Forgot your password?
typodupeerror

Become a fan of Slashdot on Facebook

EU

Switching From Microsoft Office To LibreOffice Saves Toulouse 1 Million Euros 31

Posted by Soulskill
from the all-about-the-napoleans dept.
jrepin sends this EU report: The French city of Toulouse saved 1 million euro by migrating all its desktops from Microsoft Office to LibreOffice. This project was rooted in a global digital policy which positions free software as a driver of local economic development and employment. Former IT policy-maker Erwane Monthubert said, "Software licenses for productivity suites cost Toulouse 1.8 million euro every three years. Migration cost us about 800,000 euro, due partly to some developments. One million euro has actually been saved in the first three years. It is a compelling proof in the actual context of local public finance. ... France has a high value in free software at the international level. Every decision-maker should know this."
Encryption

New SSL Server Rules Go Into Effect Nov. 1 42

Posted by Soulskill
from the encrypt-your-calendars dept.
alphadogg writes: Public certificate authorities (CAs) are warning that as of Nov. 1 they will reject requests for internal SSL server certificates that don't conform to new internal domain naming and IP address conventions designed to safeguard networks. The concern is that SSL server digital certificates issued by CAs at present for internal corporate e-mail servers, Web servers and databases are not unique and can potentially be used in man-in-the-middle attacks involving the setup of rogue servers inside the targeted network, say representatives for the Certification Authority/Browser Forum (CA/B Forum), the industry group that sets security and operational guidelines for digital certificates. Members include the overwhelming bulk of public CAs around the globe, plus browser makers such as Microsoft and Apple. The problem today is that network managers often give their servers names like 'Server1' and allocate internal IP addresses so that SSL certificates issued for them through the public CAs are not necessarily globally unique, notes Trend Micro's Chris Bailey.
Idle

Poetry For Sysadmins: Shall I Compare Thee To a Lumbering Bear? 30

Posted by samzenpus
from the admin-admin-burning-bright-in-the-office-fluorescent-light dept.
itwbennett writes Don't forget that July 25th is Sysadmin Day — a good day to show love to the folks who save your butt again and again when you mess up your computer. Forget the chocolate and flowers, long-time sysadmin Sandra Henry-Stocker has tailored some poems to celebrate these under appreciated, hard-working souls.
Networking

Comcast Carrying 1Tbit/s of IPv6 Internet Traffic 134

Posted by Unknown Lamer
from the hurd-1.0-released dept.
New submitter Tim the Gecko (745081) writes Comcast has announced 1Tb/s of Internet facing, native IPv6 traffic, with more than 30% deployment to customers. With Facebook, Google/YouTube, and Wikipedia up to speed, it looks we are past the "chicken and egg" stage. IPv6 adoption by other carriers is looking better too with AT&T at 20% of their network IPv6 enabled, Time Warner at 10%, and Verizon Wireless at 50%. The World IPv6 Launch site has measurements of global IPv6 adoption.
Government

Social Security Administration Joins Other Agencies With $300M "IT Boondoggle" 135

Posted by Unknown Lamer
from the should-have-gone-into-government-IT dept.
alphadogg (971356) writes with news that the SSA has joined the long list of federal agencies with giant failed IT projects. From the article: "Six years ago the Social Security Administration embarked on an aggressive plan to replace outdated computer systems overwhelmed by a growing flood of disability claims. Nearly $300 million later, the new system is nowhere near ready and agency officials are struggling to salvage a project racked by delays and mismanagement, according to an internal report commissioned by the agency. In 2008, Social Security said the project was about two to three years from completion. Five years later, it was still two to three years from being done, according to the report by McKinsey and Co., a management consulting firm. Today, with the project still in the testing phase, the agency can't say when it will be completed or how much it will cost.
GUI

Mac OS X Yosemite Beta Opens 157

Posted by Unknown Lamer
from the smells-like-system-7 dept.
New submitter David Hames (3763525) writes Would you like to test drive the newest release of the Macintosh operating system? Apple is opening up the beta for Mac OS X Yosemite starting Thursday to the first million people who sign up. Beta users won't be able to access such promised Yosemite features such as the ability to make or receive your iPhone calls or text messages on your Mac, turn on your iPhone hotspot feature from your Mac, or "Handoff" the last thing you were doing on your iOS 8 device to your Mac and vice versa. A new iCloud Drive feature is also off-limits, while any Spotlight search suggestions are U.S.-based only. Don't expect all your Mac apps to run either. Ars has a preview of Yosemite.
Security

Internet Explorer Vulnerabilities Increase 100% 128

Posted by samzenpus
from the protect-ya-neck dept.
An anonymous reader writes Bromium Labs analyzed public vulnerabilities and exploits from the first six months of 2014. The research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013, surpassing Java and Flash vulnerabilities. Web browsers have always been a favorite avenue of attack, but we are now seeing that hackers are not only getting better at attacking Internet Explorer, they are doing it more frequently.
Security

The Psychology of Phishing 123

Posted by samzenpus
from the click-and-release dept.
An anonymous reader writes Phishing emails are without a doubt one of the biggest security issues consumers and businesses face today. Cybercriminals understand that we are a generation of clickers and they use this to their advantage. They will take the time to create sophisticated phishing emails because they understand that today users can tell-apart spam annoyances from useful email, however they still find it difficult identifying phishing emails, particularly when they are tailored to suit each recipient individually. Fake emails are so convincing and compelling that they fool 10% of recipients into clicking on the malicious link. To put that into context a legitimate marketing department at a FTSE 100 company typically expects less than a 2% click rate on their advertising campaigns. So, how are the cybercriminals out-marketing the marketing experts?
Security

Dropbox Head Responds To Snowden Claims About Privacy 167

Posted by samzenpus
from the protect-ya-neck dept.
First time accepted submitter Carly Page writes When asked for its response to Edward Snowden's claims that "Dropbox is hostile to privacy", Dropbox told The INQUIRER that users concerned about privacy should add their own encryption. The firm warned however that if users do, not all of the service's features will work. Head of Product at Dropbox for Business Ilya Fushman says: "We have data encrypted on our servers. We think of encryption beyond that as a users choice. If you look at our third-party developer ecosystem you'll find many client-side encryption apps....It's hard to do things like rich document rendering if they're client-side encrypted. Search is also difficult, we can't index the content of files. Finally, we need users to understand that if they use client-side encryption and lose the password, we can't then help them recover those files."
Government

VP Biden Briefs US Governors On H-1B Visas, IT, and Coding 221

Posted by Soulskill
from the at-least-he-was-wearing-pants dept.
theodp writes: Back in 2012, Computerworld blasted Vice President Joe Biden for his ignorance of the H-1B temporary work visa program. But Joe's got his H-1B story and he's sticking to it, characterizing the visa program earlier this month in a speech to the National Governors Association as "apprenticeships" of sorts that companies provide to foreign workers to expand the Information Technology industry only after proving there are no qualified Americans to fill the jobs. Biden said he also learned from his talks with tech's top CEOs that 200,000 of the jobs that companies provide each year to highly-skilled H-1B visa holders could in fact be done by Americans with no more than a two-year community college degree.
Data Storage

Intel Launches Self-Encrypting SSD 91

Posted by Soulskill
from the masochistic-storage-devices dept.
MojoKid writes: Intel just launched their new SSD 2500 Pro series solid state drive, the follow-up to last year's SSD 1500 Pro series, which targets corporate and small-business clients. The drive shares much of its DNA with some of Intel's consumer-class drives, but the Pro series cranks things up a few notches with support for advanced security and management features, low power states, and an extended management toolset. In terms of performance, the Intel SSD 2500 Pro isn't class-leading in light of many enthusiast-class drives but it's no slouch either. Intel differentiates the 2500 Pro series by adding support for vPro remote-management and hardware-based self-encryption. The 2500 Pro series supports TCG (Trusted Computing Group) Opal 2.0 features and is Microsoft eDrive capable as well. Intel also offers an administration tool for easy management of the drive. With the Intel administration tool, users can reset the PSID (physical presence security ID), though the contents of the drive will be wiped. Sequential reads are rated at up to 540MB/s, sequential writes at up to 480MB/s, with 45K – 80K random read / write IOps.
Encryption

CNN iPhone App Sends iReporters' Passwords In the Clear 40

Posted by Unknown Lamer
from the safe-reporting dept.
chicksdaddy (814965) writes The Security Ledger reports on newly published research from the firm zScaler that reveals CNN's iPhone application transmits user login session information in clear text. The security flaw could leave users of the application vulnerable to having their login credential snooped by malicious actors on the same network or connected to the same insecure wifi hotspot. That's particularly bad news if you're one of CNN's iReporters — citizen journalists — who use the app to upload photos, video and other text as they report on breaking news events. According to a zScaler analysis, CNN's app for iPhone exposes user credentials in the clear both during initial setup of the account and in subsequent mobile sessions. The iPad version of the CNN app is not affected, nor is the CNN mobile application for Android. A spokesman for CNN said the company had a fix ready and was working with Apple to have it approved and released to the iTunes AppStore.
Electronic Frontier Foundation

EFF Releases Wireless Router Firmware For Open Access Points 56

Posted by Soulskill
from the secure-is-as-secure-does dept.
klapaucjusz writes: The EFF has released an experimental router firmware designed make it easy to deploy open (password-less) access points in a secure manner. The EFF's firmware is based on the CeroWRT fork of OpenWRT, but appears to remove some of its more advanced routing features. The EFF is asking for help to further develop the firmware. They want the open access point to co-exist on the same router as your typical private and secured access point. They want the owner to be able to share bandwidth, but with a cap, so guests don't degrade service for the owner. They're also looking to develop a network queueing, a minimalist web UI, and an auto-update mechanism. The EFF has also released the beta version of a plug-in called Privacy Badger for Firefox and Chrome that will prevent online advertisers from tracking you.
Privacy

Black Hat Presentation On Tor Cancelled, Developers Working on Bug Fix 51

Posted by Soulskill
from the you-can't-say-that-on-television dept.
alphadogg writes A presentation on a low-budget method to unmask users of a popular online privacy tool Tor will no longer go ahead at the Black Hat security conference early next month. The talk was nixed by the legal counsel with Carnegie Mellon's Software Engineering Institute after a finding that materials from researcher Alexander Volynkin were not approved for public release, according to a notice on the conference's website. Tor project leader Roger Dingledine said, "I think I have a handle on what they did, and how to fix it. ... Based on our current plans, we'll be putting out a fix that relays can apply that should close the particular bug they found. The bug is a nice bug, but it isn't the end of the world." Tor's developers were "informally" shown materials about the bug, but never saw any details about what would be presented in the talk.
Businesses

Buying New Commercial IT Hardware Isn't Always Worthwhile (Video) 92

Posted by Roblimo
from the sometimes-it's-better-and-costs-less-to-stick-with-proven-hardware dept.
Ben Blair is CTO of MarkITx, a company that brokers used commercial IT gear. This gives him an excellent overview of the marketplace -- not just what companies are willing to buy used, but also what they want to sell as they buy new (or newer) equipment. Ben's main talking point in this interview is that hardware has become so commoditized that in a world where most enterprise software can be virtualized to run across multiple servers, it no longer matters if you have the latest hardware technology; that two older servers can often do the job of one new one -- and for less money, too. So, he says, you should make sure you buy new hardware only when necessary, not just because of the "Ooh... shiny!" factor" (Alternate Video Link)

The economy depends about as much on economists as the weather does on weather forecasters. -- Jean-Paul Kauffmann

Working...