Forgot your password?
typodupeerror

Catch up on stories from the past week (and beyond) at the Slashdot story archive

Security

AirMagnet Wi-Fi Security Tool Takes Aim At Drones 15

Posted by timothy
from the command-and-control-is-next dept.
alphadogg (971356) writes "In its quest to help enterprises seek out and neutralize all threats to their Wi-Fi networks, AirMagnet is now looking to the skies. In a free software update to its AirMagnet Enterprise product last week, the Wi-Fi security division of Fluke Networks added code specifically crafted to detect the Parrot AR Drone, a popular unmanned aerial vehicle that costs a few hundred dollars and can be controlled using a smartphone or tablet. Drones themselves don't pose any special threat to Wi-Fi networks, and AirMagnet isn't issuing air pistols to its customers to shoot them down. The reason the craft are dangerous is that they can be modified to act as rogue access points and sent into range of a victim's wireless network, potentially breaking into a network to steal data."
Science

Method Rapidly Reconstructs Animal's Development Cell By Cell 39

Posted by samzenpus
from the best-baby-pictures dept.
An anonymous reader writes Researchers at the Howard Hughes Medical Institute's Janelia Research Campus have developed software that can track each and every cell in a developing embryo. The software will allow a researcher to pick out a single cell at any point in development and trace its life backward and forward during the embryo's growth. Philipp Keller, a group leader at Janelia says: "We want to reconstruct the elemental building plan of animals, tracking each cell from very early development until late stages, so that we know everything that has happened in terms of cell movement and cell division. In particular, we want to understand how the nervous system forms. Ultimately, we would like to collect the developmental history of every cell in the nervous system and link that information to the cell's final function. For this purpose, we need to be able to follow individual cells on a fairly large scale and over a long period of time."
Cellphones

Why My LG Optimus Cellphone Is Worse Than It's Supposed To Be 274

Posted by samzenpus
from the no-sir-I-don't-like-it dept.
Bennett Haselton writes My LG Optimus F3Q was the lowest-end phone in the T-Mobile store, but a cheap phone is supposed to suck in specific ways that make you want to upgrade to a better model. This one is plagued with software bugs that have nothing to do with the cheap hardware, and thus lower one's confidence in the whole product line. Similar to the suckiness of the Stratosphere and Stratosphere 2 that I was subjected to before this one, the phone's shortcomings actually raise more interesting questions — about why the free-market system rewards companies for pulling off miracles at the hardware level, but not for fixing software bugs that should be easy to catch. Read below to see what Bennett has to say.
Patents

Appeals Court Affirms Old Polaroid Patent Invalid 44

Posted by Unknown Lamer
from the bite-the-dust dept.
mpicpp (3454017) writes with news of a notoriously abused (basically "method of displaying images on a machine") software patent being declared invalid. From the article: The ruling from last week is one of the first to apply new Supreme Court guidance about when ideas are too "abstract" to be patented. ... The patents in this case describe a type of "device profile" that allows digital images to be accurately displayed on different devices. US Patent No. 6,128,415 was originally filed by Polaroid in 1996. After a series of transfers, in 2012 the patent was sold to Digitech Image Technologies, a branch of Acacia Research Corporation, the largest publicly traded patent assertion company. ... In the opinion, a three-judge panel found that the device profile described in the patent is a "collection of intangible color and spatial information," not a machine or manufactured object. "Data in its ethereal, non-physical form is simply information that does not fall under any of the categories of eligible subject matter under section 101," wrote Circuit Judge Jimmie Reyna on behalf of the panel.
Communications

FTC To Trap Robocallers With Open Source Software 123

Posted by Soulskill
from the about-bloody-time dept.
coondoggie writes: The Federal Trade Commission today announced the rules for its second robocall exterminating challenge, known this time as Zapping Rachel Robocall Contest. 'Rachel From Cardholder Services,' was a large robocall scam the agency took out in 2012. The agency will be hosting a contest at next month's DEF CON security conference to build open-source methods to lure robocallers into honeypots and to predict which calls are robocalls. They'll be awarding cash prizes for the top solutions.
Google

Google To Stop Describing Games With In-App Purchases As 'Free' 136

Posted by Soulskill
from the insert-coin-to-continue dept.
An anonymous reader writes After a series of investigations, lawsuits, and fines over how in-app purchases are advertised and communicated to users, Google has agreed to stop labeling games that use in-app purchases as "Free." This change is the result of a request by the European Commission to stop misleading customers about the costs involved with using certain apps. "Games should not contain direct exhortation to children to buy items in a game or to persuade an adult to buy items for them; Consumers should be adequately informed about the payment arrangements for purchases and should not be debited through default settings without consumers' explicit consent." The EC notes that Apple has not yet done anything to address these concerns.
Businesses

Ask Slashdot: How Many Employees Does Microsoft Really Need? 271

Posted by Soulskill
from the might-be-time-to-reevaluate-the-Clippy-department dept.
An anonymous reader writes: Yesterday, word came down that Microsoft was starting to lay off some 18,000 workers. As of June 5th, Microsoft reported a total employee headcount of 127,005, so they're cutting about 15% of their jobs. That's actually a pretty huge percentage, even taking into account the redundancies created by the Nokia acquisition. Obviously, there's an upper limit to how much of your workforce you can let go at one time, so I'm willing to bet Microsoft's management thinks thousands more people aren't worth keeping around. How many employees does Microsoft realistically need? The company is famous for its huge teams that don't work together well, and excessive middle management. But they also have a huge number of software projects, and some of the projects, like Windows and Office, need big teams to develop. How would we go about estimating the total workforce Microsoft needs? (Other headcounts for reference: Apple: 80,000, Amazon: 124,600, IBM: 431,212, Red Hat: 5,000+, Facebook: 6,800, Google: 52,000, Intel: 104,900.)
Microsoft

Microsoft's Missed Opportunities: Memo From 1997 161

Posted by Unknown Lamer
from the hyper-cube-os dept.
New submitter gthuang88 (3752041) writes In the 1990s, Microsoft was in position to own the software and devices market. Here is Nathan Myhrvold's previously unpublished 1997 memo on expanding Microsoft Research to tackle problems in software testing, operating systems, artificial intelligence, and applications. Those fields would become crucial in the company's competition with Google, Apple, Amazon, and Oracle. But research didn't do enough to make the company broaden its businesses. While Microsoft Research was originally founded to ensure the company's future, the organization only mapped out some possible futures. And now Microsoft is undergoing the biggest restructuring in its history. At least F# and LINQ saw the light of day.
Open Source

Open Hardware and Digital Communications Conference On Free Video, If You Help 15

Posted by samzenpus
from the put-some-money-in-the-box dept.
Bruce Perens writes The TAPR Digital Communications Conference has been covered twice here and is a great meeting on leading-edge wireless technology, mostly done as Open Hardware and Open Source software. Free videos of the September 2014 presentations will be made available if you help via Kickstarter. For an idea of what's in them, see the Dayton Hamvention interviews covering Whitebox, our Open Hardware handheld software-defined radio transceiver, and Michael Ossman's HackRF, a programmable Open Hardware transceiver for wireless security exploration and other wireless research. Last year's TAPR DCC presentations are at the Ham Radio Now channel on Youtube.
Security

LibreSSL PRNG Vulnerability Patched 151

Posted by Soulskill
from the looking-forward-to-the-next-two-day-panic dept.
msm1267 writes: The OpenBSD project late last night rushed out a patch for a vulnerability in the LibreSSL pseudo random number generator (PRNG). The flaw was disclosed two days ago by the founder of secure backup company Opsmate, Andrew Ayer, who said the vulnerability was a "catastrophic failure of the PRNG." OpenBSD founder Theo de Raadt and developer Bob Beck, however, countered saying that the issue is "overblown" because Ayer's test program is unrealistic. Ayer's test program, when linked to LibreSSL and made two different calls to the PRNG, returned the exact same data both times.

"It is actually only a problem with the author's contrived test program," Beck said. "While it's a real issue, it's actually a fairly minor one, because real applications don't work the way the author describes, both because the PID (process identification number) issue would be very difficult to have become a real issue in real software, and nobody writes real software with OpenSSL the way the author has set this test up in the article."
Hardware Hacking

SRI/Cambridge Opens CHERI Secure Processor Design 59

Posted by Unknown Lamer
from the dreaming-of-hurd/coyotos dept.
An anonymous reader writes with some exciting news from the world of processor design: Robert Watson at Cambridge (author of Capsicum) has written a blog post on SRI/Cambridge's recent open sourcing of the hardware and software for the DARPA-sponsored CHERI processor — including laser cutting directions for an FPGA-based tablet! Described in their paper The CHERI Capability Model: Reducing Risk in an age of RISC, CHERI is a 64-bit RISC processor able to boot and run FreeBSD and open-source applications, but has a Clang/LLVM-managed fine-grained, capability-based memory protection model within each UNIX process. Drawing on ideas from Capsicum, they also support fine-grained in-process sandboxing using capabilities. The conference talk was presented on a CHERI tablet running CheriBSD, with a video of the talk by student Jonathan Woodruff (slides).

Although based on the 64-bit MIPS ISA, the authors suggest that it would also be usable with other RISC ISAs such as RISC-V and ARMv8. The paper compares the approach with several other research approaches and Intel's forthcoming Memory Protection eXtensions (MPX) with favorable performance and stronger protection properties.
The processor "source code" (written in Bluespec Verilog) is available under a variant of the Apache license (modified for application to hardware). Update: 07/16 20:53 GMT by U L : If you have any questions about the project, regular Slashdot contributor TheRaven64 is one of the authors of the paper, and is answering questions.
Software

Australian Electoral Commission Refuses To Release Vote Counting Source Code 112

Posted by Soulskill
from the you-can-trust-us dept.
angry tapir writes: The Australian Electoral Commission has been fighting a freedom of information request to reveal the source code of the software it uses to calculate votes in elections for Australia's upper house of parliament. Not only has the AEC refused an FOI request (PDF) for the source code, but it has also refused an order from the Senate directing that the source code be produced. Apparently releasing the code could "leave the voting system open to hacking or manipulation."
IBM

Apple and IBM Announce Partnership To Bring iOS + Cloud Services To Enterprises 126

Posted by Soulskill
from the international-onebutton-machines dept.
jmcbain writes: According to an article on Recode, Apple and IBM have announced a major partnership to bring mobile services to enterprise customers. "The deal calls for IBM and Apple to develop more than 100 industry-specific applications that will run on the iPhone and iPad. Apple will add a new class of service to its AppleCare program and support aimed at enterprise customers. IBM will also begin to sell iPhones and iPads to its corporate customers and will devote more than 100,000 people, including consultants and software developers, to the effort. Enterprise applications will in many cases run on IBM's cloud infrastructure or on private clouds that it has built for its customers. Data for those applications will co-exist with personal data like photos and personal email that will run on Apple's iCloud and other cloud services."
Software

Is the Software Renaissance Ending? 170

Posted by Soulskill
from the da-vinci-code dept.
An anonymous reader writes Writer and former software engineer Matt Gemmell adds his voice to the recent rumblings about writing code as a profession. Gemmell worries that the latest "software Renaissance," which was precipitated by the explosion of mobile devices, is drawing to a close. "Small shops are closing. Three-person companies are dropping back to sole proprietorships all over the place. Products are being acquired every week, usually just for their development teams, and then discarded. The implacable, crushing wheels of industry, slow to move because of their size, have at last arrived on the frontier. Our frontier, or at least yours now. I've relinquished my claim." He also pointed out the cumulative and intractable harm being done by software patents, walled-garden app stores, an increasingly crowded market, and race-to-the-bottom pricing. He says that while the available tools make it a fantastic time to develop software, actually being an independent developer may be less sustainable than ever.
HP

HP Claims Their Moonshot System is a 'New Style of IT' (Video) 68

Posted by Roblimo
from the my-server-uses-less-power-than-yours dept.
Didn't we already have something kind of like this called a Blade server? But this is better! An HP Web page devoted to Moonshot says, 'Compared to traditional servers, up to: 89% less energy; 80% less space; 77% less cost; and 97% less complex.' If this is all true, the world of servers is now undergoing a radical change. || A quote from another Moonshot page: "The HP Moonshot 1500 Chassis has 45 hot-pluggable servers installed and fits into 4.3U. The density comes in part from the low-energy, efficient processors. The innovative chassis design supports 45 servers, 2 network switches, and supporting components.' These are software-defined servers. HP claims they are the first ones ever, a claim that may depend on how you define "software-defined." And what software defines them? In this case, at Texas Linux Fest, it seems to be Ubuntu Linux. (Alternate Video Link)
Security

Google's Project Zero Aims To Find Exploits Before Attackers Do 62

Posted by Unknown Lamer
from the evil-hackers-respond-with-negative-one-day-exploits dept.
DavidGilbert99 (2607235) writes "Google has announced Project Zero, a group of security experts who will hunt down security flaws in all software which touches the Internet. Among the group is a 24-year-old called George Hotz who shot to fame in 2007 when he was the first to unlock the iPhone before reverse engineering the PlayStation 3." Quoting the Project Zero announcement: You should be able to use the web without fear that a criminal or state-sponsored actor is exploiting software bugs to infect your computer, steal secrets or monitor your communications. Yet in sophisticated attacks, we see the use of "zero-day" vulnerabilities to target, for example, human rights activists or to conduct industrial espionage. This needs to stop. ... We're not placing any particular bounds on this project and will work to improve the security of any software depended upon by large numbers of people, paying careful attention to the techniques, targets and motivations of attackers. All issues will be reported to the usual public vulnerability databases after vendors are given a short period to fix their systems and software.
Networking

Led By Nest, 'Thread' Might Be Most Promising IoT Initiative Yet 79

Posted by Unknown Lamer
from the n+1-standards dept.
An anonymous reader writes Nest, Big A%@ Fans, Yale door locks, ARM, Freescale, Samsung and Silicon Labs launch the Thread Group, a standards initiative for using 6LoWPAN-based network technology with mesh capabilities optimized for home automation. Because it blends IPv6 with low-power 802.15.4 radios, a layer of security, peer-to-peer communications, and other special sauce for whole-house connectivity, Thread looks extremely promising in an increasingly crowded field. Plus, millions of units of enabled products are already deployed by way of Nest's little-known Weave technology. There's a press release. Thread is based on open technology, but it's not clear that the protocol specifications will be available for non-members. No hardware changes are required for devices with 802.15.4 radios, and the group claims the new protocol fixes enough flaws in existing standards (mostly ZigBee) to be worth the software upgrade. Promises include increased reliability (mesh network with multiple routing points), lower power use (by not requiring sensors to wake up for traffic from other sensors), and easier bridging between the mesh network and Internet (thanks to using IPv6).
Graphics

AMD FirePro W9100 16GB Workstation GPU Put To the Test 42

Posted by Unknown Lamer
from the more-power dept.
Dputiger (561114) writes "It has been almost two years since AMD launched the FirePro W9000 and kicked off a heated battle in the workstation GPU wars with NVIDIA. AMD recently released the powerful FirePro W9100, however, a new card based on the same Hawaii-class GPU as the desktop R9 290X, but aimed at the professional workstation market. The W9100's GPU features 2,816 stream processors, and the card boasts 320GB/s of memory bandwidth, and six mini-DisplayPorts, all of which support DP1.2 and 4K output. The W9100 carries more RAM than any other AMD GPU as well, a whopping 16GB of GDDR5 on a single card. Even NVIDIA's top-end Quadro K6000 tops out at 12GB, which means AMD sits in a class by itself in this area. In terms of performance, this review shows that the FirePro W9100 doesn't always outshine its competition, but its price/performance ratio keep it firmly in the running. But if AMD continues to improve its product mix and overall software support, it should close the gap even more in the pro GPU market in the next 18-24 months."
Education

Interviews: Juan Gilbert Answers Your Questions 18

Posted by samzenpus
from the here-you-go dept.
Last week you had a chance to ask the Associate Chair of Research in the Computer & Information Science & Engineering Department at the University of Florida, Juan Gilbert, about the Human Centered Computing Lab, accessibility issues in technology, and electronic voting. Below you'll find his answers to your questions.
China

Apple Refutes Report On iPhone Threat To China's National Security 134

Posted by samzenpus
from the it-was-other-kids dept.
An anonymous reader writes "Apple has never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers," the company said Sunday in a bilingual statement on its China website. Users have to make the choice to enable the iPhones to calculate their locations, while "Apple does not track users' locations — Apple has never done so and has no plans to ever do so," the company said. The statement was in response to allegations by China's top state broadcaster that iOS7 software and its "Frequent Location" service posed a security risk. The data can be accessed easily, although labelled as "encrypted," and may lead to the disclosure of "state secrets," CCTV said.

Save energy: Drive a smaller shell.

Working...