Feed aggregator

It's World (Terrible) Password (Advice) Day!

TheRegister - Thu, 05/03/2018 - 17:35
Frequently change your one random password – that's the ticket

It's World Password Day! And you know what that means: all the effort you've put into trying to persuade people to rethink how they do passwords turns to mush because some company sees a PR opportunity and floods social media with terrible advice.…

A Group of Public Radio Companies Acquires Podcast App Pocket Casts

Slashdot - Thu, 05/03/2018 - 17:35
NPR, WNYC Studios, WBEZ Chicago and This American Life announced today that they've acquired Pocket Casts, a podcast app created by Australian developer Shifty Jelly. From a report: That might sound like a lot of owners for one app, but the idea is to run Pocket Casts as a joint venture. And while former iHeartRadio executive Owen Grover is becoming CEO, NPR says the existing Pocket Casts team will remain in place, with founders Philip Simpson and Russell Ivanovic holding leadership roles in the company. All four of the acquirers have released their own apps already, but buying Pocket Casts should give them another way to become more involved in distribution and reach listeners directly. (This seems to be a growing concern among all public radio organizations -- in 2016, public radio marketplace PRX spun out a for-profit company called RadioPublic to focus on mobile apps.)

Read more of this story at Slashdot.

Open-Source Rook Cloud Storage Project Backer Upbound Raises $9M for Multi-Cloud

LXer - Thu, 05/03/2018 - 17:24
Bassam Tabbara, CEO of Upbound discusses the CNCF's Rook cloud storage orchestration project and the multi-cloud future his company is hoping to enable.

Former Volkswagen CEO indicted over emission cheating conspiracy

TheRegister - Thu, 05/03/2018 - 17:18
US Justice Department seeks to punish diesel deceivers

Martin Winterkorn, the former CEO of Volkswagen AG, has been indicted on charges of conspiracy and wire fraud by the US Department of Justice.…

Phone Maker BLU Settles With FTC Over Unauthorized User Data Extraction

Slashdot - Thu, 05/03/2018 - 17:05
lod123 shares a report from Threatpost: Android phone-maker BLU Products agreed to a proposed settlement on Tuesday with the Federal Trade Commission, over allegations it allowed the third-party firm Adups Technology to collect detailed consumer data from users without their consent. In an administrative complaint filed earlier this week against BLU and the company's co-owner and president Samuel Ohev-Zion, the FTC accused the firm of sharing with China-based Adups the full contents of their users' text messages, real-time cell tower location data, call and text-message logs, contact lists, and applications used and installed on devices. Ultimately, the FTC is alleging Ohev-Zion and BLU violated the FTC Act's section pertaining to "deceptive representation regarding disclosure of personal information." The proposed settlement will be made final after a 30-day public comment period. In its proposed complaint, the FTC said Florida-based BLU contracted with Adups to issue security and operating system updates to millions of phones sold by the firm through Amazon, Best Buy and Walmart. In addition to allegedly failing to protect consumer privacy, the FTC asserts that BLU failed "to adequately assess the privacy and security risks of third-party software installed on BLU devices" resulting in "common security vulnerabilities that could enable attackers to gain full access to the devices." Security researchers at Kryptowire first reported in 2016 that several models of BLU phones actively transmitted user and device information to Adups.

Read more of this story at Slashdot.

Airbnb Drives Up Rent Costs In Manhattan and Brooklyn, Report Says

Slashdot - Thu, 05/03/2018 - 16:25
According to a report from New York City's comptroller, Scott Stringer, Airbnb is causing rent prices to increase significantly in Manhattan and Brooklyn (Warning: source may be paywalled: alternative source), where the majority of the company's rentals are concentrated. The New York Times reports: In Manhattan's Hell's Kitchen and Chelsea neighborhoods and the Midtown Business District, which accounted for about 11 percent of all Airbnb listings in New York City in 2016, average monthly rents increased by $398 between 2009 and 2016, of which $86, or 21.6 percent, was a result of Airbnb's presence, the report said. In Greenpoint and Williamsburg in Brooklyn, the study said, rents went up 18.6 percent in those years because of Airbnb listings. Airbnb makes it easy to rent apartments to tourists, taking units off the market for full-time residents, the report said. The report said that Airbnb's influence cost New Yorkers $616 million in additional rent in 2016 as a result of price pressures.

Read more of this story at Slashdot.

Writing Systemd Services for Fun and Profit

LXer - Thu, 05/03/2018 - 16:16
Let's say you want to run a games server, a server that runs Minetest, a very cool and open source mining and crafting sandbox game. You want to set it up for your school or friends and have it running on a server in your living room. Because, you know, if that’s good enough for the kernel mailing list admins, then it's good enough for you.

Google Releases Open Source Framework For Building 'Enclaved' Apps For Cloud

Slashdot - Thu, 05/03/2018 - 15:45
An anonymous reader quotes a report from Ars Technica: Today, Google is releasing an open source framework for the development of "confidential computing" cloud applications -- a software development kit that will allow developers to build secure applications that run across multiple cloud architectures even in shared (and not necessarily trusted) environments. The framework, called Asylo, is currently experimental but could eventually make it possible for developers to address some of the most basic concerns about running applications in any multi-tenant environment. Container systems like Docker and Kubernetes are designed largely to allow untrusted applications to run without exposing the underlying operating system to badness. Asylo (Greek for "safe place") aims to solve the opposite problem -- allowing absolutely trusted applications to run "Trusted Execution Environments" (TEEs), which are specialized execution environments that act as enclaves and protect applications from attacks on the underlying platform they run on.

Read more of this story at Slashdot.

FTC Commissioner refuses to budge until Trump fulfills promises

TheRegister - Thu, 05/03/2018 - 15:43
[Insert peals of laughter and guffawing here]

In a further sign that punching your way out of a paper bag is much harder than people assume, America's consumer rights watchdog the Federal Trade Commission (FTC) has ended up with one commissioner too many.…

European Space Agency wants in on quantum comms satellites

TheRegister - Thu, 05/03/2018 - 15:08
It's fun to kick entangled photons into spaaaace

The European Space Agency is looking to build a communications satellite to send data securely using quantum key distribution.…

A brief history of bad passwords

LXer - Thu, 05/03/2018 - 15:07
IT-mandated password policies seem like a good idea—after all, what are the chances that an attacker will guess your exact passcode out of the 782 million potential combinations in an eight-character string with at least one upper-case letter, one lower-case letter, two numerals, and one symbol? 

Self-Driving Cars' Shortcomings Revealed in DMV Reports

Slashdot - Thu, 05/03/2018 - 15:05
A demand from the California DMV of eight companies testing self-driving cars has highlighted a number of areas where the technology falls short of being safe to operate with no human backup. From a report: All companies testing autonomous vehicles on the state's public roads must provide annual reports to the DMV about "disengagements" that occur when a human backup driver has to take over from the robotic system. The DMV told eight companies with testing permits to provide clarification about their reports. More than 50 companies have permits to test autonomous vehicles with backup drivers on California roads but not all of them have deployed vehicles. It turns out that a number of the issues reported are shared across technology from different companies. Some of the problems had to do with the way the cars sense the environment around them. Others had to do with how the vehicles maneuver on the road. And some had to do with what you might expect from systems made up of networked gadgets: hardware and software failures. The disengagement reports themselves identify other problems some self-driving vehicles struggle with, for example heavy pedestrian traffic or poorly marked lanes.

Read more of this story at Slashdot.

Twitter: No big deal, but everyone needs to change their password

TheRegister - Thu, 05/03/2018 - 14:55
Biz does a GitHub, downplays security blunder as log file of credentials left unencrypted

Twitter is ringing in World Password Day by notifying its users, all 330 million of them, that their login credentials were left unencrypted in an internal log file and should be changed.…

Hurry up patching those Oracle bugs: Attackers aren't waiting

TheRegister - Thu, 05/03/2018 - 14:26
Honeypots swarmed on within three hours of patch release

Security experts are advising administrators to hurry up installing Oracle patches after finding that attackers are quick to target their vulnerabilities.…

Twitter Says Glitch Exposed 'Substantial' Number of Users' Passwords In Plain Text

Slashdot - Thu, 05/03/2018 - 14:25
Twitter is urging its more than 330 million users to change their passwords after a glitch exposed some in plain text on its internal computer network. Reuters is first to report the news: The social network said an internal investigation had found no indication passwords were stolen or misused by insiders, but that it urged all users to consider changing their passwords "out of an abundance of caution." The blog did not say how many passwords were affected. Here's what Twitter has to say about the bug: "We mask passwords through a process called hashing using a function known as bcrypt, which replaces the actual password with a random set of numbers and letters that are stored in Twitter's system. This allows our systems to validate your account credentials without revealing your password. This is an industry standard. Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again." The social networking service is asking users to change their password "on all services where you've used this password." You can do so via the password settings page.

Read more of this story at Slashdot.

KDE Neon Operating System Is Moving to Ubuntu 18.04 LTS (Bionic Beaver)

LXer - Thu, 05/03/2018 - 13:58
The developers of the KDE neon GNU/Linux distribution announced today that they are currently working on rebasing all four editions on Canonical's recently released Ubuntu 18.04 LTS (Bionic Beaver) operating system.

Final Fantasy 7, Tomb Raider Headline Inductees To World Video Game Hall of Fame

Slashdot - Thu, 05/03/2018 - 13:45
Dave Knott writes: The 2018 World Video Game Hall of Fame inductees have been announced. The Hall Of Fame "recognizes individual electronic games of all types — arcade, console, computer, handheld, and mobile -- that have enjoyed popularity over a sustained period and have exerted influence on the video game industry or on popular culture and society in general." The 2018 inductees are: Final Fantasy 7, John Madden Football, Spacewar!, and the first Tomb Raider.

Read more of this story at Slashdot.

LLVM contributor hits breakpoint, quits citing inclusivity intolerance

TheRegister - Thu, 05/03/2018 - 13:41
Discrimination is unethical, developer declares

Rafael Avila de Espindola, one of the top contributors to the LLVM compiler toolset, has cut ties with the open source project over what he perceives as code of conduct hypocrisy and support for ethnic favoritism.…

Untethered Oculus Go VR headset improves on Gear VR design

LXer - Thu, 05/03/2018 - 12:50
Oculus has launched an untethered, 3DOF head tracking “Oculus Go” VR headset for $199. The Go runs Android on a Snapdragon 821 and offers a 5.5-inch 2560 x 1440 display and two-hour plus battery life.

Upgrading a Grails 2 application to Grails 3

LXer - Thu, 05/03/2018 - 11:41
I’m a huge fan of Grails. For me, the only real downside to building something in Grails is that the documentation tends to move quite a bit more slowly than the code. This is especially true for the learning materials that exist outside the reference documentation.
Syndicate content