Feed aggregator

Parity: The bug that put $169m of Ethereum on ice? Yeah, it was on the todo list for months

TheRegister - Thu, 11/16/2017 - 17:06
Just didn't get round to fixing it – our bad

Alt-coin wallet software maker Parity has published a postmortem of the bug that put millions of dollars of people's Ethereum on ice – and has admitted it knew about the flaw for months. It just hadn't got round to fixing it.…

Raspberry Pi 3 clone offers Allwinner H2, H3, or H5 SoCs for $9 to $29

LXer - Thu, 11/16/2017 - 16:46
Libre Computer’s open source “Tritium” SBCs run Ubuntu or Android on Allwinner H2+, H3, or 64-bit H5 SoCs, and have an RPi 3 like layout and 40-pin header. Earlier this year, Shenzhen-based Libre Computer successfully funded its quad Cortex-A53 Amlogic S905X based Le Potato SBC on Kickstarter for $25 to $35. Now, the company has […]

Jack Dorsey Responds To Serial Killer Who Found His Victims Through Suicidal Twitter Posts

Slashdot - Thu, 11/16/2017 - 16:40
AmiMoJo shares a report from NHK WORLD: Twitter's CEO is reacting to a grisly case in Japan where a suspected serial killer allegedly found his victims through their suicidal posts on the social media platform. In an interview with NHK, Jack Dorsey said it is unrealistic and impossible to remove suicidal tweets. But he said he hoped Twitter could become a tool for prevention. Last month, the dismembered bodies of 9 people were found in 27-year-old Takahiro Shiraishi's apartment near Tokyo. Police say he admitted to the killings. They believe he preyed on people who posted about wanting to kill themselves on Twitter. Recently, Twitter updated its rules regarding posts about self-harm: "You may not promote or encourage suicide or self-harm. When we receive reports that a person is threatening suicide or self-harm, we may take a number of steps to assist them, such as reaching out to that person and providing resources such as contact information for our mental health partners."

Read more of this story at Slashdot.

Australian Broadcasting Corporation leaks passwords, video from AWS S3 bucket

TheRegister - Thu, 11/16/2017 - 16:20
'Advance video content' and years of backups dangled in the cloud

The Australian Broadcasting Corporation (ABC) has joined the long list of organisations to leak sensitive data from a poorly secured public-facing Amazon Web Services S3 bucket.…

New EU Consumer Protection Law Contains a Vague Website Blocking Clause

Slashdot - Thu, 11/16/2017 - 16:00
An anonymous reader quotes a report from Bleeping Computer: The European Union (EU) has voted on Tuesday, November 14, to pass the new Consumer Protection Cooperation regulation, a new EU-wide applicable law that gives extra power to national consumer protection agencies, but which also contains a vaguely worded clause that also grants them the power to block and take down websites without judicial oversight. The new law "establishes overreaching Internet blocking measures that are neither proportionate nor suitable for the goal of protecting consumers and come without mandatory judicial oversight," Member of the European Parliament Julia Reda said in a speech in the European Parliament Plenary during a last ditch effort to amend the law. "According to the new rules, national consumer protection authorities can order any unspecified third party to block access to websites without requiring judicial authorization," Reda added later in the day on her blog. This new law is an EU regulation and not a directive, meaning its obligatory for all EU states, which do not have to individually adopt it.

Read more of this story at Slashdot.

Amazon Key door-entry flaw: No easy fix to stop rogue couriers burgling your place unseen

TheRegister - Thu, 11/16/2017 - 15:45
Patch incoming, hardware recall required to fully address underlying problem

Analysis Amazon has pushed out an emergency security update to its door-unlocking system called Key – which is used by couriers to let themselves into people's homes to drop off packages inside when folks are out.…

How to Install Icinga 2 Monitoring Tool on Debian 9.2

LXer - Thu, 11/16/2017 - 15:31
In this guide we will discuss how to install and configure the latest version Icinga 2 web monitoring tool in Debian 9.2 release, in order to monitor all important network infrastructure devices, such as physical or virtual servers or VMs, routers, switches, firewall appliances and other network IoT devices.

Federal Extreme Vetting Plan Castigated By Tech Experts

Slashdot - Thu, 11/16/2017 - 15:15
An anonymous reader shares an Associated Press report: Leading researchers castigated a federal plan that would use artificial intelligence methods to scrutinize immigrants and visa applicants, saying it is unworkable as written and likely to be "inaccurate and biased" if deployed. The experts, a group of more than 50 computer and data scientists, mathematicians and other specialists in automated decision-making, urged the Department of Homeland Security to abandon the project, dubbed the "Extreme Vetting Initiative." That plan has its roots in President Donald Trump's repeated pledge during the 2016 campaign to subject immigrants seeking admission to the United States to more intense ideological scrutiny -- or, as he put it, "extreme vetting." Over the summer, DHS published a "statement of objectives" for a system that would use computer algorithms to scan social media and other material in order to automatically flag undesirable entrants -- and to continuously scan the activities of those allowed into the U.S.

Read more of this story at Slashdot.

Firefox Will Block Navigational Data URIs as Part of an Anti-Phishing Feature

Slashdot - Thu, 11/16/2017 - 14:35
Catalin Cimpanu, writing for BleepingComputer: Mozilla will soon block the loading of data URIs in the Firefox navigation bar as part of a crackdown on phishing sites that abuse this protocol. The data: URI scheme (RFC 2397) was deployed in 1998 when developers were looking for ways to embed files in other files. What they came up with was the data: URI scheme that allows a developer to load a file represented as an ASCII-encoded octet stream inside another document. Since then, the URI scheme has become very popular with website developers as it allows them to embed text-based (CSS or JS) files or image (PNG, JPEG) files inside HTML documents instead of loading each resource via a separate HTTP request. This practice became hugely popular because search engines started ranking websites based on their page loading speed and the more HTTP requests a website made, the slower it loaded, and the more it affected a site's SERP position.

Read more of this story at Slashdot.

Oracle scrambles to sew up horrid security holes in PeopleSoft's Tuxedo

TheRegister - Thu, 11/16/2017 - 14:34
Nothing like unauth'd hijacking, Heartbleed-style bugs to patch ASAP

Oracle has published an out-of-band software update to address a handful of security flaws in parts of the PeopleSoft HR software.…

5 Coolest Linux Terminal Emulators

LXer - Thu, 11/16/2017 - 14:17
Sure, we can get by with boring old GNOME terminal, Konsole, and funny, rickety, old xterm. When you're in the mood to try something new, however, take a look at these five cool and useful Linux terminals.

Hollywood Strikes Back Against Illegal Streaming Kodi Add-ons

Slashdot - Thu, 11/16/2017 - 13:50
An anonymous reader shares a report: An anti-piracy alliance supported by many major US and UK movie studios, broadcasters and content providers has dealt a blow to the third-party Kodi add-on scene after it successfully forced a number of popular piracy-linked streaming tools offline. In what appears to be a coordinated crackdown, developers including jsergio123 and The_Alpha, who are responsible for the development and hosting of add-ons like urlresolver, metahandler, Bennu, DeathStreams and Sportie, confirmed that they will no longer maintain their Kodi creations and have immediately shut them down.

Read more of this story at Slashdot.

Drone maker DJI left its private SSL, firmware keys open to world+dog on GitHub FOR YEARS

TheRegister - Thu, 11/16/2017 - 13:42
Plus AWS creds, public-facing S3 buckets packed with info

Chinese drone maker DJI left the private key for its dot-com's HTTPS certificate exposed on GitHub for up to four years, according to a researcher who gave up with the biz's bug bounty process.…

Apology After Japanese Train Departs 20 Seconds Early

Slashdot - Thu, 11/16/2017 - 13:05
Several readers share a BBC report: A rail company in Japan has apologised after one of its trains departed 20 seconds early. Management on the Tsukuba Express line between Tokyo and the city of Tsukuba say they "sincerely apologise for the inconvenience" caused. In a statement, the company said the train had been scheduled to leave at 9:44:40 local time but left at 9:44:20. Many social media users reacted to the company's apology with surprise. "Tokyo train company's apology for 20-second-early departure is one of the best things about Japan," a user wrote. The mistake happened because staff had not checked the timetable, the company statement said.

Read more of this story at Slashdot.

OnePlus 5T Keeps the Headphone Jack, Introduces Face Unlock and Parallel Apps

LXer - Thu, 11/16/2017 - 13:03
Five months after it launched its OnePlus 5 flagship Android smartphone, OnePlus unveiled today its successor, the OnePlus 5T, running the latest Android 8.0 (Oreo) mobile OS.

Fedora 27 Atomic Host is available on multiple architectures

LXer - Thu, 11/16/2017 - 11:54
The Fedora 27 Atomic Host now supports multiple architectures! Along with the x86_64 architecture, Atomic Host is also available on 64-bit ARM (aarch64) and PowerPC Little Endian (ppc64le). Both aarch64 and ppc64le architectures receive Atomic OSTree updates in the same... Continue Reading →

Sparks fly as Databricks buddies up with Microsoft in the cloud

TheRegister - Thu, 11/16/2017 - 11:05
Analytics biz now a first-party service on Azure

Databricks and Microsoft are getting cosy in the cloud, in a move that will give the Spark-wrangling company access to a new set of customers.…

Linux Kernel 4.14 -- First Kernel to be Supported for Six Years

LXer - Thu, 11/16/2017 - 10:40
Linux Kernel 4.14 is here. It is a long-term support release and as stated earlier, it is the first Linux Kernel that will be supported for six years. Until now Linux Kernel LTS versions were supported for two years.

Warren 'Mr Moneybags' Buffett offloads huge chunk of IBM investment

TheRegister - Thu, 11/16/2017 - 10:31
Is the Oracle of Omaha cutting his losses?

Legendary investor Warren Buffett appears to be cutting his losses on his IBM investment, slashing his shares by one-third in the last quarter.…

Backup Exec juices dedupe offering, flaunts sign-up cloud model

TheRegister - Thu, 11/16/2017 - 10:15
GDPR compliance and deduped cloud backend

Backup Exec, Veritas' SME backup product, now sports a subscription-based payment scheme, deduping cloud backends and offering GDPR compliance help.…

Syndicate content