Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Researchers Break Video CAPTCHAs 109

Orome1 writes "After creating the 'Decaptcha' software to solve audio CAPTCHAs, Stanford University's researchers modified it and turned it against text and, quite recently, video CAPTCHAs with considerable success. Video CAPTCHAs have been touted by their developer, NuCaptcha, as the best and most secure method of spotting bots trying to pass themselves off as human users. Unfortunately for the company, researchers have managed to prove that over 90 percent of the company's video CAPTCHAs can be decoded by using their Decaptcha software in conjunction with optical flow algorithms created by researchers in the computer vision field of study."

Ask Slashdot: How Do You Deal With Priorities Inflation In IT Projects? 304

NetDanzr writes "I work for an IT company that has a steady stream of projects, new features to our existing products and technical support issues. As it is customary, though, our development resources are not sufficient to cover the amount of projects. As a result, our delivery dates are slipping, and as a result the average priority of projects is rising. Where the goal was to have only 10% of projects rated high, within a year nearly 50% of projects are rated as such. Our solution is to completely wipe out the project list once per year and start a new, properly prioritized list. How does your company deal with this inflation of priorities?"

UK Government To Demand Data On Every Call, Email, and Tweet 199

judgecorp writes "The UK government is proposing a law that would require phone and Internet companies to store information on all communications, and hand it to the security services when required. The Communications Capabilities Development Programme (CCDP) abandoned by the last government is back on the table, proposed as a means to increase security, and likely to be pushed through before the Olympics in London, according to reports."
Open Source

Security Tool HijackThis Goes Open Source 101

wiredmikey writes "The popular free security tool HijackThis has been open sourced by its owner, Trend Micro. The tool scans systems to find settings that may have been modified by spyware, malware or other programs that have wiggled their way onto a system and caused problems. Downloaded over 10 million times, HijackThis generates reports to help users analyze and fix an infected or problem computer. But the tool is not designed for novices – and doesn't actually determine what's good or bad. That's up to you, but it is a good way to keep an eye on things and possibly locate anomalies that may have been missed by other security products. Trend Micro warns that if you don't know what you're doing, it's probably not a good idea to make any changes to your computer settings and system files. Trend Micro acquired the tool from creator Merijn Bellekom in 2007, and has offered it for free ever since, but now is making the code available to the public. The code, originally written in Visual Basic, is now officially available at Sourceforge here."

Google Working On Password Generator For Chrome 175

Trailrunner7 writes "Google is in the process of developing a tool to help users generate strong passwords for the various and sundry Web sites for which they need to register and authenticate. The password-generator is meant to serve as an interim solution for users while Google and other companies continue to work on widespread deployment of the OpenID standard. The tool Google engineers are working on is a fairly simple one. For people who are using the Chrome browser, whenever a site presents them with a field that requires creating a password, Chrome will display a small key icon, letting the users know that they could allow Chrome to generate a password for them."

UK Student Jailed For Facebook Hack Despite 'Ethical Hacking' Defense 356

Diamonddavej writes "The BBC reports that software development student Glenn Mangham, a 26-year-old from the UK, was jailed 17 February 2012 for eight months for computer misuse, after he discovered serious Facebook security vulnerabilities. Hacking from his bedroom, Mangham gained access to three of Facebook's servers and was able to download to an external hard drive the social network's 'invaluable' intellectual property (source code). Mangham's defense lawyer, Mr. Ventham, pointed out that Mangham is an 'ethical hacker' and runs a tax registered security company. The court heard Mangham previously breached Yahoo's security, compiled a vulnerability report and passed on to Yahoo. He was paid '$7000 for this achievement,' and claims he was merely trying to repeat the same routine with Facebook. But in passing sentence, Judge Alistair McCreath said despite the fact he did not intend to pass on the information gathered, his actions were not harmless and had 'real consequences and very serious potential consequences' for Facebook. The case's prosecutor, Mr. Patel, said Facebook spent '$200,000 (£126,400) dealing with Mangham's crime.'"

John Nash's Declassified 1955 Letter To the NSA 93

An anonymous reader writes "In 1955, John Nash sent an amazing letter (PDF) to the NSA in order to support an encryption design that he suggested. In it, he anticipates computational complexity theory as well as modern cryptography. He also proposes that the security of encryption can be based on computational hardness and makes the distinction between polynomial time and exponential time: 'So a logical way to classify enciphering processes is by the way in which the computation length for the computation of the key increases with increasing length of the key. This is at best exponential and at worst probably at most a relatively small power of r, ar^2 or ar^3, as in substitution ciphers.'"

Apple Settles Antennagate Class-Action Lawsuit 130

An anonymous reader writes "A preliminary settlement has been reached in the class-action lawsuit brought against Apple in June 2010 over the 'Antennagate' fiasco. Ira Rothken, co-lead counsel for the case, says there are 21 million people entitled to either $15 or a free bumper. 'The settlement comes from 18 separate lawsuits that were consolidated into one. All share the claim that Apple was "misrepresenting and concealing material information in the marketing, advertising, sale, and servicing of its iPhone 4 — particularly as it relates to the quality of the mobile phone antenna and reception and related software." The settlement has its own Web site, www.iPhone4Settlement.com, which will be up in the coming weeks (the site doesn't go anywhere right now). There, customers will be able to get information about the settlement and how to make a claim. As part of the arrangement, e-mails will also be sent alerting original buyers to the settlement before April 30, 2012. The claims period is then open for 120 days.'"

iPad 3 Confirmed To Have 2048x1536 Screen Resolution 537

bonch writes "After months of reporting on photos of iPad 3 screen parts, MacRumors finally obtained one for themselves and examined it under a microscope, confirming that the new screens will have twice the linear resolution of the iPad 2, with a whopping 2048x1536 pixel density. Hints of the new display's resolution were found in iBooks 2, which contains hi-DPI versions of its artwork. The iPad 3 is rumored to be launching in early March."

Stealing Laptops For Class Credit 138

First time accepted submitter core_tripper writes "Students at the University of Twente have stolen thirty laptops from various members of the university's staff. They were not prosecuted for this, so they could just get on with their studies. Indeed, these students even received ECTS credits for these thefts. UT researcher Trajce Dimkov asked the students to steal the machines as part of a scientific experiment. Stealing these laptops turned out to be a pretty simple matter."

Ask Slashdot: Life After Software Development? 416

An anonymous reader writes "I've been writing database apps for various industries as the senior developer or tech lead on a given project for most of the past 20 years. The last few years have become particularly taxing as I struggle to reiterate basic concepts to the same technically illiterate managers and stakeholders who keep turning up in charge. While most are knowledgeable about the industries our software is targeting, they just don't get the mechanics of what we do and never will. After so many years, I'm tired of repeating myself. I need a break. I need to walk away from it, and want to look at doing something that doesn't focus heavily on the IT industry day in, day out. Unfortunately, I'm locked to a regional city and I've just spent the majority of my adult life coding, with no other major skills to fall back on. While I'm not keen on remaining in front of a screen, I wouldn't be averse to becoming a tech user and consumer, rather than a creator. Are there similar Slashdotters out there who have made the leap of faith away from tech jobs and into something different? If so, where did you end up? Is there a life after IT for people who are geeks at heart? Apart from staying in my current job, is there any advice for someone who can't really risk the mortgage and kid's education on a whim?"

Are UK Police Hacking File-Sharers' Computers? 177

superglaze writes "Following its takedown earlier this week of the music blog RnBXclusive, the UK's Serious Organised Crime Agency (SOCA) has claimed that "a number of site users have deleted their download histories" in response. Given that the site didn't host copyright-infringing files itself, how do they know? We've asked, but SOCA refuses to discuss its methods. A security expert has pointed out that, if they were hacking using Trojans, the police would themselves have been breaking the law. Added fun fact: SOCA readily admits that the scare message it showed visitors to the taken-down site was written 'with input from industry.'"

JotForm.com Gets Shut Down SOPA-Style 188

itwbennett writes "In a post on the company blog, JotForm.com cofounder Aytekin Tank alerts users that 'a US government agency has temporarily suspended' the jotform.com domain. He explains that it is part of an 'ongoing investigation' of content posted to its site by a user. Although which user and what content haven't yet been disclosed, there is speculation about forms used for a phishing attack on a South African bank. JotForm hosts over two million user-generated forms, and uses software to block fraudulent accounts (65,000 so far), so you can see there's plenty of opportunity for mischief."

SSD Latency, Error Rates May Spell Bleak Future 292

Lucas123 writes "A new study by the University of California and Microsoft shows that NAND flash memory experiences significant performance degradation as die sizes shrink in size. Over the next dozen years latency will double as the circuitry size shrinks from 25 nanometers today, to 6.5nm, the research showed. Speaking at the Usenix Conference on File and Storage Technologies in San Jose this week, Laura Grupp, a graduate student at the University of California, said tests of 45 different types of NAND flash chips from six vendors using 72nm to 25nm lithography techniques showed performance degraded across the board and error rates increased as die sizes shrunk. Triple-Level NAND performed the worst, followed by Multi-Level Cell NAND and Single-Level Cell. The researchers said MLC NAND-based SSDs won't be able to go beyond 4TB and TLC-based SSDs won't be able to scale past 16TB because of the performance degradation, so it appears the end of the road for SSDs will be 2024."

Oracle Claims Dramatic MySQL Performance Improvements 168

New submitter simula67 writes "Oracle wins back some karma from the open source community by releasing MySQL cluster 7.2 with ambitious claims of 70x performance gains. The new release is GPL and claims to have processed over 1 billion queries per minute. Readers may remember the story about Oracle adding commercial extensions to MySQL."