Security

Building the Ultimate Safe House 289

Hugh Pickens writes "Candace Jackson writes that an increasing number of home builders and buyers are looking for a new kind of security: homes equipped to handle everything from hurricanes, tornadoes and hybrid superstorms like this week's Sandy, to man-made threats ranging from home invasion to nuclear war. Fueling the rise of these often-fortresslike homes are new technologies and building materials—which builders say will ultimately be used on a more widespread basis in storm- and earthquake-threatened areas. For example, Alys Beach, a 158-acre luxury seaside community on Florida's Gulf Coast, has earned the designation of Fortified...for safer living® homes and is designed to withstand strong winds. The roofs have two coats of limestone and exterior walls have 8 inches of concrete, reinforced every 32 inches for 'bunkerlike' safety, according to marketing materials. Other builders are producing highly hurricane-proof residences that are circular in shape with 'radial engineering' wherein roof and floor trusses link back to the home's center like spokes on a wheel, helping to dissipate gale forces around the structure. Deltec, a North Carolina–based builder, says it has never lost a circular home to hurricanes in over 40 years of construction. But Doug Buck says some 'extreme' building techniques don't make financial sense. 'You get to a point of diminishing returns,' says Buck. 'You're going to spend so much that honestly, it would make more sense to let it blow down and rebuild it.''
Encryption

Most US Drones Still Beam Video Unencrypted 138

An anonymous reader writes "Four years after discovering that militants were tapping into drone video feeds, the U.S. military still hasn't secured the transmissions of more than half of its fleet of Predator and Reaper drones, Danger Room has learned. The majority of the aircraft still broadcast their classified video streams 'in the clear' — without encryption. With a minimal amount of equipment and know-how, militants can see what America's drones see."
Media

Ask Slashdot: Finding Legacy UnixWare Installation Media? 193

First time accepted submitter lukpac writes "We have an old (ancient) Unisys server in production that hosts a legacy system and are attempting to virtualize it. Unfortunately we don't have a generic UnixWare (2.1.2) installation CD, just a Unisys-specific one, and given the recent unpleasantness (see Groklaw for details), SCO isn't much of an option. We're not looking at pirating it (as above, we do still have the Unisys-specific media), but do need a generic copy of UnixWare. What options, if any, are available?"
Cloud

Con Ed Says NYC Datacenters Should Get Power Saturday 107

Nerval's Lobster writes "The local utility serving most of the New York City area, Con Edison, reported that it should begin supplying utility power to midtown and lower Manhattan by Saturday evening, returning the island's data centers and citizens to some semblance of normalcy. In the past few days, data center managers have been forced to add fuel logistics to their list of responsibilities, as most Manhattan data centers have been subsisting on generator power. That should come to an end, for the most part, when utility power is restored. In a possibly worrying note, Verizon warned late on Nov. 1 that its services to business customers could be impacted due to lack of fuel."
Government

UK Takes Huge Step Forward On Open Standards 67

jrepin sends this news from the FSF Europe site: "The UK government is certainly taking a long and winding road towards Free Software and Open Standards. The UK's public sector doesn't use a lot of Free Software, and many smaller Free Software companies have found it comparatively hard to get public sector buyers for their products and services. The main reason is that government agencies at all levels are locked into proprietary, vendor-specific file formats. ... The UK government has released a new Open Standards policy. With this policy (PDF), and in particular with its strong definition of Open Standards, the UK government sets an example that governments elsewhere should aspire to,' says Karsten Gerloff, President of the Free Software Foundation Europe. Under the new policy, effective immediately, patents that are essential to implementing a standard must be licensed without royalties or restrictions that would prevent their implementation in Free Software."
Communications

WW2 Carrier Pigeon and Undecoded Message Found In Chimney 287

BigBadBus writes "The BBC is reporting that the remains of a World War 2 carrier pigeon were found during renovation of a chimney in England. What is interesting is that the pigeon's remains still had its message attached to the leg ring; even more interesting, this is the first recorded instance of a code being used rather than plain text. The successor to WW2 code-breaking HQ Bletchley Park, the GCHQ, is trying to decipher this unique code. Maybe a Slashdot reader can beat them to it?"
Security

PayPal Security Holes Expose Customer Card Data, Personal Details 87

mask.of.sanity writes "Dangerous website flaws have been discovered in PayPal that grant attackers access to customer credit card data, account balances and purchase histories. The holes still exist. One was publicly disclosed after a failed effort in July to responsibly disclose them under PayPal's bug bounty program. PayPal is working to close the holes."
Privacy

More Than 25% of Android Apps Know Too Much About You 277

CowboyRobot writes "A pair of reports by Juniper and Bit9 confirm the suspicion that many apps are spying on users. '26 percent of Android apps in Google Play can access personal data, such as contacts and email, and 42 percent, GPS location data... 31 percent of the apps access phone calls or phone numbers, and 9 percent employ permissions that could cost the user money, such as incurring premium SMS text message charges... nearly 7 percent of free apps can access address books, 2.6 percent, can send text messages without the user knowing, 6.4 percent can make calls, and 5.5 percent have access to the device's camera.' The main issue seems to be with poor development practices. Only in a minority of cases is there malicious intent. The Juniper report and the Bit9 report are both available online."
Government

IEEE Standards For Voting Machines 221

kgeiger writes "Voting machine designs and data formats are a free-for-all. The result is poor validation and hence opportunity for fraud. An IEEE standards group wants all election computer systems to speak the same language. From the article: 'IEEE Standards Project 1622 is working on electronic data interchange for voting systems. The plan is to create a common format, based on the Election Markup Language (EML) already recommended for use in Europe. This is a subset of the popular XML (eXtensible Markup Language) that specifies particular fields and data structures for use in voting.'"
Government

Department of Homeland Security Wants Nerds For a New "Cyber Reserve'" 204

pigrabbitbear writes "Just three weeks after Defense Secretary Leon Panetta told an audience at the Sea, Air and Space Museum that the U.S. is on the brink of a 'cyber Pearl Harbor,' the government has decided it needs to beef up the ranks of its digital defenses. It's assembling a league of extraordinary computer geeks for what will be known as the 'Cyber Reserve.'"
Operating Systems

OpenBSD 5.2 Released 141

An anonymous reader writes "OpenBSD 5.2 has been released and is available for download. One of the most significant changes in this release is the replacement of the user-level uthreads by kernel-level rthreads, allowing multithreaded programs to utilize multiple CPUs/cores."
Microsoft

Security Firm VUPEN Claims To Have Hacked Windows 8 and IE10 118

An anonymous reader writes "Windows 8 was released late last week, and already this week French security firm VUPEN says it has broken Microsoft's latest and greatest security features. The company claims it has developed a 0-day exploit for Windows 8 and IE10, by chaining multiple undisclosed flaws together."
Businesses

NYC Data Center Needs Focus On Fuel 162

Nerval's Lobster writes "Who knew that the most critical element of operating a data center in New York City was ensuring a steady supply of diesel fuel? In the wake of Hurricane Sandy, the challenges facing data center operators in the affected zones include pumping water from basements, waiting for utility power to be restored, and managing fuel-truck deliveries. And it's become increasingly clear which companies had the resources and foresight to plan for a disaster like Sandy, and which are simply reacting. Here's the latest on providers around the New York area." And remember, having fuel for machines sometimes only means it's time to start the manual labor.
Government

FTC Whacks "Rachel From Card Holder Services" 289

coondoggie writes "Just two weeks after it challenged the public to come up with a better technological way to stop incessant robocalling, the Federal Trade Commission pulled the plug on five mass calling companies it said were allegedly responsible for millions of illegal pre-recorded calls from 'Rachel' and others from 'Cardholder Services.' 'At the FTC, Rachel from Cardholder Services is public enemy number one,' said FTC Chairman Jon Leibowitz at the announcement of the cases."
Bug

Internal Bug: Code Flaw May Lead to Wrong Dose From Infusion Pump 86

chicksdaddy writes "The steady drumbeat of disturbing news about vulnerable, IP enabled medical devices continues this week, after medical device maker Hospira said it has issued a voluntary recall of its Symbiq-brand drug infusion pumps after discovering a software error that may cause touch interfaces on the pumps to not respond to user touches or to display dosage information that is inaccurate. The problem was detected in around 1.5% of Symbiq One Channel and Two Channel Infusers (model numbers 16026 and 16027), but could potentially affect 'all Symbiq infusion systems currently in the field.' The software bug could result in 'a delayed response and or the screen registering a different value from the value selected by the user,' the company said in a statement."
Privacy

Judge To Newspaper - Reveal Name of Commenter 307

First time accepted submitter Andy Prough writes "A Kansas judge has ordered a Topeka newspaper to release the name of a commenter on one of its stories about the trial of Anceo D. Stovall for the murder of Natalie Gibson. Using the name 'BePrepared,' the commenter posted the following in response to a story about the ongoing trial on July 21 at 1:45pm: 'Trust me that's all they got in their little world, as you know, I have been there. Remember the pukes names they will do it for ever.' The problem? The court is convinced that 'BePrepared' was a juror, and was not supposed to be accessing news about the trial before it ended on July 24th. The court wants BePrepared's name, address and IP address. The jury was ultimately unable to find Stovall guilty of 10 of the 11 charges against him — including murder. Both defense and prosecution lawyers appear to want a new trial, and if it turns out that BePrepared was a juror, they are more likely to get their wish."
Networking

Dutch DigiNotar Servers Were Fully Hacked 83

ChristW writes "The final report that was handed to the Dutch government today indicates that all 8 certificate servers of the Dutch company DigiNotar were fully hacked. (Report PDF in English.) Because the access log files were stored on the same servers, they cannot be used to find any evidence for or against intrusion. In fact, blatant falsification has been found in those log files. A series of so-far unused certificates has also been found. It is unknown if and where these certificates have been used."
Security

More Drones Set To Use US Air Space 223

Dupple writes with a quote from the BBC about more testing of Predator drones in U.S. air space: "Tests have been carried out to see whether military drones can mix safely in the air with passenger planes. The tests involved a Predator B drone fitted with radio location systems found on domestic aircraft that help them spot and avoid other planes. The tests will help to pave the way for greater use of drones in America's domestic airspace."
Encryption

Ask Slashdot: Is TSA's PreCheck System Easy To Game? 157

OverTheGeicoE writes "TSA has had a preferred traveler program, PreCheck, for a while now. Frequent fliers and other individuals with prior approval from DHS can avoid some minor annoyances of airport security, like removing shoes and light jackets, but not all of the time. TSA likes to be random and unpredictable, so PreCheck participants don't always get the full benefits of PreCheck. Apparently the decision about PreCheck is made when the boarding pass is printed, and a traveler's PreCheck authorization is encoded, unencrypted, on the boarding pass barcode. In theory, one could use a barcode-reading Web site (like this one, perhaps) to translate a barcode into text to determine your screening level before a flight. One might even be able to modify the boarding pass using PhotoShop or the GIMP to, for example, get the screening level of your choice. I haven't been able to verify this information, but I bet Slashdot can. Is TSA's PreCheck system really that easy to game? If you have an old boarding pass lying around, can you read the barcode and verify that the information in TFA is correct?"
Government

Irked By Cyberspying, Georgia Outs Russia-based Hacker 95

coondoggie writes "In one of the photos, the dark-haired, bearded hacker is peering into his computer's screen, perhaps puzzled at what's happening. Minutes later, he cuts his computer's connection, realizing he has been discovered. In an unprecedented move, the country of Georgia — irritated by persistent cyber-spying attacks — has published two photos of a Russia-based hacker who, the Georgians allege, waged a persistent, months-long campaign that stole confidential information from Georgian government ministries, parliament, banks and NGOs."

Slashdot Top Deals