May Be Restricted For Large Carriers 68

Posted by samzenpus
from the helping-the-little-guy dept.
An anonymous reader writes "Rumors have surfaced that the Federal Communications Commission (FCC) will restrict bidding at their TV spectrum auction in 2015 to effectively favor smaller carriers. Specifically, when 'auction bidding hits an as-of-yet unknown threshold in a given market, the FCC would set aside up to 30MHz of spectrum in that market. Companies that hold at least one-third of the low-band spectrum in that market then wouldn't be allowed to bid on the 30MHz of spectrum that has been set aside.' Therefore, 'in all band plans less than 70MHz, restricted bidders—specifically AT&T and Verizon (and in a small number of markets, potentially US Cellular or CSpire)—would be limited to bidding for only three blocks.' The rumors may be true since AT&T on Wednesday threatened to not participate in the auction at all as a protest against what it sees as unfair treatment."
Government

Vintage 1960s Era Film Shows IRS Defending Its Use of Computers 96

Posted by samzenpus
from the how-I-learned-to-stop-worrying-and-love-the-cd-rom dept.
coondoggie (973519) writes "It's impossible to imagine the Internal Revenue Service or most other number-crunching agencies or companies working without computers. But when the IRS went to computers — the Automatic Data Processing system --there was an uproar. The agency went so far as to produce a short film on the topic called Right On The Button, to convince the public computers were a good thing."
United States

FBI Drone Deployment Timeline 30

Posted by samzenpus
from the when-and-where dept.
An anonymous reader writes "The FBI insists that it uses drone technology to conduct surveillance in 'very limited circumstances.' What those particular circumstances are remain a mystery, particularly since the Bureau refuses to identify instances where agents deployed unmanned aerial vehicles, even as far back as 2006. In a letter to Senator Ron Paul last July, the FBI indicated that it had used drones a total of ten times since late 2006—eight criminal cases and two national security cases—and had authorized drone deployments in three additional cases, but did not actually fly them. The sole specific case where the FBI is willing to confirm using a drone was in February 2013, as surveillance support for a child kidnapping case in Alabama. New documents obtained by MuckRock as part of the Drone Census flesh out the timeline of FBI drone deployments in detail that was previously unavailable. While heavily redacted—censors deemed even basic facts that were already public about the Alabama case to be too sensitive for release, apparently—these flight orders, after action reviews and mission reports contain new details of FBI drone flights."
Technology

GoPro Project Claims Technology Is Making People Lose Empathy For Homeless 253

Posted by samzenpus
from the look-straight-ahead dept.
EwanPalmer (2536690) writes "A project involving GoPro cameras and people living on the streets of San Francisco has suggests technology is making people feel less compassionate towards the homeless. Started by Kevin F Adler, the Homeless GoPro project aims to 'build empathy through a first-hand perspective' by strapping one of the cameras onto homeless volunteers to document their lives and daily interactions. One of the volunteers, Adam Reichart, said he believes it is technology which is stopping people from feeling sympathy towards people living on the street as it's easier to have 'less feelings when you're typing something' than looking at them in the eye"
Cellphones

Industry-Wide Smartphone "Kill Switch" Closer To Reality 120

Posted by samzenpus
from the blow-it-up dept.
mpicpp (3454017) writes "The 'kill switch,' a system for remotely disabling smartphones and wiping their data, will become standard in 2015, according to a pledge backed by most of the mobile world's major players. Apple, Google, Samsung and Microsoft, along with the five biggest cellular carriers in the United States, are among those that have signed on to a voluntary program announced Tuesday by the industry's largest trade group. All smartphones manufactured for sale in the United States after July 2015 must have the technology, according to the program from CTIA. Advocates say the feature would deter thieves from taking mobile devices by rendering phones useless while allowing people to protect personal information if their phone is lost or stolen. Its proponents include law enforcement officials concerned about the rising problem of smartphone theft."
Programming

Code Quality: Open Source vs. Proprietary 112

Posted by Soulskill
from the put-your-money-where-your-code-is dept.
just_another_sean sends this followup to yesterday's discussion about the quality of open source code compared to proprietary code. Every year, Coverity scans large quantities of code and evaluates it for defects. They've just released their latest report, and the findings were good news for open source. From the article: "The report details the analysis of 750 million lines of open source software code through the Coverity Scan service and commercial usage of the Coverity Development Testing Platform, the largest sample size that the report has studied to date. A few key points: Open source code quality surpasses proprietary code quality in C/C++ projects. Linux continues to be a benchmark for open source quality. C/C++ developers fixed more high-impact defects. Analysis found that developers contributing to open source Java projects are not fixing as many high-impact defects as developers contributing to open source C/C++ projects."
Books

Ask Slashdot: What Good Print Media Is Left? 257

Posted by Soulskill
from the just-the-crap-in-my-mailbox-every-day dept.
guises writes: "A recent story discussing the cover of Byte Magazine reminded me of just how much we've lost with the death of print media. The Internet isn't what took down Byte, but a lot of other really excellent publications have fallen by the wayside as a result of the shift away from the printed page. We're not quite there yet, though. There seem to still be some holdouts, so I'm asking Slashdot: what magazines (or zines, or newsletters, or newspapers) are still hanging around that are worth subscribing to?"

It is not every question that deserves an answer. -- Publilius Syrus

Working...