Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Sony

US Links North Korea To Sony Hacking 182

Posted by samzenpus
from the who's-to-blame dept.
schwit1 writes Speaking off the record, senior intelligence officials have told the New York Times, CNN, and other news agencies that North Korea was "centrally involved" in the hack of Sony Pictures Entertainment. It is not known how the US government has determined that North Korea is the culprit, though it is known that the NSA has in the past penetrated North Korean computer systems. Previous analysis of the malware that brought down Sony Pictures' network showed that there were marked similarities to the tools used in last year's cyber-attack on South Korean media companies and the 2012 "Shamoon" attack on Saudi Aramco. While there was speculation that the "DarkSeoul" attack in South Korea was somehow connected to the North Korean regime, a firm link was never published.
Electronic Frontier Foundation

Federal Court Nixes Weeks of Warrantless Video Surveillance 440

Posted by timothy
from the if-you-watch-someone-long-enough dept.
An anonymous reader writes with this news from the EFF's Deep Links: The public got an early holiday gift today when a federal court agreed with us that six weeks of continually video recording the front yard of someone's home without a search warrant violates the Fourth Amendment. In United States v. Vargas local police in rural Washington suspected Vargas of drug trafficking. In April 2013, police installed a camera on top of a utility pole overlooking his home. Even though police did not have a warrant, they nonetheless pointed the camera at his front door and driveway and began watching every day. A month later, police observed Vargas shoot some beer bottles with a gun and because Vargas was an undocumented immigrant, they had probable cause to believe he was illegally possessing a firearm. They used the video surveillance to obtain a warrant to search his home, which uncovered drugs and guns, leading to a federal indictment against Vargas.
Movies

Blade Runner 2 Script Done, Harrison Ford Says "the Best Ever" 299

Posted by timothy
from the you're-in-a-desert-walking-along-in-the-sand dept.
BarbaraHudson (3785311) writes "It's been more than 30 years, but finally the script for Blade Runner 2 is done. Original interview with Ridley Scott on MTV. Links for those who don't want to watch the interview. If you're worried that the upcoming Blade Runner sequel won't measure up to the 1982 sci-fi cult classic, rest assured. Harrison Ford apparently thinks the script is "the best thing (he's) ever read." Although Scott is debating whether or not he'll direct the sequel, it looks like Ford will most certainly be reprising his role as Rick Deckard."
Piracy

IsoHunt Unofficially Resurrects the Pirate Bay 115

Posted by Soulskill
from the they're-spartacus dept.
An anonymous reader writes: Torrent site isoHunt appears to have unofficially resurrected The Pirate Bay at oldpiratebay.org. At first glance, The Old Pirate Bay seems to be just a commemorative site for The Pirate Bay, which went down this week after police raided its data center in Sweden. Upon further inspection, however, it turns out the site is serving new content. This is much more than just a working archive of The Pirate Bay; it has a functioning search engine, all the old listings, and working magnet links.
Education

2014 Geek Gift Guide 113

Posted by Soulskill
from the watch-out-for-robot-santa dept.
With the holidays coming up, Bennett Haselton has updated his geek-oriented gift guide for 2014. He says: Some of my favorite gifts to give are still the ones that were listed in several different previously written posts, while a few new cool gift ideas emerged in 2014. Here are all my current best recommendations, listed in one place. Read on for the list, or to share any suggestions of your own.
Security

FBI: Wiper Malware Has Korean Language Packs, Hard Coded Targets 81

Posted by Soulskill
from the brace-for-cyber-impact dept.
chicksdaddy sends news that the FBI has issued a warning to U.S. businesses over a "destructive" malware campaign using advanced tools. They don't name specific targets, but the information fits with the details from last week's attack on Sony Pictures, which led to the leak of several unreleased movies. A copy of the FBI's recent five-page FLASH alert reveals that the malware alleged to have wiped out systems at Sony Pictures Entertainment deployed a number of malicious modules, including a version of a commercial disk wiping tool on target systems. Samples of the malware obtained by the FBI were also found to contain configuration files created on systems configured with Korean language packs. The use of Korean could strengthen theories that the destructive cyber attacks have links to North Korea, though it is hardly conclusive. It does appear that the attack was targeted at a specific organization. The malware analyzed by the FBI contained a hard coded list of IP addresses and computer host names.
Open Source

Critical XSS Flaws Patched In WordPress and Popular Plug-In 41

Posted by timothy
from the switch-to-slashcode dept.
itwbennett writes The WordPress development team on Thursday released critical security updates that address an XSS vulnerability in the comment boxes of WordPress posts and pages. An attacker could exploit this flaw to create comments with malicious JavaScript code embedded in them that would get executed by the browsers of users seeing those comments. 'In the most obvious scenario the attacker leaves a comment containing the JavaScript and some links in order to put the comment in the moderation queue,' said Jouko Pynnonen, the security researcher who found the flaw.
Science

CMI Director Alex King Talks About Rare Earth Supplies (Video 2) 11

Posted by Roblimo
from the the're-still-looking-for-unobtanium dept.
Yesterday we ran video #1 of 2 about the Critical Materials Institute (CMI) at the Iowa State Ames Laboratory in Ames, Iowa. They have partners from other national laboratories, universities, and industry, too. Obviously there is more than enough information on this subject that Dr. King can easily fill two 15-minute videos, not to mention so many Google links that instead of trying to list all of them, we're giving you one link to Google using the search term "rare earths." Yes, we know Rare Earth would be a great name for a rock band. But the mineral rare earths are important in the manufacture of items ranging from strong magnets to touch screens and rechargeable batteries, so please watch the video(s) or at least read the transcript(s). (Alternate Video Link)
Hardware

CMI Director Alex King Talks About Rare Earth Supplies (Video) 27

Posted by Roblimo
from the we're-talking-about-minerals-not-the-band dept.
CMI in this context is the Critical Materials Institute at the Iowa State Ames Laboratory in Ames, Iowa. They have partners from other national laboratories, universities, and industry, too. Rare earths, while not necessarily as rare as the word "rare" implies, are hard to mine, separate, and use. They are often found in parts per million quantities, so it takes supercomputers to suss out which deposits are worth going after. This is what Dr. King and his coworkers spend their time doing; finding concentrations of rare earths that can be mined and refined profitably.

On November 3 we asked you for questions to put to Dr. King. Timothy incorporated some of those questions into the conversation in this video -- and tomorrow's video too, since we broke this into two parts because, while the subject matter may be fascinating, we are supposed to hold video lengths down to around 10 minutes, and in this case we still ended up with two videos close to 15 minutes each. And this stuff is important enough that instead of lining up a list of links, we are giving you one link to Google using the search term "rare earths." Yes, we know Rare Earth would be a great name for a rock band. But the mineral rare earths are important in the manufacture of items from strong magnets to touch screens and rechargeable batteries. (Alternate Video Link)
Communications

Military Laser/Radio Tech Proposed As Alternative To Laying Costly Fiber Cable 150

Posted by samzenpus
from the amazing-saving-laser dept.
An anonymous reader writes "Californian comm-tech company Aoptix is testing new laser+radio hybrid communications technology with three major U.S. internet carriers. The equipment required can be bolted onto existing infrastructure, such as cell-tower masts, and can communicate a 2gbps stream over 6.5 miles. The system was developed over 10 years at a cost of $100 million in conjunction with the Air Force Research Laboratory, and the military implementation of it is called Aoptix Enhanced Air Ground Lasercom System (EAGLS). The laser component of the technology uses a deformable mirror to correct for atmospheric distortion over the mast-hop, in real-time. The laser part of the system is backed-up by a redundant radio transmitter. The radio component has low attenuation in rainy conditions with large refracting raindrops, while the laser is more vulnerable to dense fog. The system, which features auto-stabilization to compensate for cell-tower movement and is being proposed as an alternative to the tremendous cost p/m of laying fiber cable, is being tested in Mexico and Nigeria in addition to the three ISP trials.
Power

Comet Probe Philae Unanchored But Stable — And Sending Back Images 132

Posted by timothy
from the overengineering-is-the-best-kind dept.
An anonymous reader writes with an update to the successful landing of the ESA's comet probe Philae, which (as mentioned yesterday) had problems attaching to the surface of the comet's Rosetta: "BBC now reports that Philae is stable on the surface. Although no source claims so, we can all imagine a faint humming of 'Still Alive' coming from the probe." Not just stable, but sending pictures while it can. From the article: The probe left Rosetta with 60-plus hours of battery life, and will need at some point to charge up with its solar panels. But early reports indicate that in its present position, the robot is receiving only one-and-a-half hours of sunlight during every 12-hour rotation of the comet. This will not be enough to sustain operations. As a consequence, controllers here are discussing using one of Philae's deployable instruments to try to launch the probe upwards and away to a better location. But this would be a last-resort option. New submitter Thanshin notes that the persistent Philae bounced a few times, and actually performed 3 landings, at 15:33, 17:26 & 17:33 UTC.Thanshin adds links to a handful of relevant Twitter feeds, if you want to follow in something close to real time: Philae2014; esa_rosetta; and Philae_MUPUS (MUlti PUrpose Sensor One).
Education

The Students Who Feel They Have the Right To Cheat 438

Posted by samzenpus
from the eyes-on-your-own-paper dept.
ub3r n3u7r4l1st writes with this story of endemic cheating in Indian Universities and the students who see it as a right. "Students are often keen to exercise their rights but recently there has been an interesting twist - some in India are talking about their right to cheat in university exams. 'It is our democratic right!' a thin, addled-looking man named Pratap Singh once said to me as he stood, chai in hand, outside his university in the northern state of Uttar Pradesh. 'Cheating is our birthright.' Corruption in the university exam system is common in this part of India. The rich can bribe their way to examination success. There's even a whole subset of the youth population who are brokers between desperate students and avaricious administrators. Then there's another class of student altogether, who are so well known locally - so renowned for their political links - invigilators dare not touch them. I've heard that these local thugs sometimes leave daggers on their desk in the exam hall. It's a sign to invigilators: 'Leave me alone... or else.' So if those with money or political influence can cheat, poorer students ask, why shouldn't they?"
Sci-Fi

Michelle Sleeper Creates 'Gaming, Comics, and Pop Culture Based Props' 35

Posted by Roblimo
from the add-one-part-3-d-printing-to-three-parts-imagination-and-you're-good-to-go dept.
If you go to a sci-fi or gaming convention you'll see people in exotic "character" costumes, often holding exotic props, with some of the most popular being futuristic firearm mockups of one sort or another. Who makes all these cool fannish items? A whole bunch of artists and artisans, including Michelle Sleeper (who says she got tired of jokes about her name many years ago). She's not only one of these artisans, but is also a committed 3-D printer user, since 3-D printing is how she forms a high percentage of her props (with the word "props" being used here in the theatrical rather than the nautical sense). To keep up with what Michelle is making, you should check her blog. One of her most interesting posts, titled Atlanta Mini Maker Faire: On missing deadlines, failure, and triage, is about preparing for the event where Timothy Lord met and interviewed Michelle.

Even if gamer gatherings and SF conventions aren't your thing, the interview (along with the links above) gives a nice glimpse into the life of an independent artisan who uses technology to create a lot of her art. (Alternate Video Link)
Technology

Ask Slashdot: Where Do You Stand on Daylight Saving Time? 613

Posted by timothy
from the I-have-an-opinion dept.
New submitter gbcox links to this article about how the switch between Standard Time and Daylight Saving Time can be dangerous, but writes Personally, I favor year 'round DST — I like the extra sunlight in the evening... but regardless, I just wish we'd pick one and stop futzing with the time twice a year. As it is right now, we only have about 4 months of standard time as it is... is it really worth the effort to switch the clocks for only four months? I think not. Where do you stand? If you have a strong opinion, it would be nice if you start your subject line in comments with "For it!" or "Against it!" If you think that the yearly clock-shifting is a good idea, when do you think each shift should occur? For those not keeping score, tonight is the switchover time for most Americans.
Linux

Ask Slashdot: Can You Say Something Nice About Systemd? 928

Posted by samzenpus
from the use-your-words dept.
ewhac writes: "I'm probably going to deeply deeply regret this, but every time a story appears here mentioning systemd, a 700-comment thread of back-and-forth bickering breaks out which is about as informative as an old Bud Light commercial, and I don't really learn anything new about the subject. My gut reaction to systemd is (currently) a negative one, and it's very easy to find screeds decrying systemd on the net. However, said screeds haven't been enough to prevent its adoption by several distros, which leads me to suspect that maybe there's something worthwhile there that I haven't discovered yet. So I thought it might be instructive to turn the question around and ask the membership about what makes systemd good. However, before you stab at the "Post" button, there are some rules...

Bias Disclosure: I currently dislike systemd because — without diving very deeply into the documentation, mind — it looks and feels like a poorly-described, gigantic mess I know nothing about that seeks to replace other poorly-described, smaller messes which I know a little bit about. So you will be arguing in that environment."

Nice Things About systemd Rules:
  1. Post each new Nice Thing as a new post, not as a reply to another post. This will let visitors skim the base level of comments for things that interest them, rather than have to dive through a fractally expanding tree of comments looking for things to support/oppose. It will also make it easier to follow the next rule:
  2. Avoid duplication; read the entire base-level of comments before adding a new Nice Thing. Someone may already have mentioned your Nice Thing. Add your support/opposition to that Nice Thing there, rather than as a new post.
  3. Only one concrete Nice Thing about systemd per base-level post. Keep the post focused on a single Nice Thing systemd does. If you know of multiple distinct things, write multiple distinct posts.
  4. Describe the Nice Thing in some detail. Don't assume, for example, that merely saying "Supports Linux cgroups" will be immediately persuasive.
  5. Describe how the Nice Thing is better than existing, less controversial solutions. systemd is allegedly better at some things than sysvinit or upstart or inetd. Why? Why is the Nice Thing possible in systemd, and impossible (or extremely difficult) with anything else? (In some cases, the Nice Thing will be a completely new thing that's never existed before; describe why it's good thing.)

We will assume out of the gate that systemd boots your system faster than ${SOMETHING_ELSE}, so no points for bringing that up. Bonus points are awarded for:

  • Personal Experience. "I actually did this," counts for way more than, "The docs claim you can do this."
  • Working Examples. Corollary to the above — if you did a Nice Thing with systemd, consider also posting the code/script/service file you wrote to accomplish it.
  • Links to Supporting Documentation. If you leveraged a Nice Thing, furnish a link to the docs you used that describe the Nice Thing and its usage.
Government

Hackers Breach White House Network 98

Posted by Soulskill
from the dozens-of-solitaire-games-compromised dept.
wiredmikey writes: The White House's unclassified computer network was recently breached by intruders, a U.S. official said Tuesday. While the White House has not said so, The Washington Post reported that the Russian government was thought to be behind the act. Several recent reports have linked Russia to cyber attacks, including a report from FireEye on Tuesday that linked Russia back to an espionage campaign dating back to 2007. Earlier this month, iSight Partners revealed that a threat group allegedly linked with the Russian government had been leveraging a Microsoft Windows zero-day vulnerability to target NATO, the European Union, and various private energy and telecommunications organizations in Europe. The group has been dubbed the "Sandworm Team" and it has been using weaponized PowerPoint files in its recent attacks. Trend Micro believes the Sandworm team also has their eyes set on compromising SCADA-based systems.
Unix

Dangerous Vulnerability Fixed In Wget 58

Posted by Soulskill
from the under-the-radar dept.
jones_supa writes: A critical flaw has been found and patched in the open source Wget file retrieval utility that is widely used on UNIX systems. The vulnerability is publicly identified as CVE-2014-4877. "It was found that wget was susceptible to a symlink attack which could create arbitrary files, directories or symbolic links and set their permissions when retrieving a directory recursively through FTP," developer Vasyl Kaigorodov writes in Red Hat Bugzilla. A malicious FTP server can stomp over your entire filesystem, tweets HD Moore, chief research officer at Rapid 7, who is the original reporter of the bug.
Government

Ex-CBS Reporter Claims Government Agency Bugged Her Computer 235

Posted by samzenpus
from the watching-you dept.
RoccamOccam writes A former CBS News reporter who quit the network over claims it kills stories that put President Obama in a bad light says she was spied on by a "government-related entity" that planted classified documents on her computer. In her new memoir, Sharyl Attkisson says a source who arranged to have her laptop checked for spyware in 2013 was "shocked" and "flabbergasted" at what the analysis revealed. "This is outrageous. Worse than anything Nixon ever did. I wouldn't have believed something like this could happen in the United States of America," Attkisson quotes the source saying.
Government

When Snowden Speaks, Future Lawyers (and Judges) Listen 221

Posted by Soulskill
from the everybody-else-is-watching-duck-dynasty dept.
TheRealHocusLocus writes: We are witness to a historic first: an individual charged with espionage and actively sought by the United States government has been (virtually) invited to speak at Harvard Law School, with applause. [Note: all of the following links go to different parts of a long YouTube video.] HLS Professor Lawrence Lessig conducted the hour-long interview last Monday with a list of questions by himself and his students.

Some interesting segments from the interview include: Snowden's assertion that mass domestic intercept is an "unreasonable seizure" under the 4th Amendment; that it also violates "natural rights" that cannot be voted away even by the majority; a claim that broad surveillance detracts from the ability to monitor specific targets such as the Boston Marathon bombers; him calling out Congress for not holding Clapper accountable for misstatements; and his lament that contractors are exempt from whistleblower protection though they do swear an oath to defend the Constitution from enemies both foreign and domestic.

These points have been brought up before. But what may be most interesting to these students is Snowden's suggestion that a defendant under the Espionage Act should be permitted to present an argument before a jury that the act was committed "in the public interest." Could this help ensure a fair trial for whistleblowers whose testimony reveals Constitutional violation?

Invest in physics -- own a piece of Dirac!

Working...