Forgot your password?
typodupeerror

Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

Spam

Profanity-Laced Academic Paper Exposes Scam Journal 116

Posted by Soulskill
from the start-building-your-resume dept.
Frosty P writes: A scientific paper titled "Get Me Off Your F****** Mailing List" was actually accepted by the International Journal of Advanced Computer Technology. As reported at Vox and other web sites, the journal, despite its distinguished name, is a predatory open-access journal. These sorts of low-quality journals spam thousands of scientists, offering to publish their work for a fee. In 2005, computer scientists David Mazières and Eddie Kohler created this highly profane ten-page paper as a joke, to send in replying to unwanted conference invitations. It literally just contains that seven-word phrase over and over, along with a nice flow chart and scatter-plot graph. More recently, computer scientist Peter Vamplew sent it to the IJACT in response to spam from the journal, and the paper was automatically accepted with an anonymous reviewer rating it as "excellent," and requested a fee of $150. Over the years, the number of these predatory journals has exploded. Jeffrey Beall, a librarian at the University of Colorado, keeps an up-to-date list of them to help researchers avoid being taken in; it currently has 550 publishers and journals on it."
The Military

Ukraine's IT Brigade Supports the Troops 108

Posted by Soulskill
from the revenge-of-the-nerds dept.
An anonymous reader sends this story from BusinessWeek: Eight months ago, David Arakhamiya was running a small IT company in the southern Ukrainian city of Mykolayiv. Today, as an adviser to Ukraine’s defense minister, he oversees a massive crowdfunding effort that since March has raised about $300 million from ordinary citizens. The money is being used to equip Ukraine’s army with everything from uniforms, water, and other basic supplies to high-tech gear such as reconnaissance drones. Yaroslav Markevich, another IT entrepreneur with a small company in Kharkiv, once a Soviet hub for aviation technology, presented a plan to the commander of one Ukrainian battalion to create a drone unit after hearing stories about the efficiency of Russian drones. The commander said yes, and by the time his battalion was deployed early this summer, it was the only one in the army equipped with a fleet of short- and long-range drones. ... IT experts across Ukraine have been an important part of the volunteer effort to supply the army with equipment.
AT&T

Some Early Nexus 6 Units Returned Over Startup Bug 35

Posted by timothy
from the radiation-from-the-offworld-colonies dept.
The Register reports that Motorola has issued a recall for an early batch of its hotly anticipated new Nexus 6 smartphones that were sold through U.S. mobile carrier AT&T, owing to a software glitch that can reportedly causes the devices to boot to a black screen. ... AT&T retail stores have reportedly been told to return their existing inventory of the Nexus 6 and wait for new units to arrive from Motorola, which has already corrected the problem on its assembly line. Any customer who brings a defective unit into an AT&T store will receive a replacement. Motorola's memo to stores says that only initial shipments were affected, and that the problem has been identified. However, as the article mentions, there's thus far less luck for those like me who've found that at least some original Nexus 7 tablets do not play nicely with Lollipop. (The effects look nice, but it's never a good sign to see "System UI isn't responding. Do you want to close it?" on a tablet's screen.)
Open Source

Critical XSS Flaws Patched In WordPress and Popular Plug-In 38

Posted by timothy
from the switch-to-slashcode dept.
itwbennett writes The WordPress development team on Thursday released critical security updates that address an XSS vulnerability in the comment boxes of WordPress posts and pages. An attacker could exploit this flaw to create comments with malicious JavaScript code embedded in them that would get executed by the browsers of users seeing those comments. 'In the most obvious scenario the attacker leaves a comment containing the JavaScript and some links in order to put the comment in the moderation queue,' said Jouko Pynnonen, the security researcher who found the flaw.
Encryption

Another Hint For Kryptos 48

Posted by timothy
from the it's-about-where-to-get-local-donuts dept.
rastos1 writes Four years ago Jim Sanborn, the sculptor who created the wavy metal pane called Kryptos that sits in front of the CIA in Langley revealed a clue for breaking the last remaining part of the encrypted message on Kryptos. The clue was: BERLIN. But the puzzle resisted all all decryption efforts and is still unsolved. To honor the 25th anniversary of the Wall's demise and the artist's 69th birthday this year, Sanborn has decided to reveal a new clue to help solve his iconic and enigmatic artwork. It's only the second hint he's released since the sculpture was unveiled in 1990 and may finally help unlock the fourth and final section of the encrypted sculpture, which frustrated sleuths have been struggling to crack for more than two decades. The next word in the sequence is: "clock."
United States

Greenwald Advises Market-Based Solution To Mass Surveillance 143

Posted by samzenpus
from the you-get-what-you-demand dept.
Nicola Hahn writes In his latest Intercept piece Glenn Greenwald considers the recent defeat of the Senate's USA Freedom Act. He remarks that governments "don't walk around trying to figure out how to limit their own power." Instead of appealing to an allegedly irrelevant Congress Greenwald advocates utilizing the power of consumer demand to address the failings of cyber security. Specifically he argues that companies care about their bottom line and that the trend of customers refusing to tolerate insecure products will force companies to protect user privacy, implement encryption, etc. All told Greenwald's argument is very telling: that society can rely on corporate interests for protection. Is it true that representative government is a lost cause and that lawmakers would never knowingly yield authority? There are people who think that advising citizens to devolve into consumers is a dubious proposition.
Bitcoin

Tracking a Bitcoin Thief, Part II: Illustrating the Issue of Trust In Altcoins 46

Posted by timothy
from the sometimes-the-good-guys-win dept.
An anonymous reader writes The team over at the BITCOMSEC (Bitcoin Community Security) project released a second part to their 'Tracking a Bitcoin Thief' series in which they disclose what happened to a once-rising alternate crypto currency project that promised to place guaranteed value of its MidasCoins by backing it with actual Gold. Dealing with the reality of user compromise, the projects founder ups and runs away with all of the communities coins; cashing them out at an exchange for Bitcoins. A sobering tale of trust issues within the alternate crypto currency community. (The first part is interesting, too.)
Supercomputing

Does Being First Still Matter In America? 233

Posted by timothy
from the by-jingo dept.
dcblogs writes At the supercomputing conference, SC14, this week, a U.S. Dept. of Energy offical said the government has set a goal of 2023 as its delivery date for an exascale system. It may be taking a risky path with that amount of lead time because of increasing international competition. There was a time when the U.S. didn't settle for second place. President John F. Kennedy delivered his famous "we choose to go to the moon" speech in 1962, and seven years later a man walked on the moon. The U.S. exascale goal is nine years away. China, Europe and Japan all have major exascale efforts, and the government has already dropped on supercomputing. The European forecast of Hurricane Sandy in 2012 was so far ahead of U.S. models in predicting the storm's path that the National Oceanic and Atmospheric Administration was called before Congress to explain how it happened. It was told by a U.S. official that NOAA wasn't keeping up in computational capability. It's still not keeping up. Cliff Mass, a professor of meteorology at the University of Washington, wrote on his blog last month that the U.S. is "rapidly falling behind leading weather prediction centers around the world" because it has yet to catch up in computational capability to Europe. That criticism followed the $128 million recent purchase a Cray supercomputer by the U.K.'s Met Office, its meteorological agency.
Communications

WhatsApp To Offer End-to-End Encryption 93

Posted by timothy
from the trend-worth-extending dept.
L-One-L-One (173461) writes In a surprise move, nine months after being bought by Facebook, WhatsApp has begun rolling out end-to-end encryption for its users. With true end-to-end encryption data becomes unaccessible to admins of WhatsApp or law enforcement authorities. This new feature first proposed on Android only has been developed in cooperation with Open Whisper Systems, based on TextSecure. With hundreds of million users, WhatsApp becomes by far the largest secure messaging application. FBI Director James Comey might not be pleased. Do you have a current favorite for encrypted online chat?
Botnet

Android Botnet Evolves, Could Pose Threat To Corporate Networks 54

Posted by samzenpus
from the protect-ya-neck dept.
angry tapir writes An Android Trojan program that's behind one of the longest running multipurpose mobile botnets has been updated to become stealthier and more resilient. The botnet is mainly used for instant message spam and rogue ticket purchases, but it could be used to launch targeted attacks against corporate networks because the malware allows attackers to use the infected devices as proxies, according to security researchers.
Businesses

Is a Moral Compass a Hindrance Or a Help For Startups? 194

Posted by samzenpus
from the playing-dirty dept.
Nerval's Lobster writes As an emerging company in a hotly contested space, Uber already had a reputation for playing hardball with competitors, even before reports leaked of one of its executives threatening to dig into the private lives of journalists. Faced with a vicious competitive landscape, Uber executives probably feel they have little choice but to plunge into multi-front battle. As the saying goes, when you're a hammer, everything looks like a nail; and when you're a startup that thinks it's besieged from all sides by entities that seem determined to shut you down, sometimes your executives feel the need to take any measure in order to keep things going, even if those measures are ethically questionable. As more than one analyst has pointed out, Uber isn't the first company in America to triumph through a combination of grit and ethically questionable tactics; but it's also not the first to implode thanks to the latter. Is a moral compass (or at least the appearance of one) a hindrance or a help for startups?
The Internet

Head of FCC Proposes Increasing Internet School Fund 104

Posted by Soulskill
from the dollars-for-bits dept.
Rambo Tribble writes: The commissioners at the FCC are expected to vote, on December 11, on a proposal by Chairman Tom Wheeler to increase the funding for the nation's largest educational technology subsidy program, E-Rate, by 62 percent. The proposal is intended to be paid for by higher fees on phone service. The increased cost is pegged at $1.92 a year, per telephone line. Support for the proposal, or lack thereof, appears to be falling along partisan lines. To quote Wheeler, however, "Almost two-thirds of American schools cannot appropriately connect their students to the 21st century."
Encryption

Launching 2015: a New Certificate Authority To Encrypt the Entire Web 202

Posted by Soulskill
from the respect-their-authority dept.
Peter Eckersley writes: Today EFF, Mozilla, Cisco, and Akamai announced a forthcoming project called Let's Encrypt. Let's Encrypt will be a certificate authority that issues free certificates to any website, using automated protocols (demo video here). Launching in summer 2015, we believe this will be the missing piece that deprecates the woefully insecure HTTP protocol in favor of HTTPS.
Windows

Microsoft Releases Out-of-Band Security Patch For Windows 176

Posted by timothy
from the as-circumstances-warrant dept.
mrspoonsi writes Microsoft has announced that they will be pushing an out-of-band security patch today. The patch, which affects nearly all of the company's major platforms, is rated 'critical' and it is recommended that you install the patch immediately. The patch is rated 'critical' because it allows for elevation of privileges and will require a restart. The platforms that are affected include: Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 8 and 8.1, Windows Server 2012 and Windows Server 2012 R2, Windows RT and Windows RT 8.1. Windows 10 Technical Preview customers are affected, too.
Education

Coding Bootcamps Presented As "College Alternative" 226

Posted by samzenpus
from the pop-goes-the-bubble dept.
ErichTheRed writes Perhaps this is the sign that the Web 2.0 bubble is finally at its peak. CNN produced a piece on DevBootcamp, a 19-week intensive coding academy designed to turn out Web developers at a rapid pace. I remember Microsoft and Cisco certification bootcamps from the peak of the last tech bubble, and the flood of under-qualified "IT professionals" they produced. Now that developer bootcamps are in the mainsteam media, can the end of the bubble be far away?
Businesses

The New-ish Technologies That Will Alter Your Career 66

Posted by samzenpus
from the job-of-the-future dept.
Nerval's Lobster writes Over at Dice, there's a discussion of the technologies that could actually alter how you work (and what you work on) over the next few years, including 3D printing, embedded systems, and evolving Web APIs. Granted, predicting the future with any accuracy is a nigh-impossible feat, and a lot of nascent technologies come with an accompanying amount of hype. But given how these listed technologies have actually been around in one form or another for years, and don't seem to be fading away, it seems likely that they'll prove an increasing factor in how we live and work over the next decade and beyond. For those who have no interest in mastering aspects of the so-called "Internet of Things," or other tech on this list, never fear: if the past two decades have taught us anything, it's that lots of old hardware and software never truly goes away, either (hi, mainframes!).
United States

State Department Joins NOAA, USPS In Club of Hacked Federal Agencies 54

Posted by timothy
from the more-funding-next-year dept.
Hot on the heels of recent cyber attacks on NOAA, the USPS, and the White House, the New York Times reports that the U.S. State Department has also suffered an online security breach, though it's not clear who to blame. “This has impacted some of our unclassified email traffic and our access to public websites from our main unclassified system,” said one senior State Department official, adding that the department expected its systems to be up soon. ....The breach at the White House was believed to be the work of hackers in Russia, while the breaches at NOAA and the Postal Service were believed to the work of hackers inside China. Attributing attacks to a group or nation is difficult because hackers typically tend to route their attack through compromised web servers all over the world. A senior State Department official said the breach was discovered after “activity of concern” was detected on portions of its unclassified computer system. Officials did not say how long hackers may have been lurking in those systems, but security improvements were being added to them on Sunday.
Android

Ars Dissects Android's Problems With Big Screens -- Including In Lollipop 103

Posted by timothy
from the point-fifth-world-problems dept.
When it comes to tablets, Google doesn't even follow its own design guidelines." That's the upshot of Ars Technica writer Andew Cunningham's detailed, illustrated look at how Android handles screens much larger than seven inches, going back to the first large Android tablets a few years ago, but including Android 5.0 (Lollipop) on the Nexus 10 and similar sized devices. Cunningham is unimpressed with the use of space for both practical and aesthetic reasons, and says that problems crop up areas that are purely under Google's control, like control panels and default apps, as well as (more understandably) in third party apps. The Nexus 10 took 10-inch tablets back to the "blown-up phone" version of the UI, where buttons and other UI stuff was all put in the center of the screen. This makes using a 10-inch tablet the same as using a 7-inch tablet or a phone, which is good for consistency, but in retrospect it was a big step backward for widescreen tablets. The old interface put everything at the edges of the screen where your thumbs could easily reach them. The new one often requires the pointer finger of one of your hands or some serious thumb-stretching. ... If anything, Lollipop takes another step backward here. You used to be able to swipe down on the left side of the screen to see your notifications and the right side of the screen to see the Quick Settings, and now those two menus have been unified and placed right in the center of the screen. The Nexus 10 is the most comfortable to use if it's lying flat on a table or stand and Lollipop does nothing to help you out there.
Crime

Ask Slashdot: Dealing With VoIP Fraud/Phishing Scams? 139

Posted by timothy
from the our-menu-options-have-recently-changed dept.
An anonymous reader writes I run the IT department for a medium-sized online retailer, and we own a set of marketing toll-free numbers that route to our VoIP system for sales. Yesterday we began receiving dozens and now hundreds of calls from non-customers claiming that we're calling out from our system and offering them $1 million in prizes and asking for their checking account details (a classic phishing scheme). After verifying that our own system wasn't compromised, we realized that someone was spoofing the Caller ID of our company on a local phone number, and then they were forwarding call-backs to their number to one of our 1-800 numbers. We contacted the registered provider of the scammer's phone number, Level3, but they haven't been able to resolve the issue yet and have left the number active (apparently one of their sub-carriers owns it). At this point, the malicious party is auto-dialing half of the phone book in the DC metro area and it's causing harm to our business reputation. Disabling our inbound 800 number isn't really possible due to the legitimate marketing traffic. Do you have any suggestions?
Open Source

Open Source Self-Healing Software For Virtual Machines 50

Posted by timothy
from the nothing-can-go-go-wrong dept.
An anonymous reader writes Computer scientists have developed Linux based software that not only detects and eradicates never-before-seen viruses and other malware, but also automatically repairs damage caused by them. If a virus or attack stops the service, A3 could repair it in minutes without having to take the servers down. The software then prevents the invader from ever infecting the computer again. "It's pretty cool when you can pick the Bug of the Week and it works." (Here's a paper with more details.)

Chairman of the Bored.

Working...