Google+ Facebook LinkedIn ResearchGate DBLP Google Scholar





Slashdot

Syndicate content Slashdot
News for nerds, stuff that matters
Updated: 8 hours 25 min ago

Win Or Lose, Discrimination Suit Is Having an Effect On Silicon Valley

Thu, 03/26/2015 - 17:25
SpzToid sends word that the Ellen Pao vs. Kleiner Perkins Caufield & Byers discrimination case wrapped up yesterday. No matter what the outcome turns out to be, it has already effected how business is being done in Silicon Valley. "'Even before there's a verdict in this case, and regardless of what the verdict is, people in Silicon Valley are now talking,' said Kelly Dermody, managing partner at Lieff Cabraser Heimann & Bernstein, who chairs the San Francisco law firm's employment practice group. 'People are second-guessing and questioning whether there are exclusionary practices [and] everyday subtle acts of exclusion that collectively limit women's ability to succeed or even to compete for the best opportunities. And that's an incredibly positive impact.' Women in tech have long complained about an uneven playing field — lower pay for equal work, being passed over for promotions and a hostile 'brogrammer' culture — and have waited for a catalyst to finally overhaul the status quo. This trial — pitting a disgruntled, multimillionaire former junior partner against a powerful Menlo Park, Calif., venture capital firm — was far from the open-and-shut case that many women had hoped for. More gender discrimination suits against big tech firms are expected to follow; some already have, including lawsuits against Facebook Inc. and Twitter Inc."

Read more of this story at Slashdot.

GAO Denied Access To Webb Telescope Workers By Northrop Grumman

Thu, 03/26/2015 - 16:44
schwit1 writes In a report as well as at House hearings today the GAO reported that Northrop Grumman has denied them one-on-one access to workers building the James Webb Space Telescope. "The interviews, part of a running series of GAO audits of the NASA flagship observatory, which is billions of dollars overbudget and years behind schedule, were intended to identify potential future trouble spots, according to a GAO official. But Northrop Grumman Aerospace, which along with NASA says the $9 billion project is back on track, cited concerns that the employees, 30 in all, would be intimidated by the process." To give Northrop Grumman the benefit of the doubt, these interviews were a somewhat unusual request. Then again, if all was well why would they resist? Note too that the quote above says the cost of the telescope project is now $9 billion. If the project was "back on track" as the agency and Northrop Grumman claim, then why has the budget suddenly increased by another billion?

Read more of this story at Slashdot.

PayPal To Pay $7.7 Million For Sanctions Violations

Thu, 03/26/2015 - 16:03
jfruh writes PayPal may not be a bank, but it's still legally required to follow regulations on transferring money — but the company has admitted to a number of violations, including allowing transfers to an individual specifically sanctioned by the U.S. State Department for helping proliferate nuclear weapons. From Ars: "On Wednesday afternoon, PayPal reached a settlement with the US Treasury Department, agreeing that it would pay $7.7 million for allegedly processing payments to people in countries under sanction as well as to a man the US has listed as involved in the nuclear weapons black market. The company neither confirmed nor denied the allegations, but it voluntarily handed over its transaction data to the US Department of Treasury’s Office of Foreign Assets Control (OFAC)."

Read more of this story at Slashdot.

Australia Passes Mandatory Data Retention Law

Thu, 03/26/2015 - 15:20
Bismillah writes Opposition from the Green Party and independent members of parliament wasn't enough to stop the ruling conservative Liberal-National coalition from passing Australia's new law that will force telcos and ISPs to store customer metadata for at least two years. Journalists' metadata is not exempted from the retention law, but requires a warrant to access. The metadata of everyone else can be accessed by unspecified government agencies without a warrant however.

Read more of this story at Slashdot.

Micron and Intel Announce 3D NAND Flash Co-Development To Push SSDs Past 10TB

Thu, 03/26/2015 - 14:38
MojoKid writes Both Micron and Intel noted in a release today that traditional planar NAND flash memory is reaching a dead-end, and as such, have been working together on 3D memory technology that could open the floodgates for high densities and faster speeds. Not all 3D memory is alike, however. This joint development effort resulted in a "floating gate cell" being used, something not uncommon for standard flash, but a first for 3D. Ultimately, this 3D NAND is composed of flash cells stacked 32 high, resulting in 256Gb MLC and 384Gb TLC die that fit inside of a standard package. That gives us 48GB per die, and up to 750GB in a single package. Other benefits include faster performance, reduced cost, and technologies that help extend the life of the memory.

Read more of this story at Slashdot.

Generate Memorizable Passphrases That Even the NSA Can't Guess

Thu, 03/26/2015 - 13:59
HughPickens.com writes Micah Lee writes at The Intercept that coming up with a good passphrase by just thinking of one is incredibly hard, and if your adversary really is capable of one trillion guesses per second, you'll probably do a bad job of it. It turns out humans are a species of patterns, and they are incapable of doing anything in a truly random fashion. But there is a method for generating passphrases that are both impossible for even the most powerful attackers to guess, yet very possible for humans to memorize. First, grab a copy of the Diceware word list, which contains 7,776 English words — 37 pages for those of you printing at home. You'll notice that next to each word is a five-digit number, with each digit being between 1 and 6. Now grab some six-sided dice (yes, actual real physical dice), and roll them several times, writing down the numbers that you get. You'll need a total of five dice rolls to come up with each word in your passphrase. Using Diceware, you end up with passphrases that look like "cap liz donna demon self", "bang vivo thread duct knob train", and "brig alert rope welsh foss rang orb". If you want a stronger passphrase you can use more words; if a weaker passphrase is ok for your purpose you can use less words. If you choose two words for your passphrase, there are 60,466,176 different potential passphrases. A five-word passphrase would be cracked in just under six months and a six-word passphrase would take 3,505 years, on average, at a trillion guesses a second. After you've generated your passphrase, the next step is to commit it to memory.You should write your new passphrase down on a piece of paper and carry it with you for as long as you need. Each time you need to type it, try typing it from memory first, but look at the paper if you need to. Assuming you type it a couple times a day, it shouldn't take more than two or three days before you no longer need the paper, at which point you should destroy it. "Simple, random passphrases, in other words, are just as good at protecting the next whistleblowing spy as they are at securing your laptop," concludes Lee. "It's a shame that we live in a world where ordinary citizens need that level of protection, but as long as we do, the Diceware system makes it possible to get CIA-level protection without going through black ops training."

Read more of this story at Slashdot.

'Bar Mitzvah Attack' Plagues SSL/TLS Encryption

Thu, 03/26/2015 - 13:18
ancientribe writes Once again, SSL/TLS encryption is getting dogged by outdated and weak options that make it less secure. This time, it's the weak keys in the older RC4 crypto algorithm, which can be abused such that an attacker can sniff credentials or other data in an SSL session, according to a researcher who revealed the hack today at Black Hat Asia in Singapore. A slice: Bar Mitzvah exploits the weak keys used by RC4 and allows an attacker to recover plain text from the encrypted information, potentially exposing account credentials, credit card data, or other sensitive information. And unlike previous SSL hacks, this one doesn't require an active man-in-the-middle session, just passive sniffing or eavesdropping on SSL/TLS-encrypted connections, [researcher Itsik] Mantin says. But MITM could be used as well, though, for hijacking a session, he says.

Read more of this story at Slashdot.

MIT Debuts Integer Overflow Debugger

Thu, 03/26/2015 - 12:56
msm1267 writes Students from M.I.T. have devised a new and more efficient way to scour raw code for integer overflows, the troublesome programming bugs that serve as a popular exploit vector for attackers and often lead to the crashing of systems. Researchers from the school's Computer Science and Artificial Intelligence Laboratory (CSAIL) last week debuted the platform dubbed DIODE, short for Directed Integer Overflow Detection. As part of an experiment, the researchers tested DIODE on code from five different open source applications. While the system was able to generate inputs that triggered three integer overflows that were previously known, the system also found 11 new errors. Four of the 11 overflows the team found are apparently still lingering in the wild, but the developers of those apps have been informed and CSAIL is awaiting confirmation of fixes.

Read more of this story at Slashdot.

RSA Conference Bans "Booth Babes"

Thu, 03/26/2015 - 12:37
netbuzz writes In what may be a first for the technology industry, RSA Conference 2015 next month apparently will be bereft of a long-controversial trade-show attraction: "booth babes." New language in its exhibitor contract, while not using the term 'booth babe," leaves no doubt as to what type of salesmanship RSA wants left out of its event. Says a conference spokeswoman: "We thought this was an important step towards making all security professionals feel comfortable and equally respected during the show." Easier at a venue like RSA; the annual Consumer Electronics Show, not so much.

Read more of this story at Slashdot.

German Auto Firms Face Roadblock In Testing Driverless Car Software

Thu, 03/26/2015 - 11:59
An anonymous reader writes As nations compete to build the first operational autonomous car, German auto-manufacturers fear that current domestic laws limit their efforts to test the appropriate software for self-driving vehicles on public roads. German carmakers are concerned that these roadblocks are allowing U.S. competitors, such as Google, to race ahead in their development of software designed to react effectively when placed in real-life traffic scenarios. Car software developers are particularly struggling to deal with the ethical challenges often raised on the road. For example when faced with the decision to crash into a pedestrian or another vehicle carrying a family, it would be a challenge for a self-driving car to follow the same moral reasoning a human would in the situation. 'Technologically we can do fully automated self-driving, but the ethical framework is missing,' said Volkswagen CEO Martin Winterkorn.

Read more of this story at Slashdot.

Is the Apple Watch a Useful Medical Device? (Video)

Thu, 03/26/2015 - 11:18
Let's kill the suspense right away by answering the title question, 'Probably not.' For one thing, according to interviewee Alfred Poor, the Apple Watch is in no way linked to the Apple Research Kit. Dr. Poor is editor of the Health Tech Insider website, so he follows this kind of thing more carefully than most people. And the Apple watch is not the only device mentioned in this video (or transcript, if you prefer reading to listening). If you want to ruminate about the possibility of direct mind control, for instance, you need to know about the Thync, whose vendor calls it 'A groundbreaking wearable device that enables you to shift your state of mind in minutes.' They say it 'induces on-demand shifts in energy, calm, or focus.' It even has a 'pleasure' setting. Crank that to 11 and you might happily spend your days prone, being fed by a drip and emptied by a catheter, moving only when an attendant turns you over to keep bedsores from developing -- not that you'll care if they do -- as you spend the rest of your life in an artificially-induced joyful stupor.

Read more of this story at Slashdot.

NJ School District Hit With Ransomware-For-Bitcoins Scheme

Thu, 03/26/2015 - 10:40
An anonymous reader sends news that unidentified hackers are demanding 500 bitcoins, currently worth about $128,000, from administrators of a New Jersey school district. Four elementary schools in Swedesboro-Woolwich School District, which enroll more than 1,700 students, are now locked out of certain tasks: "Without working computers, teachers cannot take attendance, access phone numbers or records, and students cannot purchase food in cafeterias. Also, [district superintendent Dr. Terry C. Van Zoeren] explained, parents cannot receive emails with students grades and other information." According to this blog post from security company BatBlue, the district has been forced to postpone the Common Core-mandated PARCC state exams, too. Small comfort: "Fortunately the Superintendent told CBS 3’s Walt Hunter the hackers, using a program called Ransomware, did not access any personal information about students, families or teachers." Perhaps the administrators can take heart: Ransomware makers are, apparently, starting to focus more on product support; payment plans are probably on the way.

Read more of this story at Slashdot.

What Makes the Perfect Gaming Mouse?

Thu, 03/26/2015 - 10:00
An anonymous reader writes A new article looks at the advanced technology that goes into many gaming mice favoured by professional gamers, from dedicated processors to custom weights for the sake of ergonomics, discussing the developments with designers at three top peripheral companies: Logitech, Razer and SteelSeries. Surprisingly, some factors that were once thought to have reached the limit of their usefulness, such as DPI sensitivity, are becoming more important again as screens get bigger and we make the move to 4K resolution. ... "With the rise of higher resolution screens, especially looking into 4K multi monitor systems and beyond, DPI might become an important factor in the future again, so we are not ruling out changes in the maximum tracking rate," says Razer CEO Min-Liang Tan.

Read more of this story at Slashdot.

Many Password Strength Meters Are Downright Weak, Researchers Say

Thu, 03/26/2015 - 09:21
alphadogg writes "Website password strength meters often tell you only what you want to hear rather than what you need to hear. That's the finding from researchers at Concordia University in Montreal, who examined the usefulness of those ubiquitous red-yellow-green password strength testers on websites run by big names such as Google, Yahoo, Twitter and Microsoft/Skype. The researchers used algorithms to send millions of 'not-so-good' passwords through these meters, as well as through the meters of password management services such as LastPass and 1Password, and were largely underwhelmed by what they termed wildly inconsistent results. Inconsistent can go both directions: I've seen password-strength meters that balked at absolutely everything (accepting weak passwords as good, after calling wildly long and random ones poor).

Read more of this story at Slashdot.

Facebook Sued For Alleged Theft of Data Center Design

Thu, 03/26/2015 - 08:39
itwbennett writes British engineering company BladeRoom Group says it contacted Facebook in 2011 about using its technique, which involves constructing data centers in a modular fashion from pre-fabricated parts. What happened next isn't clear, since much of the public version of BRG's lawsuit is redacted. But it claims Facebook ended up stealing its ideas and using them to build part of a data center in Lulea, Sweden, that opened last year. 'Facebook's misdeeds might never have come to light had it decided that simply stealing BRG's intellectual property was enough,' the company said in its lawsuit, filed Monday at the federal district court in San Jose, California. "Instead, Facebook went further when it decided to encourage and induce others to use BRG's intellectual property though an initiative created by Facebook called the 'Open Compute Project.'"

Read more of this story at Slashdot.

Dad and Daughter Recreate <em>Jurassic Park</em> With $100,000 In Lego Pieces

Wed, 03/25/2015 - 17:58
mpicpp writes Animator Paul Hollingsworth and his daughter Hailee, along with some help from a few "master builders" — decided to Jurassic Park using only Lego pieces. More than $100,000 in Lego were used, according to the video's description. The result is a surprisingly stunning and hilarious version of the 1993 dino-thriller. The team behind the film also released an in-depth behind-the-scenes look at the production.

Read more of this story at Slashdot.

Comcast's Incompetence, Lack of Broadband May Force Developer To Sell Home

Wed, 03/25/2015 - 17:30
BUL2294 writes Consumerist has an article about a homeowner in Kitsap County, Washington who is unable to get broadband service. Due to inaccurate broadband availability websites, Comcast's corporate incompetence, CenturyLink's refusal to add new customers in his area, and Washington state's restrictions on municipal broadband, the owner may be left with no option but to sell his house 2 months after he bought it, since he works from home as a software developer. To add insult to injury, BroadbandMaps.gov says he has 10 broadband options in his zip code, some of which are not applicable to his address, have exorbitant costs (e.g. wireless), or are for municipal providers that are prevented from doing business with him by state law. Yet, Comcast insists in filings that "the broadband marketplace is more competitive than ever." As someone who had Comcast call to cancel on the day of my closing (two days before my scheduled install) because they didn't offer service to my house after all, I can sympathize.

Read more of this story at Slashdot.

Facebook Makes Messenger a Platform

Wed, 03/25/2015 - 16:46
Steven Levy writes At Facebook's F8 developer conference, the ascension of the Messenger app was the major announcement. Messenger is no longer just a part of Facebook, but a standalone platform to conduct a wide variety of instant communications, not only with friends, but with businesses you may deal with as well. It will compete with other messaging services such as Snapchat, Line and even Facebook's own WhatsApp by offering a dizzying array of features, many of them fueled by the imagination and self-interest of thousands of outside software developers.

Read more of this story at Slashdot.

NASA's ARM Will Take a Boulder From an Asteroid and Put It In Lunar Orbit

Wed, 03/25/2015 - 16:03
coondoggie writes NASA officials today said they have picked the specific asteroid mission and offered new details for that mission which could launch in the 2020 timeframe. Specifically, NASA's associate administrator Robert Lightfoot said the Asteroid Redirect Mission (ARM) will rendezvous with the target asteroid, land a robotic spacecraft on the surface, grab a 4 meter or so sized boulder and begin a six-year journey to redirect the boulder into orbit around the moon for exploration by astronauts.

Read more of this story at Slashdot.

Amazon Robot Contest May Accelerate Warehouse Automation

Wed, 03/25/2015 - 15:19
moon_unit2 writes Amazon is organizing an event to spur the development of more nimble-fingered product-packing robots. Participating teams will earn points by locating products sitting somewhere on a stack of shelves, retrieving them safely, and then packing them into cardboard shipping boxes. Robots that accidentally crush a cookie or drop a toy will have points deducted. The contest is already driving new research on robot vision and manipulation, and it may offer a way to judge progress made in the past few years in machine intelligence and dexterity. Robots capable of advanced manipulation could eventually take on many simple jobs that are still done by hand.

Read more of this story at Slashdot.