badger.foo writes "When you're hit with a DDOS, what do you do? In his most recent column, Peter Hansteen narrates a recent incident that involved a DNS based DDOS against his infrastructure and that of some old friends of his. He ends up asking: should we actively publish or 'name and shame' DDOS participants (or at least their IP addresses)? How about scans that may or may not be preparations for DDOSes to come?"
Please create an account to participate in the Slashdot moderation system
hypnosec writes "BLAKE2 has been recently announced as a new alternative to the existing cryptographic hash algorithms MD5 and SHA-2/3. With applicability in cloud storage, software distribution, host-based intrusion detection, digital forensics and revision control tools, BLAKE2 performs a lot faster than the MD5 algorithm on Intel 32- and 64-bit systems. The developers of BLAKE2 insist that even though the algorithm is faster, there are no loose ends when it comes to security. BLAKE2 is an optimized version of the then SHA-3 finalist BLAKE."
jones_supa writes "Steam users worldwide are getting more than they expected this Christmas, courtesy of Valve. Increasingly annoyed reports are piling up on a Steam Community thread about an ominous 'No Connection' error. Depending on your luck, this means you can either start the client in offline mode and play only single-player games with anything related to the Steamworks cloud features disabled, or you cannot start Steam at all and consequently access anything in your library. However, store related functionality seems unaffected, in case this blunder made you feel like purchasing some more games you may or may not be able to play these holidays." Update: 12/25 17:45 GMT by T : The connection problems were fixed; did you hit the loading errors before they were resolved?
An anonymous reader writes "In fifth grade, I amazed my fellow classmates when I demonstrated what 132 words per minute looked like. Recently, an acquaintance of mine saw me typing out a word document for graduate school and was impressed by my typing abilities. He suggested that I seriously contemplate attempting a Guinness World Record with such abilities. At the moment, I can manage an average of about 155-160 words per minute, with bursts around 180-185 words per minute (in the typing world, five characters defines a word, in case you were wondering). That aside, I have a few questions to pose to Slashdot readers (whom I am sure have been typing much longer than I have): What are some tips to fully maximize one's ability to type at the fastest possible rate? Do you have any specific keyboard recommendations that will improve my speed? Has anybody here ever competed in a typing event or thought about going for the world record? Is it worth learning Dvorak for the sole purpose of attempting such a record? How difficult would it be to improve my typing abilities from where they are now to where they need to be to acquire such a record?"
An anonymous reader writes "Google on Friday announced that it is changing its stance for silently installing extensions in its browser. As of Chrome 25, external extension deployment options on Windows will be disabled by default and all extensions previously installed using them will be automatically disabled."
An anonymous reader writes "Last month, Mozilla Engineering Manager Benjamin Smedberg quietly announced that the 64-bit version of Firefox for Windows would never see the light of day. After what he referred to as 'significant negative feedback,' Smedberg has announced he has reviewed that feedback, consulted with his release engineering team, and has decided on a modification to the original plan: Firefox 64-bit for Windows may still never be released, but nightly builds will live another day."
coondoggie writes "What if your wireless communications just absolutely, positively have to be heard above the din of other users or in the face of massive interference? That is the question at the heart of a new $150,000 challenge that will be thrown down in January by the scientists at DARPA as the agency detailed its Spectrum Challenge — a competition that aims to find developers who can create software-defined radio protocols that best use communication channels in the presence of other users and interfering signals."
Hugh Pickens writes "Michael Wilson writes in the NY Times that top intelligence officials in the New York Police Department are looking for ways to target 'apolitical or deranged killers before they become active shooters' using techniques similar to those being used to spot terrorists' chatter online. The techniques would include 'cyber-searches of language that mass-casualty shooters have used in e-mails and Internet postings,' says Police Commissioner Raymond W. Kelly. 'The goal would be to identify the shooter in cyberspace, engage him there and intervene, possibly using an undercover to get close, and take him into custody or otherwise disrupt his plans.' There are also plans to send officers to Newtown and to scenes of other mass shootings to collect information says the department's chief spokesman Paul. J. Browne adding that potential tactics include creating an algorithm that would search online 'for terms used by active shooters in the past that may be an indicator of future intentions.' The NYPD's counter-terrorism division released a report last year, 'Active Shooter (PDF),' after studying 202 mass shooting incidents. 'So, we think this is another logical step,' says Kelly."
The Enlightenment front page bears this small announcement: "E17 release HAS HAPPENED!" The release announcement is remarkably spartan — it's mostly a tribute to the dozens of contributors who have worked on the software itself and on translating it into many languages besides system-default English. On the other hand, if you've been waiting since December 2000 for E17 (also known as Enlightenment 0.17), you probably have some idea that Enlightenment is a window manager (or possibly a desktop environment: the developers try to defuse any dispute on that front, but suffice it to say that you can think of it either way), and that the coders are more interested in putting out the software that they consider sufficiently done than in incrementing release numbers. That means they've made some side trips along the way, Knuth-like, to do things like create an entire set of underlying portable libraries. The release candidate changelog of a few days ago gives an idea of the very latest changes, but this overview shows and tells what to expect in E17. If you're among those disappointed in the way some desktop environments have tended toward simplicity at the expense of flexibility, you can be sure that Enlightenment runs the other way: "We don't go quietly into the night and remove options when no one is looking. None of those new big version releases with fanfare and "Hey look! Now with half the options you used to have!". We sneak in when you least expect it and plant a whole forest of new option seeds, watching them spring to life. We nail new options to walls on a regular basis. We bake options-cakes and hand them out at parties. Options are good. Options are awesome. We have lots of them. Spend some quality time getting to know your new garden of options in E17. It may just finally give you the control you have been pining for."
First time accepted submitter Funksaw writes "Back in 2007, I wrote three articles on Ubuntu 6, Mac OS X 10.4, and Windows Vista, which were all featured on Slashdot. Now, with the release of Windows 8, I took a different tactic and produced an animated video. Those expecting me to bust out the performance tests and in-depth use of the OS are going to be disappointed. While that was my intention coming into the project, I couldn't even use Windows 8 long enough to get to the in-depth technical tests. In my opinion, Windows 8 is so horribly broken that it should be recalled."
An anonymous reader writes "Russian firm ElcomSoft on Thursday announced the release of Elcomsoft Forensic Disk Decryptor (EFDD), a new forensic tool that can reportedly access information stored in disks and volumes encrypted with desktop and portable versions of BitLocker, PGP, and TrueCrypt. EFDD runs on all 32-bit and 64-bit editions of Windows XP, Windows Vista, and Windows 7, as well as Windows 2003 and Windows Server 2008." All that for $300.
An anonymous reader writes "The internet control in China seems to have been tightened recently, according to the Guardian. Several VPN providers claimed that the censorship system can 'learn, discover and block' encrypted VPN protocols. Using machine learning algorithms in protocol classification is not exactly a new topic in the field. And given the fact that even the founding father of the 'Great Firewall,' Fan Bingxing himself, has also written a paper about utilizing machine learning algorithm in encrypted traffic analysis, it would be not surprising at all if they are now starting to identify suspicious encrypted traffic using numerically efficient classifiers. So the arm race between anti-censorship and surveillance technology goes on."
wiredmikey writes "President Obama on Wednesday released a national strategy designed to balance the sharing of information with those who need it to keep the country safe, while protecting the same data from those who would use it to cause harm. 'The National Strategy for Information Sharing and Safeguarding' outlines how the government will attempt to responsibly share and protect data that enhances national security and protects the American people. The national strategy will define how the federal government and its assorted departments and agencies share their data. Agencies can also share services and work towards data and network interoperability to be more efficient, the President said. The President aimed to address concerns over Privacy by noting, 'This strategy makes it clear that the individual privacy, civil rights and civil liberties of United States persons must be — and will be — protected.' The full document is available here in PDF format from the White House website."
jfruh writes "You may remember the tale of the blogger who found that an infographic he'd put on his site was the front end of an SEO spam job. Well, he's since followed the money to figure out just who's behind this maneuver: the for-profit college industry. He discovered that the contact info of someone who expresses interest in online degree programs can be worth up to $250 to an industry with a particularly sleazy reputation."
An anonymous reader writes "Patrick Wyatt, one of the developers behind the original Warcraft and StarCraft games, as well as Diablo and Guild Wars, has a post about some of the bug hunting he's done throughout his career. He covers familiar topics — crunch time leading to stupid mistakes and finding bugs in compilers rather than game code — and shares a story about finding a way to diagnose hardware failure for players of Guild Wars. Quoting: '[Mike O'Brien] wrote a module ("OsStress") which would allocate a block of memory, perform calculations in that memory block, and then compare the results of the calculation to a table of known answers. He encoded this stress-test into the main game loop so that the computer would perform this verification step about 30-50 times per second. On a properly functioning computer this stress test should never fail, but surprisingly we discovered that on about 1% of the computers being used to play Guild Wars it did fail! One percent might not sound like a big deal, but when one million gamers play the game on any given day that means 10,000 would have at least one crash bug. Our programming team could spend weeks researching the bugs for just one day at that rate!'"