Slashdot

Syndicate content Slashdot
News for nerds, stuff that matters
Updated: 6 min 20 sec ago

Cisco ASA Firewall Has a Wormable Problem — And a Million Installs

18 min 22 sec ago
itwbennett writes: Cisco has published an advisory for a vulnerability with a CVSS (Common Vulnerability Scoring System) score of 10 that was discovered by researchers from Exodus Intelligence. According to the advisory, 'a vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.' As CSO's Dave Lewis points out, 'the part of this that is most pressing is that Cisco claims that there are over a million of these deployed.' And attackers have not been sitting on their thumbs.

Read more of this story at Slashdot.

IBM Bequeaths the Express Framework To the Node.js Foundation

38 min 22 sec ago
campuscodi writes: The Node.js Foundation has taken the Express Node.js framework under its wing. Express will be a new incubation project for the Foundation. IBM, which purchased Express maintainer StrongLoop last September, is contributing the code. Part of the reason for allowing the foundation to oversee Express is to build a diverse contributor base, which is important given the framework's popularity.

Read more of this story at Slashdot.

It's Official: LIGO Scientists Make First-Ever Observation of Gravity Waves

1 hour 22 sec ago
A few days ago, we posted reports that a major finding -- the discovery of the long-predicted gravity waves -- was expected to be formally announced today, and reader universe520 is the first to note this coverage in the Economist : It is 1.3 billion years after two black holes merged and sent out gravitational waves. On Earth in September 2015, the faintest slice of those waves was caught. That slice, called GW150914 and announced to the world on February 11th, is the first gravitational wave to be detected directly by human scientists. It is a triumph that has been a century in the making, opening a new window onto the universe and giving researchers a means to peer at hitherto inaccessible happenings, perhaps as far back in time as the Big Bang. Reader DudeTheMath adds: NPR has a nice write-up of the newly-published results: "[R]esearchers say they have detected rumblings from that cataclysmic collision as ripples in the very fabric of space-time itself. The discovery comes a century after Albert Einstein first predicted such ripples should exist. ... The signal in the detector matches well with what's predicted by Einstein's original theory, according to [Saul] Teukolsky [of Cornell], who was briefed on the results."

Read more of this story at Slashdot.

Scientists In Japan Build 100Gbps Wireless Network Using Terahertz Transmitter

1 hour 45 min ago
Mark.JUK writes: A group of Japanese scientists working on a project managed by Hiroshima University claim to have successfully built a Terahertz (THz) transmitter, which is implemented as a silicon CMOS integrated circuit and can transmit a signal running at 10Gbps per data channel over multiple channels in the 275-305GHz band for a top speed of 100Gbps (Gigabits per second). But crucially nobody has mentioned the distance at which this speed could be achieved, particularly since the THz band isn't likely to have much of a reach. It also sits very close to the region used by lasers.

Read more of this story at Slashdot.

US Encryption Ban Would Only Send the Market Overseas

2 hours 25 min ago
Patrick O'Neill writes: A U.S. legislatures posture toward legally mandating backdoored encryption, a new Harvard study suggests that a ban would push the market overseas because most encryption products come from over non-U.S. tech companies. "Cryptography is very much a worldwide academic discipline, as evidenced by the quantity and quality of research papers and academic conferences from countries other than the U.S.," the researchers wrote.

Read more of this story at Slashdot.

Google Expands 'Right To Be Forgotten' To All Global Search Results

3 hours 6 min ago
An anonymous reader writes: Google has confirmed that it will be updating its 'right to be forgotten' so that any hidden content under the ruling is removed from all versions of its search engine in countries where it has been approved. Until now Google had only been removing results from the originating country and European versions of its search engine, such as google.co.uk and google.de. The EU had previously asked for an extension of the rule to include all versions of Google. Last year, French data protection authority CNIL threatened the tech giant with a sanction should it not remove data from all of its global platforms – such as google.com – in addition to its European sites. Now, Google's new extension of the 'right to be forgotten' is expected to come into force over the next few weeks.

Read more of this story at Slashdot.

Researchers Discover a Cheap Method of Breaking Bitcoin Wallet Passwords

3 hours 47 min ago
An anonymous reader writes: Three researchers have published a paper that details a new method of cracking Bitcoin "brain wallet passwords," which is 2.5 times speedier than previous techniques and incredibly cheap to perform. The researcher revealed that by using a run-of-the-mill Amazon EC2 account, an attacker would be able to check over 500,000 Bitcoin passwords per second. For each US dollar spent on renting the EC2 server, an attacker would be able to check 17.9 billion password strings. To check a trillion passwords, it would cost the attacker only $55.86 (€49.63). In the end, they managed to crack around 18,000 passwords used for real accounts.

Read more of this story at Slashdot.

Amazon Restores Some Heft To Helvetica For Kindle E-Ink Readers

5 hours 41 min ago
David Rothman writes: Props to Amazon. The Helvetica font will be restored to a more readable weight than the anorexic one in the latest update for E Ink Kindles. Let's hope that an all-bold switch—or, better, a font weight adjuster of the kind that Kobo now offers—will also happen. I've queried Amazon about that possibility. Meanwhile thanks to Slashdot community members who spoke up against the anorexic Helvetica!

Read more of this story at Slashdot.

France Launches Second Salvo Against Facebook

8 hours 19 min ago
Eunuchswear writes: After Mondays decision by the French CNIL (National Center for Computers and Freedom) that Facebook must stop tracking non-users, the DGCCRF (General Direction for Competition, Consumption and Repression of Fraud), has ruled that Facebooks terms of use are abusive and must be changed within 60 days." The linked story is in French, but for those of us who don't speak the language, Google translate works. Here's the DGCCRF's Facebook page.

Read more of this story at Slashdot.

Why Winners Become Cheaters

11 hours 9 min ago
JoeyRox writes: A new study from the Hebrew University of Jerusalem reveals a paradoxical aspect of human behavior — people who win in competitive situations are more likely to cheat in the future. In one experiment, 86 students were split up into pairs and competed in a game where cheating was impossible. The students were then rearranged into new pairs to play a second game where cheating was possible. The result? Students who won the first game were much more likely to cheat at the second game. Additional experiments indicated that cheating was also more likely if students simply recalled a memory of winning in the past. The experiments further demonstrated that subsequent cheating was more likely in situations where the outcome of previous competitions was determined by merit rather than luck.

Read more of this story at Slashdot.

Engineers Devise a Way To Harvest Wind Energy From Trees

2/10/2016 9:46pm
derekmead writes: Harvesting electrical power from vibrations or other mechanical stress is pretty easy. Turns out all it really takes is a bit of crystal or ceramic material and a couple of wires and, there you go, piezoelectricity. As stress is applied to the material, charge accumulates, which can then be shuttled away to do useful work. The classic example is an electric lighter, in which a spring-loaded hammer smacks a crystal, producing a spark. Another example is described in a new paper in the Journal of Sound and Vibration, courtesy of engineers at Ohio State's Laboratory of Sound and Vibration Research. The basic idea behind the energy harvesting platform: exploit the natural internal resonances of trees within tiny artificial forests capable of generating enough voltage to power sensors and structural monitoring systems.

Read more of this story at Slashdot.

SCO vs. IBM Battle Over Linux May Finally Be Over

2/10/2016 8:35pm
JG0LD writes with this news from Network World: A breach-of-contract and copyright lawsuit filed nearly 13 years ago by a successor company to business Linux vendor Caldera International against IBM may be drawing to a close at last, after a U.S. District Court judge issued an order in favor of the latter company earlier this week. Here's the decision itself (PDF). Also at The Register.

Read more of this story at Slashdot.

Facebook Developing Radio Wave Mesh To Connect Offline Areas

2/10/2016 6:59pm
An anonymous reader writes: As part of its wider Internet.org initiative to deliver connectivity to poor and rural communities, Facebook is actively developing a new network technology which uses millimetre wave bands to transmit data. Facebook engineer Sanjai Kohli filed two patents which outlined a 'next generation' data system, which would make use of millimetre wave technology deployed as mesh networks. Kohli's patents detailed a type of centralised, cloud-based routing system which 'dynamically adjusts route and frequency channel assignments, transmit power, modulation, coding, and symbol rate to maximize network capacity and probability of packet delivery, rather than trying to maximize the capacity of any one link.'

Read more of this story at Slashdot.

LibreOffice 5.1 Officially Released

2/10/2016 6:22pm
prisoninmate writes: After being in development for the last three months or so, LibreOffice 5.1 comes today to a desktop environment near you with some of the most attractive features you've ever seen in an open-source office suite software product, no matter the operating system used. The release highlights of LibreOffice 5.1 include a redesigned user interface for improved ease of use, better interoperability with OOXML files, support for reading and writing files on cloud servers, enhanced support for the ODF 1.2 file format, as well as additional Spreadsheet functions and features. Yesterday, even with the previous version, I was able to successfully use a moderately complex docx template without a hitch — the kind of thing that would have been a pipe-dream not too long ago.

Read more of this story at Slashdot.

FAA Eases Drone Restrictions Around Washington, DC

2/10/2016 5:41pm
An anonymous reader writes with a link to Robotics Trends, which reports that: After doubling the radius of the "no-drone zone" from 15 miles to 30 miles outside of Washington, D.C. in 2015, the FAA announced drones can now fly in the "outer ring" of the Special Flight Rules Area. This means drones can operate between a 15- to 30-mile radius outside of the nation's capitol. Drones that fly between the 15- to 30-mile radius still have to operate under specific conditions: drones must weigh less than 55 pounds, be registered and marked, fly under 400 feet, stay in the operator's line of sight, only fly in clear conditions, and avoid other aircraft.

Read more of this story at Slashdot.

First Steps Towards Network Transparency For Wayland

2/10/2016 5:20pm
munwin99 writes: For the longest time, when bringing up Wayland a recurring question was 'what about network transparency?!' Well, Samsung's Derek Foreman has today published the set of Wayland patches for providing Wayland network transparency by pushing the Wayland protocol over TCP/IP.

Read more of this story at Slashdot.

AWS Terms of Service Offer a Break If Zombie Apocalypse Occurs

2/10/2016 5:00pm
v3rgEz writes: Running at over 50 sections and hundreds of subsections, Amazon AWS's terms of service are somewhat exhaustive, but there's one paragraph that might catch your eye. As of yesterday's update, Amazon has added a section that nullifies restrictions on the use of their Lumberyard game platform in the event of a zombie outbreak. Pre-apocalypse, the terms of service prohibit the use of the engine to manage life-or-death situations, but being able to spin up a zombie firefight simulator at a moment's notice might come in handy. You do have to wonder, though: Does Jeff Bezos know something we don't? Lawyers typically don't approve of Easter Eggs in legal documents.

Read more of this story at Slashdot.

Dell Packs Xeon and Quadro GPU In 4lb Laptop

2/10/2016 4:19pm
MojoKid writes: To look at the Dell Precision 15 5510, you wouldn't know that it sits in the middle of Dell's workstation lineup. The laptop is thinner and sleeker than you might expect a workstation-class laptop to be and the premium carbon fiber palm rest gives the system a decidedly high-end vibe. Not to mention, like the XPS 15, Dell equipped this machine with its 4K IGZO Infinity Edge display that has almost no bezel on three of its sides. However, the Precision 15 5510 is actually Dell's mid-range mobile workstation that also supports Intel Xeon E3 processors and NVIDIA's Quadro M1000 series GPUs. It's essentially a mobile workstation version of Dell's XPS 15 line but along with an NVMe PCIe Solid State Drive, delivers professional grade performance and the pro app certifications that go with it. Compared to Lenovo's ThinkPad W550 line, the Precision 15 is a more sleek, stylish machine and in testing it packs more punch as well. Lenovo may already have their Skylake Xeon refresh in the works for the ThinkPad W series, however.

Read more of this story at Slashdot.

Carly Is Out

2/10/2016 3:58pm
MouseTheLuckyDog writes: I don't like stories that are not nerd oriented, but given Carly Fiorina's disastrous time as HP's CEO, the second only to Stephen Elop's tenure at Nokia, I think it is appropriate to announce that as of now Carly Fiorina is out of the Presidential race.

Read more of this story at Slashdot.

Trane Takes 2 Years To Remove Hard-Coded Root Passwords From IoT Thermostat

2/10/2016 3:41pm
An anonymous reader writes: It took 22 months for Trane to patch three security bugs in its ComfortLink II XL950 smart Wi-Fi thermostat product, the ComfortLink II XL950, a modern IoT device along the lines of Google Nest, which offers a simple way to manage your apartment's or building's internal temperature. Researchers contacted Trane about their three issues in April 2014, the company fixed the RCE flaws in April 2015 and recently released a firmware update at the end of January to fix the last issue. During all this time, the company barely answered emails and continued to sell an exposed product.

Read more of this story at Slashdot.

novalug.com