Forgot your password?
typodupeerror

Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

Databases

A Tale of Two Databases, Revisited: DynamoDB and MongoDB 73

Posted by Unknown Lamer
from the there-can-be-only-fifty-or-so dept.
Questioning his belief in relational database dogma, new submitter Travis Brown happened to evaluate Amazon's Dynamo DB and MonogDB. His situation was the opposite of Jeff Cogswell's: he started off wanting to prefer Dynamo DB, but came to the conclusion that the benefits of Amazon managing the database for him didn't outweigh the features Mongo offers. From the article: "DynamoDB technically isn't a database, it's a database service. Amazon is responsible for the availability, durability, performance, configuration, optimization and all other manner of minutia that I didn't want occupying my mind. I've never been a big fan of managing the day-to-day operations of a database, so I liked the idea of taking that task off my plate. ... DynamoDB only allows you to query against the primary key, or the primary key and range. There are ways to periodically index your data using a separate service like CloudSearch, but we are quickly losing the initial simplicity of it being a database service. ... However, it turns out MongoDB isn't quite as difficult as the nerds had me believe, at least not at our scale. MongoDB works as advertised and auto-shards and provides a very simple way to get up and running with replica sets." His weblog entry has a few code snippets illustrating how he came to his conclusions.
Security

Zendesk Compromised; Twitter, Tumblr and Pinterest Users Affected 49

Posted by Soulskill
from the another-day-another-hack dept.
Trailrunner7 writes "In the wake of high-profile compromises of companies such as Facebook, the New York Times, Apple and others, officials at Zendesk, an online customer support provider, said that the company also had been compromised and the attackers had made off with the email addresses of customers of Twitter, Tumblr and Pinterest, all of which use Zendesk's services. All three companies sent out emails to affected customers, notifying them of the incident and warning that their email addresses may have been compromised. In what has become an almost daily occurrence now, Zendesk officials posted a notice on the company's blog with the heading "We've been hacked". The Zendesk hack notice says that the company became aware of the attack on its network sometime this week and that the company then identified and patched the vulnerability the attackers had used."
Advertising

CAPTCHA Using Ad-Based Verification 174

Posted by samzenpus
from the more-human-than-human dept.
mk1004 writes "Yahoo news has an article explaining how the text-based CAPTCHA is giving way to ad-based challenge/response. It's claimed that users are faster at responding to familiar logos, shortening the amount of time they spend proving that they are human. From the article: 'Rather than taking just a mere glance to figure out, recent studies show that a typical CAPTCHA takes, on average, 14 seconds to solve, with some taking much, much longer. Multiply that by the millions and millions of verifications per day, and Web users as a whole are wasting years and years of their lives just trying to prove they're not actually computers. This has led many companies to abandon the age-old system in favor of something not only more secure, but also easier to use for your average Webgoer: Ad-based verification, which can actually cut the time it takes to complete the task in half.'"
Canada

Cellphone Privacy In Canada: Encryption Triggers Need For Warrant 111

Posted by timothy
from the rot13-baby-rot13 dept.
codegen writes "The Ontario Court of Appeal has just ruled that the police can search your cellphone if you are arrested without a warrant if it is not password protected. But the ruling also stated that if it is password protected, then the police need a warrant. Previous to this case there was no decision on if the police could search your phone without a warrant in Canada."
The Military

US Stealth Jet Has To Talk To Allied Planes Over Unsecured Radio 270

Posted by samzenpus
from the that's-some-good-planning-there-lou dept.
Lasrick writes "David Axe at Wired's Danger Room explains: 'For the first time, America's top-of-the-line F-22 fighters and Britain's own cutting-edge Typhoon jets have come together for intensive, long-term training in high-tech warfare. If only the planes could talk to each other on equal terms. The F-22 and the twin-engine, delta-wing Typhoon — Europe’s latest warplane — are stuck with partially incompatible secure communications systems. For all their sophisticated engines, radars and weapons, the American and British pilots are reduced to one-way communication, from the Brits to the Yanks. That is, unless they want to talk via old-fashioned radio, which can be intercepted and triangulated and could betray the planes’ locations. That would undermine the whole purpose of the F-22s radar-evading stealth design, and could pose a major problem if the Raptor and the Typhoon ever have to go to war together.'"
Security

Notification of Server Breach Mistaken For Phishing Email 65

Posted by samzenpus
from the it's-not-what-you-say-but-how-you-say-it dept.
netbuzz writes "Educause members and 7,000 university websites are being forced to change account passwords after a security breach involving the organization's .edu domain server. However, some initially hesitated to comply because the Educause notification email bore tell-tale markings of a phishing attempt. 'Given what is known about phishing and user behavior, this was bad form,' says Gene Spafford, a Purdue University computer science professor and security expert. 'For an education-oriented organization to do this is particularly troubling.'"
Earth

How To Safeguard Loose Nukes 167

Posted by samzenpus
from the in-the-wrong-hands dept.
Lasrick writes "The Bulletin has an interesting article about the likelihood of terrorists obtaining nuclear material. 'Since 1993, the International Atomic Energy Agency (IAEA) has logged roughly 2,000 cases of illicit or unauthorized trafficking of nuclear and radioactive material. Thirty illicit radioactive trafficking incidents were reported in the former Soviet region alone from 2009 to 2011. As Obama said in December, "Make no mistake, if [terrorists] get [nuclear material], they will use it."'"
Bug

Japanese Probe Finds Miswiring of Boeing 787 Battery 201

Posted by samzenpus
from the who's-to-blame dept.
NeverVotedBush writes in with the latest installment of the Dreamliner: Boeing 787 saga. "A probe into the overheating of a lithium ion battery in an All Nippon Airways Boeing 787 that made an emergency landing found it was improperly wired, Japan's Transport Ministry said Wednesday. The Transport Safety Board said in a report that the battery for the aircraft's auxiliary power unit was incorrectly connected to the main battery that overheated, although a protective valve would have prevented power from the auxiliary unit from causing damage. Flickering of the plane's tail and wing lights after it landed and the fact the main battery was switched off led the investigators to conclude there was an abnormal current traveling from the auxiliary power unit due to miswiring."
Security

iOS Developer Site At Core of Facebook, Apple Watering Hole Attack 88

Posted by Soulskill
from the web-of-trust dept.
msm1267 writes "The missing link connecting the attacks against Apple, Facebook and possibly Twitter is a popular iOS mobile developers' forum called iphonedevsdk which was discovered hosting malware in an apparent watering hole attack that has likely snared victims at hundreds of organizations beyond the big three. It's not clear whether the site remains infected, but researcher Eric Romang dug into the situation and determined that the site was hosting malicious JavaScript that was redirecting visitors to another site, min.liveanalytics. That site had been hosting malware as of Jan. 15."
Communications

Drones Still Face Major Hurdles In US Airspace 166

Posted by Unknown Lamer
from the drone-vs-drone dept.
coondoggie writes "Communications and effective system control are still big challenges unmanned aircraft developers are facing if they want unfettered access to U.S. airspace. Those were just a couple of the conclusions described in a recent Government Accountability Office report on the status of unmanned aircraft (PDF) and the national airspace. The bottom line for now seems to be that while research and development efforts are under way to mitigate obstacles to safe and routine integration of unmanned aircraft into the national airspace, these efforts cannot be completed and validated without safety, reliability, and performance standards, which have not yet been developed because of data limitations." The FAA and others seem mostly concerned about the drones hitting things if their GPS and ground communications are both disrupted.
Math

Full Review of the Color TI-84 Plus 233

Posted by Unknown Lamer
from the the-80s-never-looked-so-cool dept.
KermMartian writes "The TI-84 Plus C Silver Edition isn't the first color-screen graphing calculator, or even TI's first color calculator, but it's a refresh of a 17-year-old line that many have mocked as antiquated and overpriced. From an advanced review model, the math features look familiar, solid, and augmented with some new goodies, while programming looks about on par with its siblings. The requisite teardown uncovers the new battery, Flash, ASIC/CPU, and LCD used in the device. Although there are some qualms about its speed and very gentle hardware upgrades beyond the screen, it looks to be an indication that TI will continue this inveterate line for years to come." Lots of screenshots and pictures of the innards too.
Blackberry

BlackBerry TIFF Vulnerability Could Allow Access To Enterprise Server 41

Posted by Soulskill
from the spock-missed-some-updates dept.
Trailrunner7 writes "A vulnerability exists in some components of BlackBerry mobile devices that could grant attackers access to instances of the company's Enterprise Server (BES), according to BlackBerry, which issued an alert and released a patch for the vulnerability last week via its Knowledge Base support site. BES, the software implicated by the vulnerability, helps companies deploy BlackBerry devices. The high severity advisory involves the way the phone views Tagged Image File Format (TIFF) files, specifically the way the phone's Mobile Data System Connection Service and Messaging Agent processes and renders the images. An attacker could rig a TIFF image with malware and get a user to either view the image via a specially crafted website or send it to the user via email or instant message. The last two exploit vectors could make it so the user wouldn't have to click the link or image, or view the email or instant message, for the attack to prove successful. Once executed, an attacker could access and execute code on Blackberry's Enterprise Server."
China

Utilities Racing To Secure Electric Grid 113

Posted by Soulskill
from the shouldn't-they-have-done-this-5-years-ago dept.
FreeMichael61 writes "In the latest episode of Spy vs. Spy, China rejects accusations it's hacking U.S. companies to steal IP or bring down the grid. But there's no doubt the grid can be hacked, CIO Journal's Steve Rosenbush and Rachael King report. Industrial control networks are supposed to be protected from the Internet by an air gap that, it turns out, is largely theoretical. Internal security is often lax, laptops and other devices are frequently moved between corporate networks and control networks, and some SCADA systems are still directly connected to the internet. What security standards actually exist are out of date and don't cover enough, and corporations often use questionable supply chains because they are cheaper."
Businesses

Large Corporations Displacing Aging IT Workers With H-1B Visa Workers 617

Posted by Soulskill
from the looking-out-for-number-one dept.
New submitter genericmk writes "NPR is running an interesting story about the unfortunate status of the aging programmers in the IT industry. Older IT workers are opposing the H-1B visa overhaul. Large corporations want more visa, they claim, because of a shortage of IT talent. However, these companies are actively avoiding older, more experienced workers, and are bringing in large volumes of foreign staff. The younger, foreign workers are often easier to control, and they demand lower wages; indentured servitude is replacing higher cost labor."
Java

Apple Hit By Hackers Who Targeted Facebook 148

Posted by Soulskill
from the getting-hacked-is-now-the-trendy-thing-to-do dept.
snydeq writes "Apple was recently attacked by hackers who infected the Macintosh computers of some employees, the company said on Tuesday in an unprecedented disclosure that described the widest known cyber attacks against Apple-made computers to date, Reuters reports. 'The same software, which infected Macs by exploiting a flaw in a version of Oracle Corp's Java software used as a plug-in on Web browsers, was used to launch attacks against Facebook, which the social network disclosed on Friday. ... A person briefed on the investigation into the attacks said that hundreds of companies, including defense contractors, had been infected with the same malicious software, or malware. The attacks mark the highest-profile cyber attacks to date on businesses running Mac computers.'"

Air is water with holes in it.

Working...