Forgot your password?
typodupeerror

Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

Security

Researchers Find Security Flaws In Backscatter X-ray Scanners 57

Posted by Soulskill
from the raise-your-hand-if-you're-surprised dept.
An anonymous reader writes: Researchers from UC San Diego, University of Michigan, and Johns Hopkins say they've found security vulnerabilities in full-body backscatter X-ray machines deployed to U.S. airports between 2009 and 2013. In lab tests, the researchers were able to conceal firearms and plastic explosive simulants from the Rapiscan Secure 1000 scanner, plus modify the scanner software so it presents an "all-clear" image to the operator even when contraband was detected. "Frankly, we were shocked by what we found," said lead researcher J. Alex Halderman. "A clever attacker can smuggle contraband past the machines using surprisingly low-tech techniques."
Open Source

Qt Upgrades From LGPLv2.1 to LGPLv3 74

Posted by Unknown Lamer
from the who-doesn't-like-freedom-zero dept.
Digia has announced that existing Qt modules will now be covered under the LGPLv3 in addition to the LGPLv2.1, GPLv3, and the enterprise (proprietary) license. New modules will be dropping LGPLv2.1 and GPLv3+ and be released under the LGPLv3 and GPLv2+ instead. This should be a good move: new Qt modules will be Apache license compatible, LGPLv3 code can trivially be converted to GPLv3, and Digia is even releasing a few modules it intended to make proprietary as Free Software. The KDE Free Qt Foundation is on board. The move was made because of device vendors exploiting a loophole in the GPLv2/LGPLv2.1 that denied users the right to modify Qt or write their own applications. Digia has some self-interest as well, since those vendors were exploiting the tivoization loophole to avoid buying enterprise licenses. From the announcement: We also consider locked-down consumer devices using the LGPL’ed version of Qt to be harmful for the Qt ecosystem. ... Because of this, we are now adding LGPL v3 as a licensing option to Qt 5.4 in addition to LGPL v2.1. All modules that are part of Qt 5.3 are currently released under LGPL v2.1, GPL v3 and the commercial license. Starting with Qt 5.4, they will be released under LGPL v2.1, LGPL v3 and the commercial license. ... In Qt 5.4, the new Qt WebEngine module will be released under LGPL v3 in the open source version and under a LGPLv2.1/commercial combination for Qt Enterprise customers. ...

Adding LGPLv3 will also allow us to release a few other add-ons that Digia before intended to make available solely under the enterprise license. ... The first module, called Qt Canvas3D, will give us full WebGL support inside Qt Quick. ... The second module is a lightweight WebView module ... There is a final add-on that will get released under LGPL v3. This module will give native look and feel to the Qt Quick Controls on Android. This module can’t be released under LGPL v2.1, as it has to use code that is licensed under Apache 2.0, a license that is incompatible with LGPL v2.1, but compatible with LGPL v3.
Open Source

Kolab.org Groupware 3.3 Release Adds Tags, Notes, and Dozens of Other Features 20

Posted by Unknown Lamer
from the who-needs-outlook dept.
jrepin (667425) writes Version 3.3 of Kolab.org, a free and open source groupware solution, has been released. It is now possible to add tags to email messages, work with notes right in the webclient, and manage your resources more easily. Kolab.org 3.3 introduces a new folder navigation view that allows you to search and subscribe to shared calendars, address books, task lists etc. directly from within the respective view. The calendar got a quickview mode which allows you to open an undistorted view on a single calendar. The user interface can now be fully operated with the keyboard and has support for screen readers as well as voice output as suggested by the WCAG 2.0 Guidelines and WAI ARIA standards.
Operating Systems

Operating Systems Still Matter In a Containerized World 120

Posted by Soulskill
from the try-to-contain-yourself dept.
New submitter Jason Baker writes: With the rise of Docker containers as an alternative for deploying complex server-based applications, one might wonder, does the operating system even matter anymore? Certainly the question gets asked periodically. Gordon Haff makes the argument on Opensource.com that the operating system is still very much alive and kicking, and that a hardened, tuned, reliable operating system is just as important to the success of applications as it was in the pre-container data center.
Open Source

At Home with Tim O'Reilly (Videos 1 and 2 of 6) 9

Posted by Roblimo
from the not-just-a-man-but-a-vital-force-behind-open-source dept.
Wikipedia says Tim O'Reilly "is the founder of O'Reilly Media (formerly O'Reilly & Associates) and a supporter of the free software and open source movements." And so he is. O'Reilly Media is also the company from which Make magazine and the assorted Maker Faires sprang, before spinning off into an ongoing presence of their own. (This year's Solid conference, as well as the confluence of hardware and software at OSCON demonstrate O'Reilly's ongoing interest in the world of makers, though.) O'Reilly has been a powerful force in technical book publishing, popularized the term Web 2.0, and has been at least a godfather to the open source movement. He's also an interesting person in general, even more so when he's hanging out at home than when he's on stage at a conference or doing a formal interview. That's why we were glad Timothy Lord was able to get hold of Tim O'Reilly via Hangout while he was in a relaxed mood in a no-pressure environment, happy to give detailed responses based on your questions, from small (everyday technology) to big (the Internet as "global brain").

We've run a few two-part videos, but this is the first time we've split one video into six parts -- with two running today, two tomorrow, and two Thursday. But then, how many people do we interview who have had as much of an effect on the nature of information transmission -- as opposed to just publishing -- as Tim O'Reilly? We don't know for sure, but there's a good chance that O'Reilly books are owned by more Slashdot readers than books from any other publisher. That alone makes Tim O'Reilly worth listening to for nearly an hour, total. (Alternate Video Links: Video 1 ~ Video 2; transcript below covers both videos.)
Robotics

FarmBot: an Open Source Automated Farming Machine 128

Posted by Soulskill
from the rise-of-the-technofarmer dept.
New submitter ErnieKey writes: Farming has been stuck in a bit of a rut, when compared to other industries. Businesses across the globe have been innovating for decades, while farming has been using techniques that have been handed down from centuries ago. The FarmBot Foundation is creating a machine, similar to that of a CNC mill and/or 3D printer, which is capable of being run by sophisticated software and equipped with any tools you can imagine, including seed injectors, plows, burners, robotic arms (for harvesting), cutters, shredders, tillers, discers, watering nozzles, sensors and more. The goal? To increase food production by automating as much of it as possible.
Programming

C++14 Is Set In Stone 186

Posted by timothy
from the but-it's-a-soft-stone dept.
jones_supa (887896) writes "Apart from minor editorial tweaks, the ISO C++14 standard can be considered completed. Implementations are already shipping by major suppliers. C++14 is mostly an incremental update over C++11 with some new features like function return type deduction, variable templates, binary literals, generic lambdas, and so on. The official C++14 specification release will arrive later in the year, but for now Wikipedia serves as a good overview of the feature set."
Blackberry

Blackberry Moves Non-Handset Divisions Into New Business Unit 89

Posted by Unknown Lamer
from the at-least-qnx-gets-to-live dept.
First time accepted submitter BarbaraHudson (3785311) writes The CBC is reporting that Blackberry has made preparations to abandon the phone market by spinning pieces of the business off into Blackberry Technology Solutions. From the article: "The unit ... includes QNX, the company that BlackBerry acquired and used to develop the operating system that became the platform for its new smartphones, and Certicom, a former independent Toronto-area company with advanced security software. BTS will also include BlackBerry's Project Ion, which is an application platform focused on machine-to-machine Internet technology, Paratek antenna tuning technology and about 44,000 patents." When you have less market share than Windows Phone, it's time to throw in the towel ... or as they say in the new "lets not admit we screwed up" vernacular, "pivot to take advantage of new opportunities."
Government

Munich Reverses Course, May Ditch Linux For Microsoft 559

Posted by Unknown Lamer
from the campaign-funding-brought-to-you-by-windows dept.
alphadogg (971356) writes with news that the transition from Windows to GNU/Linux in Munich may be in danger The German city of Munich, long one of the open-source community's poster children for the institutional adoption of Linux, is close to performing a major about-face and returning to Microsoft products. Munich's deputy mayor, Josef Schmid, told the Süddeutsche Zeitung that user complaints had prompted a reconsideration (Google translation to English) of the city's end-user software, which has been progressively converted from Microsoft to a custom Linux distribution — "LiMux" — in a process that dates back to 2003.
Programming

Software Combines Thousands of Online Images Into One That Represents Them All 66

Posted by samzenpus
from the best-representation dept.
Zothecula writes If you're trying to find out what the common features of tabby cats are, a Google image search will likely yield more results than you'd ever have the time or inclination to look over. New software created at the University of California, Berkeley, however, is designed to make such quests considerably easier. Known as AverageExplorer, it searches out thousands of images of a given subject, then amalgamates them into one composite "average" image.
Businesses

Microsoft's Windows 8 App Store Is Full of Scamware 178

Posted by samzenpus
from the needs-a-cleaning dept.
Deathspawner writes Windows 8 brought a lot to the table, with one of its most major features being its app store. However, it's not a feature that Microsoft seems too intent on keeping clean. As it is today, the store is completely littered with misleading apps and outright scamware. The unfortunate thing is that to find any of it, all you have to do is simply open the store and peruse the main sections. Not so surprisingly, no Microsoft software seems to be affected by this, but many open-source apps can be found at the store from unofficial sources that have a cost, or will lead the user to download a third-party installer. It's only a matter of time before malware sneaks its way in, if it's not there already.
Businesses

Daimler's Solution For Annoying Out-of-office Email: Delete It 229

Posted by samzenpus
from the keep-your-away-messages-to-yourself dept.
AmiMoJo writes Sure, you can set an out-of-office auto-reply to let others know they shouldn't email you, but that doesn't usually stop the messages; you may still have to handle those urgent-but-not-really requests while you're on vacation. That's not a problem if you work at Daimler, though. The German automaker recently installed software that not only auto-replies to email sent while staff is away, but deletes it outright.
Space

ISS Earth at Night Photos Crowdsourced For Science 13

Posted by samzenpus
from the worth-a-thousand-words dept.
teleyinex writes The Complutense University of Madrid (UCM) is leading a project called Cities at Night to catalog the images taken by astronauts from the ISS. The project uses the platform Crowdcrafting powered by the open source software PyBossa to catalog images in cities, stars or other objects, as well as geo-reference them."
Businesses

Companies That Don't Understand Engineers Don't Respect Engineers 369

Posted by Soulskill
from the if-you-aren't-part-of-the-solution,-you're-part-of-the-preciptate dept.
An anonymous reader writes Following up on a recent experiment into the status of software engineers versus managers, Jon Evans writes that the easiest way to find out which companies don't respect their engineers is to learn which companies simply don't understand them. "Engineers are treated as less-than-equal because we are often viewed as idiot savants. We may speak the magic language of machines, the thinking goes, but we aren't business people, so we aren't qualified to make the most important decisions. ... Whereas in fact any engineer worth her salt will tell you that she makes business decisions daily–albeit on the micro not macro level–because she has to in order to get the job done. Exactly how long should this database field be? And of what datatype? How and where should it be validated? How do we handle all of the edge cases? These are in fact business decisions, and we make them, because we're at the proverbial coal face, and it would take forever to run every single one of them by the product people and sometimes they wouldn't even understand the technical factors involved. ... It might have made some sense to treat them as separate-but-slightly-inferior when technology was not at the heart of almost every business, but not any more."
Security

Ask Slashdot: How Dead Is Antivirus, Exactly? 318

Posted by Soulskill
from the deader-than-an-arbitrarily-dead-thing dept.
Safensoft writes: Symantec recently made a loud statement that antivirus is dead and that they don't really consider it to be a source of profit. Some companies said the same afterwards; some other suggested that Symantec just wants a bit of free media attention. The press is full of data on antivirus efficiency being quite low. A notable example would be the Zeus banking Trojan, and how only 40% of its versions can be stopped by antivirus software. The arms race between malware authors and security companies is unlikely to stop.

On the other hand, experts' opinions of antivirus software have been low for a while, so it's hardly surprising. It's not a panacea. The only question that remains is: how exactly should antivirus operate in modern security solutions? Should it be one of the key parts of a protection solution, or it should be reduced to only stopping the easiest and most well-known threats?

Threats aren't the only issue — there are also performance concerns. Processors get better, and interaction with hard drives becomes faster, but at the same time antivirus solutions require more and more of that power. Real-time file scanning, constant updates and regular checks on the whole system only mean one thing – as long as antivirus is thorough, productivity while using a computer goes down severely. This situation is not going to change, ever, so we have to deal with it. But how, exactly? Is a massive migration of everything, from workstations to automatic control systems in industry, even possible? Is using whitelisting protection on Windows-based machines is the answer? Or we should all just sit and hope for Microsoft to give us a new Windows with good integrated protection? Are there any other ways to deal with it?
Censorship

Knocking Down the Great Firewall of China 161

Posted by Soulskill
from the crumbling-from-a-million-tiny-cracks dept.
New submitter Nocturrne writes: The FOSS project Lantern is having great success in unblocking the internet for many users in oppressive regimes, like China and Iran. Much like Tor and BitTorrent, Lantern is using peer-to-peer networking to overcome firewalls, but with the additional security of a trusted network of friends. "If you download Lantern in an uncensored region, you can connect with someone in a censored region, who can then access whatever content they want through you. What makes the system so unique is that it operates on the basis of trust. ... Through a process called consistent routing, the amount of information any single Lantern user can learn about other users is limited to a small subset, making infiltration significantly more difficult." The network of peers is growing, but we need more friends in uncensored countries to join us.
Open Source

Project Aims To Build a Fully Open SoC and Dev Board 47

Posted by timothy
from the reducing-the-riscs dept.
DeviceGuru (1136715) writes "A non-profit company is developing an open source 64-bit system-on-chip that will enable fully open hardware, 'from the CPU core to the development board.' The 'lowRISC' SoC is the brainchild of a team of hardware and software hackers from the University of Cambridge, with the stated goal of implementing a 'fully open computing eco-system, including the instruction set architecture (ISA), processor silicon, and development boards.' The lowRISC's design is based on a new 64-bit RISC-V ISA, developed at UC Berkeley. The RISC-V core design has now advanced enough for the lowRISC project to begin designing an SoC around it. Prototype silicon of a 'RISC-V Rocket' core itself has already been benchmarked at UC Berkeley, with results results (on GitHub) suggesting that in comparison to a 32-bit ARM Cortex-A5 core, the RISC-V core is faster, smaller, and uses less power. And on top of that it's open source. Oh, and there's a nifty JavaScript-based RISC-V simulator that runs in your browser."
Programming

Ask Slashdot: What Recliner For a Software Developer? 153

Posted by Soulskill
from the twelve-foot-diameter-bean-bag dept.
Taxilian writes We've talked about office chairs before, but I'm one of those coders who tends to relax by doing more coding. Particularly when I'm short on time for a project, I like to move my work to where I am still around my wife and children so that I can still interact with them and be with my family, but still hit my deadlines. I have used various recliners and found that programming in them (at least in evenings) can be quite comfortable, but haven't felt like I really found the 'ideal chair' for relaxing and working on my Macbook.

I have found references to failed chairs (like La-Z-Boy Explorer, the so-called "E-cliner") that were intended for tech and failed, but are there any existing and useful options? I'd really like something that provides some sort of lap desk (to keep the heat from the laptop away from me) and reasonable power arrangements while still being comfortable and not looking ridiculous in a normal family room.
United States

US Defense Contractors Still Waiting For Breach Notification Rules 19

Posted by samzenpus
from the a-little-while-longer dept.
An anonymous reader writes US Department of Defense contractors will have to wait until September 24 to see what specific rules they will be required to follow when it comes to the reporting of computer breaches to the DoD. This particular requirement has been mandated by the US Congress last year, in an attempt to get clear view of the type and frequency of attacks contractors face. The US Congress will require "cleared defense contractors" — i.e. those who have been granted clearance by the DoD to access, receive, or store classified information — to effect a rapid report in the wake of a successful breach, and to include in it a description of the technique or method used in the penetration, a sample of the malicious software used (if discovered), and a summary of information created for the Department in connection with any Department program that has been potentially compromised due to such penetration.

The universe is like a safe to which there is a combination -- but the combination is locked up in the safe. -- Peter DeVries

Working...