Orome1 writes "After creating the 'Decaptcha' software to solve audio CAPTCHAs, Stanford University's researchers modified it and turned it against text and, quite recently, video CAPTCHAs with considerable success. Video CAPTCHAs have been touted by their developer, NuCaptcha, as the best and most secure method of spotting bots trying to pass themselves off as human users. Unfortunately for the company, researchers have managed to prove that over 90 percent of the company's video CAPTCHAs can be decoded by using their Decaptcha software in conjunction with optical flow algorithms created by researchers in the computer vision field of study."

NetDanzr writes "I work for an IT company that has a steady stream of projects, new features to our existing products and technical support issues. As it is customary, though, our development resources are not sufficient to cover the amount of projects. As a result, our delivery dates are slipping, and as a result the average priority of projects is rising. Where the goal was to have only 10% of projects rated high, within a year nearly 50% of projects are rated as such. Our solution is to completely wipe out the project list once per year and start a new, properly prioritized list. How does your company deal with this inflation of priorities?"

judgecorp writes "The UK government is proposing a law that would require phone and Internet companies to store information on all communications, and hand it to the security services when required. The Communications Capabilities Development Programme (CCDP) abandoned by the last government is back on the table, proposed as a means to increase security, and likely to be pushed through before the Olympics in London, according to reports."

wiredmikey writes "The popular free security tool HijackThis has been open sourced by its owner, Trend Micro. The tool scans systems to find settings that may have been modified by spyware, malware or other programs that have wiggled their way onto a system and caused problems. Downloaded over 10 million times, HijackThis generates reports to help users analyze and fix an infected or problem computer. But the tool is not designed for novices – and doesn't actually determine what's good or bad. That's up to you, but it is a good way to keep an eye on things and possibly locate anomalies that may have been missed by other security products. Trend Micro warns that if you don't know what you're doing, it's probably not a good idea to make any changes to your computer settings and system files. Trend Micro acquired the tool from creator Merijn Bellekom in 2007, and has offered it for free ever since, but now is making the code available to the public. The code, originally written in Visual Basic, is now officially available at Sourceforge here."

Trailrunner7 writes "Google is in the process of developing a tool to help users generate strong passwords for the various and sundry Web sites for which they need to register and authenticate. The password-generator is meant to serve as an interim solution for users while Google and other companies continue to work on widespread deployment of the OpenID standard. The tool Google engineers are working on is a fairly simple one. For people who are using the Chrome browser, whenever a site presents them with a field that requires creating a password, Chrome will display a small key icon, letting the users know that they could allow Chrome to generate a password for them."

Diamonddavej writes "The BBC reports that software development student Glenn Mangham, a 26-year-old from the UK, was jailed 17 February 2012 for eight months for computer misuse, after he discovered serious Facebook security vulnerabilities. Hacking from his bedroom, Mangham gained access to three of Facebook's servers and was able to download to an external hard drive the social network's 'invaluable' intellectual property (source code). Mangham's defense lawyer, Mr. Ventham, pointed out that Mangham is an 'ethical hacker' and runs a tax registered security company. The court heard Mangham previously breached Yahoo's security, compiled a vulnerability report and passed on to Yahoo. He was paid '$7000 for this achievement,' and claims he was merely trying to repeat the same routine with Facebook. But in passing sentence, Judge Alistair McCreath said despite the fact he did not intend to pass on the information gathered, his actions were not harmless and had 'real consequences and very serious potential consequences' for Facebook. The case's prosecutor, Mr. Patel, said Facebook spent '$200,000 (£126,400) dealing with Mangham's crime.'"

An anonymous reader writes "In 1955, John Nash sent an amazing letter (PDF) to the NSA in order to support an encryption design that he suggested. In it, he anticipates computational complexity theory as well as modern cryptography. He also proposes that the security of encryption can be based on computational hardness and makes the distinction between polynomial time and exponential time: 'So a logical way to classify enciphering processes is by the way in which the computation length for the computation of the key increases with increasing length of the key. This is at best exponential and at worst probably at most a relatively small power of r, ar^2 or ar^3, as in substitution ciphers.'"

An anonymous reader writes "A preliminary settlement has been reached in the class-action lawsuit brought against Apple in June 2010 over the 'Antennagate' fiasco. Ira Rothken, co-lead counsel for the case, says there are 21 million people entitled to either $15 or a free bumper. 'The settlement comes from 18 separate lawsuits that were consolidated into one. All share the claim that Apple was "misrepresenting and concealing material information in the marketing, advertising, sale, and servicing of its iPhone 4 — particularly as it relates to the quality of the mobile phone antenna and reception and related software." The settlement has its own Web site, www.iPhone4Settlement.com, which will be up in the coming weeks (the site doesn't go anywhere right now). There, customers will be able to get information about the settlement and how to make a claim. As part of the arrangement, e-mails will also be sent alerting original buyers to the settlement before April 30, 2012. The claims period is then open for 120 days.'"

bonch writes "After months of reporting on photos of iPad 3 screen parts, MacRumors finally obtained one for themselves and examined it under a microscope, confirming that the new screens will have twice the linear resolution of the iPad 2, with a whopping 2048x1536 pixel density. Hints of the new display's resolution were found in iBooks 2, which contains hi-DPI versions of its artwork. The iPad 3 is rumored to be launching in early March."

First time accepted submitter core_tripper writes "Students at the University of Twente have stolen thirty laptops from various members of the university's staff. They were not prosecuted for this, so they could just get on with their studies. Indeed, these students even received ECTS credits for these thefts. UT researcher Trajce Dimkov asked the students to steal the machines as part of a scientific experiment. Stealing these laptops turned out to be a pretty simple matter."

An anonymous reader writes "I've been writing database apps for various industries as the senior developer or tech lead on a given project for most of the past 20 years. The last few years have become particularly taxing as I struggle to reiterate basic concepts to the same technically illiterate managers and stakeholders who keep turning up in charge. While most are knowledgeable about the industries our software is targeting, they just don't get the mechanics of what we do and never will. After so many years, I'm tired of repeating myself. I need a break. I need to walk away from it, and want to look at doing something that doesn't focus heavily on the IT industry day in, day out. Unfortunately, I'm locked to a regional city and I've just spent the majority of my adult life coding, with no other major skills to fall back on. While I'm not keen on remaining in front of a screen, I wouldn't be averse to becoming a tech user and consumer, rather than a creator. Are there similar Slashdotters out there who have made the leap of faith away from tech jobs and into something different? If so, where did you end up? Is there a life after IT for people who are geeks at heart? Apart from staying in my current job, is there any advice for someone who can't really risk the mortgage and kid's education on a whim?"

superglaze writes "Following its takedown earlier this week of the music blog RnBXclusive, the UK's Serious Organised Crime Agency (SOCA) has claimed that "a number of site users have deleted their download histories" in response. Given that the site didn't host copyright-infringing files itself, how do they know? We've asked, but SOCA refuses to discuss its methods. A security expert has pointed out that, if they were hacking using Trojans, the police would themselves have been breaking the law. Added fun fact: SOCA readily admits that the scare message it showed visitors to the taken-down site was written 'with input from industry.'"

itwbennett writes "In a post on the company blog, JotForm.com cofounder Aytekin Tank alerts users that 'a US government agency has temporarily suspended' the jotform.com domain. He explains that it is part of an 'ongoing investigation' of content posted to its site by a user. Although which user and what content haven't yet been disclosed, there is speculation about forms used for a phishing attack on a South African bank. JotForm hosts over two million user-generated forms, and uses software to block fraudulent accounts (65,000 so far), so you can see there's plenty of opportunity for mischief."

Lucas123 writes "A new study by the University of California and Microsoft shows that NAND flash memory experiences significant performance degradation as die sizes shrink in size. Over the next dozen years latency will double as the circuitry size shrinks from 25 nanometers today, to 6.5nm, the research showed. Speaking at the Usenix Conference on File and Storage Technologies in San Jose this week, Laura Grupp, a graduate student at the University of California, said tests of 45 different types of NAND flash chips from six vendors using 72nm to 25nm lithography techniques showed performance degraded across the board and error rates increased as die sizes shrunk. Triple-Level NAND performed the worst, followed by Multi-Level Cell NAND and Single-Level Cell. The researchers said MLC NAND-based SSDs won't be able to go beyond 4TB and TLC-based SSDs won't be able to scale past 16TB because of the performance degradation, so it appears the end of the road for SSDs will be 2024."

New submitter simula67 writes "Oracle wins back some karma from the open source community by releasing MySQL cluster 7.2 with ambitious claims of 70x performance gains. The new release is GPL and claims to have processed over 1 billion queries per minute. Readers may remember the story about Oracle adding commercial extensions to MySQL."

adeelarshad82 writes "Earlier today Apple announced their next OS, Mountain Lion. According to an early look, OS X 10.8 does more to integrate social networking and file-synching into a personal computer than any other OS. It tightly integrates with the whole Apple ecosystem that includes iOS devices and the free iCloud sharing service. Moreover Mountain Lion adds a powerful new line of defense against future threats where a malware app is prevented from running even if it is deliberately downloaded to a computer. Even though Apple's clearly got a lot of fine-tuning to do—and possibly a few features to add, there's no doubt that Mountain Lion already looks very fine." Update: 02/16 15:04 GMT by T : New submitter StephenBrannen writes with some more details culled from CNET. The newest OS X has now been released to developers, with an official release date planned for this summer. "Mountain Lion, as it is called, will further blur the lines between iOS and its Mac OS. iOS features that are being ported include: Messages (replacing iChat), Notification Center, Game Center, Notes, and AirPlay mirroring. Also new to Mac OS is the addition of Gatekeeper, which should help prevent malware attacks on Apple products. Not announced is whether Siri will be ported to the Mac."

snydeq writes "Advice Line's Bob Lewis sees ripe opportunity for Microsoft in the tablet market: Forget about outdoing Apple's iPad and give us the features that finally improve the way we work. 'The game isn't beating Apple at its own game. The magic buzzword is to "differentiate" and show what your technology will do that Apple won't even care about, let alone beat you at. One possible answer: Help individual employees be more effective at their jobs,' Lewis writes, outlining four business features to target, not the least of which would be to provide UI variance, enabling serious tablet users to expose the OS complexity necessary to do real work."

Barence writes "Microsoft claims an "independent" report proves it has the best spam protection in the industry — an argument deconstructed by PC Pro. 'Our own internal metrics, customer feedback, and even a recent third-party report confirms that no mail service offers better protection than Hotmail,' Microsoft's Dick Craddock wrote in a Windows Live blog post earlier this week."

J. Alex Halderman and Nadia Heninger write in with an update to yesterday's story on RSA key security: "Yesterday Slashdot posted that RSA keys are 99.8% secure in the real world. We've been working on this concurrently, and as it turns out, the story is a bit more complicated. Those factorable keys are generated by your router and VPN, not bankofamerica.com. The geeky details are pretty nifty: we downloaded every SSL and SSH keys on the internet in a few days, did some math on 100 million digit numbers, and ended up with 27,000 private keys. (That's 0.4% of SSL keys in current use.) We posted a long blog post summarizing our findings over at Freedom to Tinker."

DMandPenfold writes with a quote from an article in Computer World: NASDAQ and BATS saw their sites disrupted during the day on Monday and Tuesday respectively. The sites host company news and share price data, as well as vital information on live service status on the exchanges. It is understood, however, that while the websites were affected, the stock exchanges continued to trade as normal with no change to trading. A spokesperson at BATS said the exchange's site had been hit with 'an external Distributed Denial Of Service incident.' Our trading systems were not affected and there were no exchange customer disruptions associated with the incident.' ... NASDAQ told the Wall Street Journal that on Tuesday it experienced 'intermittent service disruptions on our corporate websites.' It is not known who initiated the attacks. In 2010, NASDAQ's Directors Desk online scheduling application was compromised by hackers. An FBI investigation found that the stock exchange's aging software and out of date security patches played a key part in the problems."