Feed aggregator

Privacy Isn't Dead. It's More Popular Than Ever

LXer - Sat, 07/29/2017 - 21:13
One out of every seven people on the planet uses the messaging app WhatsApp every day, according a recent blog post from the company. A billion people a day send messages to their friends and family on a service that's end-to-end encrypted by default...

US Voting Machines Cracked In 90 Minutes At DEFCON

Slashdot - Sat, 07/29/2017 - 19:50
An anonymous reader quotes The Hill: Hackers at at a competition in Las Vegas were able to successfully breach the software of U.S. voting machines in just 90 minutes on Friday, illuminating glaring security deficiencies in America's election infrastructure. Tech minds at the annual "DEF CON" in Las Vegas were given physical voting machines and remote access, with the instructions of gaining access to the software. According to a Register report, within minutes, hackers exposed glaring physical and software vulnerabilities across multiple U.S. voting machine companies' products. Some devices were found to have physical ports that could be used to attach devices containing malicious software. Others had insecure Wi-Fi connections, or were running outdated software with security vulnerabilities like Windows XP. Though some of the machines were out of date, they were all from "major U.S. voting machine companies" like Diebold Nixorf, Sequoia Voting Systems, and WinVote -- and were purchased on eBay or at government auctions. One of the machines apparently still had voter registration data stored in plain text in an SQLite database from a 2008 election, according to event's official Twitter feed. By Saturday night they were tweeting video of a WinVote machine playing Rick Astley's "Never Gonna Give You Up."

Read more of this story at Slashdot.

Rugged Skylake box PC offers up to 8x USB and 5x HDMI ports

LXer - Sat, 07/29/2017 - 19:18
Advantech’s Linux-ready “UNO-2484G” Box PC offers dual-core 6th Gen U-series CPUs, 4x GbE ports, and either HDMI/USB or “iDoor” expansion units. Like Advantech’s Linux-on-Quark based UNO-1252G IoT gateway and Intel Apollo Lake based ARK-1124C embedded computer, the new Skylake based UNO-2484G embedded PC offers up to four of the company’s homegrown “iDoor” expansion modules. The […]

Apple Pulls Anti-Censorship Apps from China's App Store

Slashdot - Sat, 07/29/2017 - 17:46
An anonymous reader quotes Fortune:Services helping Chinese users circumvent the "Great Firewall of China" have been pulled from Apple's Chinese App Store en masse. On Saturday morning, at least some software makers affected by the sweep received notification from Apple that their tools were removed for violating Chinese law. Internet censorship in China restricts communications about topics including democracy, Tibetan freedom, and the 1989 Tienanmen Square protests. The culling primarily seems to have affected virtual private networks, or VPNs, which mask users' Internet activity and data from outside monitoring. According to a report by the New York Times, many of the most popular such apps are now missing from the Chinese App Store.

Read more of this story at Slashdot.

Future Proof Your SysAdmin Career: An Introduction to Essential Skills

LXer - Sat, 07/29/2017 - 17:24
As the technology industry evolves, today’s system administrators need command of an ever-expanding array of technical skills. However, many experts agree that skills like effective communication and collaboration are just as important.

P&G Cuts More Than $100 Million In 'Largely Ineffective' Digital Ads

Slashdot - Sat, 07/29/2017 - 16:42
schwit1 quotes the Wall Street Journal: Procter & Gamble said that its move to cut more than $100 million in digital marketing spend in the June quarter had little impact on its business, proving that those digital ads were largely ineffective. Almost all of the consumer product giant's advertising cuts in the period came from digital, finance chief Jon Moeller said on its earnings call Thursday. The company targeted ads that could wind up on sites with fake traffic from software known as "bots," or those with objectionable content. "What it reflected was a choice to cut spending from a digital standpoint where it was ineffective, where either we were serving bots as opposed to human beings or where the placement of ads was not facilitating the equity of our brands," he said... The cuts echo marketing executives' mounting concerns around the efficacy of digital advertising and the growing perception that they are wasting money on digital ads that never reach their intended audience.

Read more of this story at Slashdot.

Do Kill Switches Deter Cellphone Theft?

Slashdot - Sat, 07/29/2017 - 15:38
evolutionary shares an article from Ars Technica: San Francisco's district attorney says that a California state law mandating "theft-deterring technological solutions" for smartphones has resulted in a precipitous drop in such robberies. Those measures primarily include a remote kill switch after a phone has been stolen that would allow a phone to be disabled, withstanding even a hard reset. Such a kill switch has become standard in all iPhones ("Activation Lock") and Android phones ("Device Protection") since 2015... When measured from the peak in 2013, "overall robberies involving smartphones have declined an astonishing 50 percent... Because of this hard-fought legislation, stealing a smartphone is no longer worth the trouble, and that means the devices we use every day no longer make us targets for violent crime."

Read more of this story at Slashdot.

How To Use Linux Terminal In Android

LXer - Sat, 07/29/2017 - 15:30
?Did you know that Android is based on Linux kernel? I bet you didn’t. Although many Linux users know it and no matter how hard Google denies it, they still have to accept it that what they modified and used in Android was Linux Kernel. But we are not here to fight on some unsolvable problems. As you now where is Linux, there is Terminal.

100x Faster, 10x Cheaper: 3D Metal Printing Is About To Go Mainstream

Slashdot - Sat, 07/29/2017 - 14:34
Big Hairy Ian shares an article from New Atlas: Desktop Metal -- remember the name. This Massachussetts company is preparing to turn manufacturing on its head, with a 3D metal printing system that's so much faster, safer and cheaper than existing systems that it's going to compete with traditional mass manufacturing processes... Plenty of design studios and even home users run desktop printers, but the only affordable printing materials are cheap ABS plastics. And at the other end of the market, while organizations like NASA and Boeing are getting valuable use out of laser-melted metal printing, it's a very slow and expensive process that doesn't seem to scale well. But a very exciting company out of Massachusetts, headed by some of the guys who came up with the idea of additive manufacture in the first place, believes it's got the technology and the machinery to boost 3D printing into the big time, for real. Desktop Metal is an engineering-driven startup whose founders include several MIT professors, and Emanuel Sachs, who has patents in 3D printing dating back to the dawn of the field in 1989. The company has raised a ton of money in the last few months, including some US$115 million in a recent Series D round that brings total equity investments up over US$210 million. That money has come from big players, too, including Google Ventures... And if Desktop Metal delivers on its promises -- that it can make reliable metal printing up to 100 times faster, with 10 times cheaper initial costs and 20 times cheaper materials costs than existing laser technologies, using a much wider range of alloys -- these machines might be the tipping point for large scale 3D manufacturing.

Read more of this story at Slashdot.

Ops: It's everyone's job now

LXer - Sat, 07/29/2017 - 13:35
Today is Sysadmin Appreciation Day. Turn to your nearest and dearest systems administrator and be sure to thank them for the work they do."Ops is over.""Sysadmins? That's so old school.""All the good engineering teams are automating operations out of existence."read more

Stealthy Google Play Apps Recorded Calls and Stole Emails

Slashdot - Sat, 07/29/2017 - 13:34
An anonymous reader quotes Ars Technica: Google has expelled 20 Android apps from its Play marketplace after finding they contained code for monitoring and extracting users' e-mail, text messages, locations, voice calls, and other sensitive data. The apps, which made their way onto about 100 phones, exploited known vulnerabilities to root devices running older versions of Android.... As a result, the apps were capable of surreptitiously accessing sensitive data stored, sent, or received by at least a dozen other apps, including Gmail, Hangouts, LinkedIn, and Messenger. The now-ejected apps also collected messages sent and received by Whatsapp, Telegram, and Viber, which all encrypt data in an attempt to make it harder for attackers to intercept messages while in transit... To conceal their surveillance capabilities, the apps posed as utilities for cleaning unwanted files or backing up data. Google reports that the malicious apps also had these functions: Call recordingVOIP recordingRecording from the device microphoneLocation monitoringTaking screenshotsTaking photos with the device camera(s)Fetching device information and filesFetching user information (contacts, call logs, SMS, application-specific data) 12 hours later an antivirus provider reported two more Google Play apps could surreptitiously steal text messages by downloading a malicious plugin -- and that the apps had already been downloaded at least 100,000 times.

Read more of this story at Slashdot.

The US Congress Is Investigating Government Use Of Kaspersky Software

Slashdot - Sat, 07/29/2017 - 12:34
An anonymous reader quotes Reuters: A U.S. congressional panel this week asked 22 government agencies to share documents on Moscow-based cyber firm Kaspersky Lab, saying its products could be used to carry out "nefarious activities against the United States," according to letters seen by Reuters. The requests made on Thursday by the U.S. House of Representatives Committee on Science, Space and Technology are the latest blow to the antivirus company, which has been countering accusations by U.S. officials that it may be vulnerable to Russian government influence... The committee "is concerned that Kaspersky Lab is susceptible to manipulation by the Russian government, and that its products could be used as a tool for espionage, sabotage, or other nefarious activities against the United States," wrote the panel's Republican chairman, Lamar Smith, in the letters... A committee aide told Reuters the survey was a "first step" designed to canvas the U.S. government and that more action may follow depending on the results. Agencies contacted include both the Deparatment of Homeland Security and NASA. The committee wants to see internal risk assessments, plus a list of all systems using Kaspersky products and the names of government contractors using the software.

Read more of this story at Slashdot.

FreeRTOS-based remote I/O module offers isolated interfaces

LXer - Sat, 07/29/2017 - 11:41
Artila’s “RIO-2014PG” remote I/O module runs FreeRTOS on an Atmel SAM4E16E, and offers isolated Fast Ethernet, RS485, and analog and digital I/O. Artila Electronics, which is known primarily for its embedded Linux industrial computers such as the Matrix-700 and Matrix-710 IoT gateway, has more recently been getting into embedded gear that runs the open source […]

Systemd Named 'Lamest Vendor' At Pwnie Security Awards

Slashdot - Sat, 07/29/2017 - 11:34
Long-time Slashdot reader darkpixel2k shares a highlight from the Black Hat USA security conference. The Register reports: The annual Pwnie Awards for serious security screw-ups saw hardly anyone collecting their prize at this year's ceremony in Las Vegas... The gongs are divided into categories, and nominations in each section are voted on by the hacker community... The award for best server-side bug went to the NSA's Equation Group, whose Windows SMB exploits were stolen and leaked online this year by the Shadow Brokers... And finally, the lamest vendor response award went to Systemd supremo Lennart Poettering for his controversial, and perhaps questionable, handling of the following bugs in everyone's favorite init replacement: 5998, 6225, 6214, 5144, and 6237... "Where you are dereferencing null pointers, or writing out of bounds, or not supporting fully qualified domain names, or giving root privileges to any user whose name begins with a number, there's no chance that the CVE number will referenced in either the change log or the commit message," reads the Pwnie nomination for Systemd, referring to the open-source project's allergy to assigning CVE numbers. "But CVEs aren't really our currency any more, and only the lamest of vendors gets a Pwnie!" CSO has more coverage -- and presumably there will eventually be an official announcement up at Pwnies.com.

Read more of this story at Slashdot.

How Rust Can Replace C In Python Libraries

Slashdot - Sat, 07/29/2017 - 10:34
An anonymous reader quotes InfoWorld: Proponents of Rust, the language engineered by Mozilla to give developers both speed and memory safety, are stumping for the language as a long-term replacement for C and C++. But replacing software written in these languages can be a difficult, long-term project. One place where Rust could supplant C in the short term is in the traditionally C libraries used in other languages... [A] new spate of projects are making it easier to develop Rust libraries with convenient bindings to Python -- and to deploy Python packages that have Rust binaries. The article specifically highlights these four new projects: Rust-CPython - a set of bindings in Rust for the CPython runtime PyO3 - a basic way to write Rust software with bindings to Python in both directions. Snaek - lets developers create Rust libraries that are loaded dynamically into Python as needed, but don't rely on being linked statically against Python's runtime. Cookiecutter PyPackage Rust Cross-Platform Publish - simplifies the process of bundling Rust binaries with a Python library.

Read more of this story at Slashdot.

Set Up WordPress with Optimal .htaccess Settings

LXer - Sat, 07/29/2017 - 09:46
If you are a WordPress user then you probably have met the .htaccess file. The .htaccess file allows you to make configuration changes on a per-directory basis and it is very useful in case you want to enable/disable additional functionality and features for your site. In this tutorial, we are going to show you how to set up a basic WordPress site with optimal .htaccess settings on a VPS running Ubuntu 16.04 as an operating system.

Scientists Genetically Engineer the World's First Blue Chrysanthemum

Slashdot - Sat, 07/29/2017 - 09:34
sciencehabit shares an article from Science magazine: True blue flowers are a rarity in nature -- they occur only in select species like morning glories and delphiniums. Now, researchers have created a genuinely blue chrysanthemum by adding two genes to the normally pink or reddish flower. The advance could be applied to other species -- and it may mean that florists wanting to hawk blooms of blue will no longer have to dye them... The next step for Noda and his colleagues is to make blue chrysanthemums that can't reproduce and spread into the environment, making it possible to commercialize the transgenic flower. But that approach could spell trouble in some parts of the world. "As long as GMO [genetically modified organism] continues to be a problem in Europe, blue [flowers] face a difficult economic future," predicts Ronald Koes, a plant molecular biologist at the University of Amsterdam who was not involved with the work.

Read more of this story at Slashdot.

So who exactly was to blame for Marketo losing its dotcom?

TheRegister - Sat, 07/29/2017 - 08:39
Company points finger at registrar; registrar points right back

Billion-dollar online marketing company Marketo had a bad week when it failed to renew its main dotcom domain name.…

Microsoft's 'Windows Subsystem For Linux' Finally Leaves Beta

Slashdot - Sat, 07/29/2017 - 08:34
An anonymous reader quotes Microsoft's Developer blog: Early adopters on the Windows Insider program will notice that Windows Subsystem for Linux is no longer marked as a beta feature as of Insider build 16251. This will be great news for those who've held-back from employing WSL as a mainline toolset: You'll now be able to leverage WSL as a day-to-day developer toolset, and become ever more productive when building, testing, deploying, and managing your apps and systems on Windows 10... What will change is that you will gain the added advantage of being able to file issues on WSL and its Windows tooling via our normal support mechanisms if you want/need to follow a more formal issue resolution process. You can also provide feedback via Windows 10 Feedback Hub app, which delivers feedback directly to the team. Microsoft points out that distro-publishers are still responsible for supporting and fixing the internals of their distros -- and they have no plans to support X/GUI apps or desktops. And of course, Linux files are not currently accessible from Windows -- though Microsoft says they're working on a fix.

Read more of this story at Slashdot.

Experian CIO: 4 ingredients for API success

LXer - Sat, 07/29/2017 - 07:52
Experian CIO shares lessons learned as his team geared into the speed of API
Syndicate content