Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
The Almighty Buck

Blockchain Technology Could Save Banks $12 Billion a Year (silicon.co.uk) 64

Mickeycaskill quotes a report from Silicon.co.uk: Accenture research has found Blockchain technology has the potential to reduce infrastructure costs by an average of 30 percent for eight of the world's ten biggest banks. That equates to annual cost savings of $8-12 billion. The findings of the "Banking on Blockchain: A Value Analysis for Investment Banks" report are based on an analysis of granular cost data from the eight banks to identify exactly where value could be achieved. A vast amount of cost for today's investment banks comes from complex data reconciliation and confirmation processes with their clients and counterparts, as banks maintain independent databases of transactions and customer information. However, Blockchain would enable banks to move to a shared, distributed database that spans multiple organizations. It has become increasingly obvious in recent months that blockchain will be key to the future of the banking industry, with the majority of banks expected to adopt the technology within the next three years.
Microsoft

Microsoft's Security Bulletins Will End In February (computerworld.com) 39

Remember how Microsoft switched to cumulative updates? Now Computerworld points out that that's bringing another change. An anonymous reader quotes their report: Microsoft next month will stop issuing detailed security bulletins, which for nearly 20 years have provided individual users and IT professionals information about vulnerabilities and their patches... A searchable database of support documents will replace the bulletins; that database has been available, albeit in preview, since November on the portal Microsoft dubbed the "Security Updates Guide," or SUG. The documents stored in the database are specific to a vulnerability on an edition of Windows, or a version of another Microsoft product. They can be sorted and filtered by the affected software, the patch's release date, its CVE identifier, and the numerical label of the KB, or "knowledge base" support document.
Redmond Magazine reports that Microsoft still plans to continue to issue its security advisories, and to issue "out-of-band" security update releases as necessary.
Privacy

Hackers Corrupt Data For Cloud-Based Medical Marijuana System (bostonglobe.com) 144

Long-time Slashdot reader t0qer writes: I'm the IT director at a medical marijuana dispensary. Last week the point of sales system we were using was hacked... What scares me about this breach is, I have about 30,000 patients in my database alone. If this company has 1,000 more customers like me, even half of that is still 15 million people on a list of people that "Smoke pot"...
" No patient, consumer, or client data was ever extracted or viewed," the company's data directory has said. "The forensic analysis proves that. The data was encrypted -- so it couldn't have been viewed -- and it was never extracted, so nobody has it and could attempt decryption." They're saying it was a "targeted" attack meant to corrupt the data rather than retrieve it, and they're "reconstructing historical data" from backups, though their web site adds that their backup sites were also targeted.

"In response to this attack, all client sites have been migrated to a new, more secure environment," the company's CEO announced on YouTube Saturday, adding that "Keeping our client's data secure has always been our top priority." Last week one industry publication had reported that the outage "has sent 1,000 marijuana retailers in 23 states scrambling to handle everything from sales and inventory management to regulatory compliance issues."
Medicine

Rural Americans At Higher Risk From Five Leading Causes of Death: CDC (cbsnews.com) 373

An anonymous reader quotes a report from CBS News: Americans living in rural areas are more likely to die from five leading causes of death than people living in urban areas, according to a new government report. Many of these deaths are preventable, officials say, with causes including heart disease, cancer, unintentional injuries, stroke, and chronic lower respiratory disease. Approximately 46 million Americans -- about 15 percent of the U.S. population -- currently live in rural areas. According to the CDC report, several demographic, environmental, economic, and social factors might put rural residents at higher risk of death from these conditions. Rural residents in the U.S., for example, tend to be older and sicker than their urban counterparts, and have higher rates of cigarette smoking, high blood pressure, and obesity. People living in rural areas also report less leisure-time physical activity and lower seatbelt use than their those living in urban areas and have higher rates of poverty, less access to health care, and are less likely to have health insurance. Specifically, the report found that in 2014, deaths among rural Americans included: 25,000 from heart disease; 19,000 from cancer; 12,000 from unintentional injuries; 11,000 from chronic lower respiratory disease; 4,000 from stroke. The percentages of deaths that were potentially preventable were higher in rural areas than in urban areas, the authors report. For the study, the researchers analyzed numbers from a national database. The CDC suggests to help close the gap, health care providers in rural areas can: Screen patients for high blood pressure; Increase cancer prevention and early detection; Encourage physical activity and healthy eating; Promote smoking cessation; Promote motor vehicle safety; Engage in safer prescribing of opioids for pain.
Movies

IMDb Ignores New Law Banning It From Publishing Actors' Ages Online, Cites Free Speech Violations (betanews.com) 218

Back in September, the state of California passed a new law that banned sites that offer paid subscriptions, and allow people to post resumes, from publishing individuals' ages. It's a law that has the potential to affect many sites, but it is the Internet Movie Database (IMDb) that hit the headlines. From a report: IMDb was told to remove actors' ages from the site by 1 January, 2017, but the site has failed to take any action. A full week into 2017, IMDb has not only chosen to ignore the new law, but has also filed a lawsuit in a bid to stop California from implementing Assembly Bill No. 1687. The reason? IMDb believes that the law is a violation of the First Amendment and it says the state has "chosen instead to chill free speech and to undermine access to factual information of public interest" rather than trying to tackle age-discrimination in a more meaningful way.
Education

Ask Slashdot: What's The Best Job For This Recent CS Grad? 259

One year away from graduating with a CS degree, an anonymous reader wants some insights from the Slashdot community: [My] curriculum is rather broad, ranging from systems programming on a Raspberry Pi to HTML, CSS, JavaScript, C, Java, JPA, Python, Go, Node.js, software design patterns, basic network stuff (mostly Cisco) and various database technologies... I'm working already part-time as a system administrator for two small companies, but don't want to stay there forever because it's basically a dead-end position. Enjoying the job, though... With these skills under my belt, what career path should I pursue?
There's different positions as well as different fields, and the submission explains simply that "I'm looking for satisfying and rewarding work," adding that "pay is not that important." So leave your suggestions in the comments. What's the best job for this recent CS grad?
Privacy

WikiLeaks Threatens To Publish Twitter Users' Personal Info (usatoday.com) 211

WikiLeaks said on Twitter earlier today that it wants to publish the private information of hundreds of thousands of verified Twitter users. The group said an online database would include such sensitive details as family relationships and finances. USA Today reports: "We are thinking of making an online database with all 'verified' twitter accounts [and] their family/job/financial/housing relationships," the WikiLeaks Task Force account tweeted Friday. The account then tweeted: "We are looking for clear discrete (father/shareholding/party membership) variables that can be put into our AI software. Other suggestions?" Wikileaks told journalist Kevin Collier on Twitter that the organization wants to "develop a metric to understand influence networks based on proximity graphs." Twitter bans the use of Twitter data for "surveillance purposes." In a statement, Twitter said: "Posting another person's private and confidential information is a violation of the Twitter rules." Twitter declined to say how many of its users have verified accounts but the Verified Twitter account which follows verified accounts currently follows 237,000. Verified accounts confirm the identity of the person tweeting by displaying a blue check mark. Twitter says it verifies an account when "it is determined to be an account of public interest." Twitter launched the feature in 2009 after celebrities complained about people impersonating them on the social media service.
Bitcoin

Over 1,800 MongoDB Databases Held For Ransom By Mysterious Attacker (bleepingcomputer.com) 115

An anonymous reader writes: "An attacker going by the name of Harak1r1 is hijacking unprotected MongoDB databases, stealing and replacing their content, and asking for a 0.2 Bitcoin ($200) ransom to return the data," reports Bleeping Computer. According to John Matherly, Shodan founder, over 1,800 MongoDB databases have had their content replaced with a table called WARNING that contains the ransom note. Spotted by security researcher Victor Gevers, these databases are MongoDB instances that feature no administrator password and are exposed to external connections from the internet. Database owners in China have been hit, while Bleeping Computer and MacKeeper have confirmed other infections, one which hit a prominent U.S. healthcare organization and blocked access to over 200,000 user records. These attacks are somewhat similar to attacks on Redis servers in 2016, when an unknown attacker had hijacked and installed the Fairware ransomware on hundreds of Linux servers running Redis DB. The two series of attacks don't appear to be related.
Books

Library Creates Fake Patron Records To Avoid Book-Purging (heraldnet.com) 258

An anonymous reader writes: Chuck Finley checked out 2,361 books from a Florida library in just nine months, increasing their total circulation by 3.9%. But he doesn't exist. "The fictional character was concocted by two employees at the library, complete with a false address and driver's license number," according to the Orlando Sentinel. The department overseeing the library acknowledges their general rule is "if something isn't circulated in one to two years, it's typically weeded out of circulation." So the fake patron scheme was concocted by a library assistant working with the library's branch supervisor, who "said he wanted to avoid having to later repurchase books purged from the shelf." But according to the newspaper the branch supervisor "said the same thing is being done at other libraries, too."
Bug

Nevada Website Bug Leaks Thousands of Medical Marijuana Dispensary Applications (zdnet.com) 55

An anonymous reader quotes a report from ZDNet: Nevada's state government website has leaked the personal data on over 11,700 applicants for dispensing medical marijuana in the state. Each application, eight pages in length, includes the person's full name, home address, citizenship, and even their weight and height, race, and eye and hair color. The applications also include the applicant's citizenship, their driving license number (where applicable), and social security number. Security researcher Justin Shafer found the bug in the state's website portal, allowing anyone with the right web address to access and enumerate the thousands of applications. Though the medical marijuana portal can be found with a crafted Google search query, we're not publishing the web address out of caution until the bug is fixed. A spokesperson for the Nevada Dept. Health and Human Services, which runs the medical marijuana application program, told ZDNet that the website has been pulled offline to limit the vulnerability. The spokesperson added that the leaked data was a "portion" of one of several databases.
Microsoft

LinkedIn Warns 9.5 Million Lynda Users About Database Breach (neowin.net) 35

Less than four weeks after Microsoft formally acquired LinkedIn for $26 billion, there's been a database breach. An anonymous reader writes: LinkedIn is sending emails to 9.5 million users of Lynda.com, its online learning subsidiary, warning the users of a database breach by "an unauthorized third party". The affected database included contact information for at least some of the users. An email to customers says "while we have no evidence that your specific account was accessed or that any data has been made publicly available, we wanted to notify you as a precautionary measure." Ironically, the breach comes less than a month after Russia blocked access to LinkedIn over privacy concerns.
LinkedIn has also reset the passwords for 55,000 Lynda.com accounts (though apparently many of its users don't have accounts with passwords).
Java

Oracle Begins Aggressively Pursuing Java Licensing Fees (theregister.co.uk) 295

Java SE is free, but Java SE Suite and various flavors of Java SE Advanced are not, and now Oracle "is massively ramping up audits of Java customers it claims are in breach of its licenses," reports the Register. Oracle bought Java with Sun Microsystems in 2010 but only now is its License Management Services division chasing down people for payment, we are told by people familiar with the matter. The database giant is understood to have hired 20 individuals globally this year, whose sole job is the pursuit of businesses in breach of their Java licenses... Huge sums of money are at stake, with customers on the hook for multiple tens and hundreds of thousands of dollars.
Slashdot reader rsilvergun writes, "Oracle had previously sued Google for the use of Java in Android but had lost that case. While that case is being appealed, it remains to be seen if the latest push to monetize Java is a response to that loss or part of a broader strategy on Oracle's part." The Register interviewed the head of an independent license management service who says Oracle's even targeting its own partners now.

But after acquiring Sun in 2010, why did Oracle's License Management Services wait a full six years? "It is believed to have taken that long for LMS to devise audit methodologies and to build a detailed knowledge of customers' Java estates on which to proceed."
Businesses

Yahoo's Billion-User Database Reportedly Sold On the Dark Web for Just $300,000 - NYT (thenextweb.com) 71

An anonymous reader writes: As if 2016 wasn't shitty enough for Yahoo -- which admitted to two separate breaches that saw 500 million users' and then 1 billion users' details stolen by hackers -- the New York Times reports that a billion-user database was sold on the Dark Web last August for $300,000. That's according to Andrew Komarov, chief intelligence office at security firm InfoArmor. He told NYT that three buyers, including two prominent spammers and another who might be involved in espionage tactics purchased the entire database at the aforementioned price from a hacker group believed to based in Eastern Europe. It's lovely to know that it only costs $300,000 to be able to threaten a billion people's online existence -- which means each account is only worth $0.0003 to hackers who can ruin your life online in a matter of minutes. Yahoo also doesn't yet know who made off with all the data from the attack in 2013, which is said to be the largest breach of any company ever.
Privacy

Twitter Blocks Government 'Spy Centers' From Accessing User Data (theguardian.com) 46

An anonymous reader quotes a report from The Guardian: Twitter has blocked federally funded "domestic spy centers" from using a powerful social media monitoring tool after public records revealed that the government had special access to users' information for controversial surveillance efforts. The American Civil Liberties Union of California discovered that so-called fusion centers, which collect intelligence, had access to monitoring technology from Dataminr, an analytics company partially owned by Twitter. The ACLU's records prompted the companies to announce that Dataminr had terminated access for all fusion centers and would no longer provide social media surveillance tools to any local, state or federal government entities. The government centers are partnerships between agencies that work to collect vast amounts of information purportedly to analyze "threats". The spy centers, according to the ACLU, target protesters, journalists and others protected by free speech rights while also racially profiling people deemed "suspicious" by law enforcement. Records that the ACLU obtained uncovered that a fusion center in southern California had access to Dataminr's "geospatial analysis application", which allowed the government to do location-based tracking as well as searches tied to keywords. That means the center could use Dataminr to search billions of tweets and monitor specific demographics or organizations.
China

Why China Can't Lure Tech Talent (bloomberg.com) 219

China may have been hoping to attract tech talent to its nation, but it is unlikely that people in the tech industry will move there. A columnist at Bloomberg explains why: The biggest problem is government control of the internet. For a software developer, the inconvenience goes well beyond not being able to access YouTube during coffee breaks. It means that key software libraries and tools are often inaccessible. In 2013, China blocked Github, a globally important open-source depository and collaboration tool, thereby forcing developers to seek workarounds. Using a virtual private network to "tunnel" through the blockades is one popular option. But VPNs slow uploads, downloads and collaboration. And it isn't just developers who suffer. Among the restricted sites in China is Google Scholar, a tool that indexes online peer-reviewed studies, conference proceedings, books and other research material into an easily accessible format. It's become a crucial database for academics around the world, and Chinese researchers -- even those with VPNs -- struggle to use it. The situation grew so dire this summer that several state-run news outlets published complaints from Chinese scientists, with one practically begging the nationalist Global Times newspaper: "We hope the government can relax supervision for academic purposes." The cumulative impact of these restrictions is significant. Scientists unable to keep up with what researchers in other countries are publishing are destined to be left behind, which is one reason China is having difficulty luring foreign scholars to its universities. Programmers who can't take advantage of the sites and tools that make development a global effort are destined to write software customized solely for the Chinese market. The author has raised several other reasons to make his case.
Medicine

Researchers Successfully Fight Colon Cancer Using Immunotherapy (nytimes.com) 40

Slashdot reader schwit1 quotes the New York Times: The remarkable recovery of a woman with advanced colon cancer, after treatment with cells from her own immune system, may lead to new options for thousands of other patients with colon or pancreatic cancer, researchers are reporting. (Shorter non-paywalled version of the article here). Her treatment was the first to successfully target a common cancer mutation that scientists have tried to attack for decades... so resistant to every attempt at treatment that scientists have described it as "undruggable"... The researchers analyze tumors for mutations -- genetic flaws that set the cancer cells apart from normal ones. They also study tumor-infiltrating lymphocytes, looking for immune cells that can recognize mutations and therefore attack cancerous cells but leave healthy ones alone.
The patient, a 50-year-old database programmer in Michigan, is now cancer-free, according to the article. "Researchers twice denied her request to enter the clinical trial, saying her tumors were not large enough, she said. But she refused to give up and was finally let in."

The treatment ultimately eliminated six of her seven tumors, and because it targeted a cell mutation that's common in colon cancer patients, "Researchers say they now have a blueprint that may enable them to develop cell treatments for other patients as well."
Databases

YouTube, Facebook, Twitter and Microsoft Will Create 'Hash' Database To Remove Extremist Content (reuters.com) 262

bongey writes: Youtube, Facebook, Twitter and Microsoft are teaming up to create a common database to flag extremist videos and pictures. The database is set to go live in 2017. The system will not automatically remove content. Reuters reports: "The companies will share 'hashes' -- unique digital fingerprints they automatically assign to videos or photos -- of extremist content they have removed from their websites to enable their peers to identify the same content on their platforms. 'We hope this collaboration will lead to greater efficiency as we continue to enforce our policies to help curb the pressing global issue of terrorist content online,' the companies said in a statement on Tuesday. Each company will decide what image and video hashes to add to the database and matching content will not be automatically removed, they said. The database will be up and running in early 2017 and more companies could be brought into the partnership."
Government

California State Senator Introduces Bill That Would Mandate Reporting of 'Superbug' Infections, Deaths (reuters.com) 75

An anonymous reader quotes a report from Reuters: A California state senator introduced a bill on Monday that would mandate reporting of antibiotic-resistant infections and deaths and require doctors to record the infections on death certificates when they are a cause of death. The legislation also aims to establish the nation's most comprehensive statewide surveillance system to track infections and deaths from drug-resistant pathogens. Data from death certificates would be used to help compile an annual state report on superbug infections and related deaths. In September, a Reuters investigation revealed that tens of thousands of superbug deaths nationwide go uncounted every year. The infections are often omitted from death certificates, and even when they are recorded, they aren't counted because of the lack of a unified national surveillance system. Because there is no federal surveillance system, monitoring of superbug infections and deaths falls to the states. A Reuters survey of all 50 state health departments and the District of Columbia found that reporting requirements vary widely. Hill's bill would require hospitals and clinical labs to submit an annual summary of antibiotic-resistant infections to the California Department of Health beginning July 1, 2018; amend a law governing death certificates by requiring that doctors specify on death certificates when a superbug was the leading or a contributing cause of death; and require the state Health Department to publish an annual report on resistant infections and deaths, including data culled from death certificates.
Republicans

Of 8 Tech Companies, Only Twitter Says It Would Refuse To Help Build Muslim Registry For Trump (theintercept.com) 588

On the campaign trail last year, President-elect Donald Trump said he would consider requiring Muslim-Americans to register with a government database. While he has back-stepped on a number of campaign promises after being elected president, Trump and his transition team have recently resurfaced the idea to create a national Muslim registry. In response, The Intercept contacted nine of the "most prominent" technology companies in the United States "to ask if they would sell their services to help create a national Muslim registry." Twitter was the only company that responded with "No." The Intercept reports: Even on a purely hypothetical basis, such a project would provide American technology companies an easy line to draw in the sand -- pushing back against any effort to track individuals purely (or essentially) on the basis of their religious beliefs doesn't take much in the way of courage or conviction, even by the thin standards of corporate America. We'd also be remiss in assuming no company would ever tie itself to such a nakedly evil undertaking: IBM famously helped Nazi Germany computerize the Holocaust. (IBM has downplayed its logistical role in the Holocaust, claiming in a 2001 statement that "most [relevant] documents were destroyed or lost during the war.") With all this in mind, we contacted nine different American firms in the business of technology, broadly defined, with the following question: "Would [name of company], if solicited by the Trump administration, sell any goods, services, information, or consulting of any kind to help facilitate the creation of a national Muslim registry, a project which has been floated tentatively by the president-elect's transition team?" After two weeks of calls and emails, only three companies provided an answer, and only one said it would not participate in such a project. A complete tally is below.

Facebook: No answer. Twitter: "No," and a link to this blog post, which states as company policy a prohibition against the use, by outside developers, of "Twitter data for surveillance purposes. Period." Microsoft: "We're not going to talk about hypotheticals at this point," and a link to a company blog post that states that "we're committed to promoting not just diversity among all the men and women who work here, but [...] inclusive culture" and that "it will remain important for those in government and the tech sector to continue to work together to strike a balance that protects privacy and public safety in what remains a dangerous time." Google: No answer. Apple: No answer. IBM: No answer. Booz Allen Hamilton: Declined to comment. SRA International: No answer.

Microsoft

Microsoft Exec Urges Linux Developers To Try Windows 10 (softpedia.com) 403

An anonymous reader shares a Softpedia article: Microsoft has finally acknowledged the potential that the open-source world in general, and Linux in particular, boasts, so the company is exploring its options to expand in this area with every occasion. Most recently, an episode posted on Channel 9 and entitled "Improvements to Bash on Windows and the Windows Console" with senior program manager Rich Turner calls for Linux developers to give up on their platforms for Windows 10. "Fire up a Windows 10 Insiders' build instance and run your code, run your tools, host your website on Apache, access your MySQL database from your Java code," he explained. Turner went on to point out that the Windows subsystem for Linux is there to provide developers with all the necessary tools to code just like they'd do it on Linux, all without losing the advantages of Windows 10. "Whatever it is that you normally do on Linux to build an application: whether it's in Go, in Erlang, in C, whatever you use, please, give it a try on Bash WSL, and importantly file bugs on us. It really makes our life a lot easier and helps us build a product that we can all use and be far more productive with, he continued. Editor's note: The original title from Softpedia was edited because it was misleading. A Microsoft employee doesn't represent the entire company (at least in this instant he wasn't speaking for the company), and at no point has he asked "all Linux developers" to "give up" on Linux.

Slashdot Top Deals