Feed aggregator

Open Invention Network is Rendered Obsolete in the Wake of Alice and It’s Not Even Useful in Combating Microsoft’s Patent Trolls

LXer - Mon, 09/24/2018 - 05:58
Changes at the US Patent and Trademark Office (USPTO) and in US courts’ outcomes may have already meant that patent trolls rather than software patents in general are a growing threat, including those that Microsoft is backing, funding and arming to put legal pressure on GNU/Linux (and compel people/companies to host GNU/Linux instances on Azure for patent ‘protection’ from these trolls)

UKIP doubled price of condoms for sale at party conference

TheRegister - Mon, 09/24/2018 - 05:47
Give the punters what they want until they can hardly stand or afford it

UKIP screwed its members at the weekend by doubling the price of branded condoms for sale at the party's conference as supplies started to run dry.…

ModSecurity and nginx

Linux Journal - Mon, 09/24/2018 - 05:30
by Elliot Cooper

nginx is the web server that's replacing Apache in more and more of the world's websites. Until now, nginx has not been able to benefit from the security ModSecurity provides. Here's how to install ModSecurity and get it working with nginx.

Earlier this year the popular open-source web application firewall, ModSecurity, released version 3 of its software. Version 3 is a significant departure from the earlier versions, because it's now modularized. Before version 3, ModSecurity worked only with the Apache web server as a dependent module, so there was no way for other HTTP applications to utilize ModSecurity. Now the core functionality of ModSecurity, the HTTP filtering engine, exists as a standalone library, libModSecurity, and it can be integrated into any other application via a "connector". A connector is a small piece of code that allows any application to access libModSecurity.

A Web Application Firewall (WAF) is a type of firewall for HTTP requests. A standard firewall inspects data packets as they arrive and leave a network interface and compares the properties of the packets against a list of rules. The rules dictate whether the firewall will allow the packet to pass or get blocked.

ModSecurity performs the same task as a standard firewall, but instead of looking at data packets, it inspects HTTP traffic as it arrives at the server. When an HTTP request arrives at the server, it's first routed through ModSecurity before it's routed on to the destination application, such as Apache2 or nginx. ModSecurity compares the inbound HTTP request against a list of rules. These rules define the form of a malicious or harmful request, so if the incoming request matches a rule, ModSecurity blocks the request from reaching the destination application where it may cause harm.

The following example demonstrates how ModSecurity protects a WordPress site. The following HTTP request is a non-malicious request for the index.php file as it appears in Apache2's log files:

GET /index.php HTTP/1.1

This request does not match any rules, so ModSecurity allows it onto the web server.

WordPress keeps much of its secret information, such as the database password, in a file called wp-config.php, which is located in the same directory as the index.php file. A careless system administrator may leave this important file unprotected, which means a web server like Apache or nginx happily will serve it. This is because they will serve any file that is not protected by specific configuration. This means that the following malicious request:

GET /wp-config.php HTTP/1.1

will be served by Apache to whomever requests it.

Go to Full Article

As one Microsoft Windows product hauls itself out of the grave, others tumble in

TheRegister - Mon, 09/24/2018 - 05:19
'Twas the night before Ignite and the October 2018 Update is stirring

As much of the Microsoft world packed up and headed for Ignite, new builds and a surprising resurrection filled a busy week in Redmond.…

UK.gov won't Airwave bye for another 3 years, plans to phase in ESN services

TheRegister - Mon, 09/24/2018 - 04:37
Hello Moto: Cops, ambulance, fire to get data services next year, voice to follow

The Home Office has overhauled its plans to replace the UK's emergency services radio infrastructure with a 4G network, extending the lifespan of the existing network by three years and offering users early access to some services.…

Alcohol Causes One In 20 Deaths Worldwide, Says WHO

Slashdot - Mon, 09/24/2018 - 04:10
An anonymous reader quotes a report from The Guardian: Alcohol is responsible for more than 5% of all deaths worldwide, or around 3 million a year, new figures have revealed. The data, part of a report from the World Health Organization, shows that about 2.3 million of those deaths in 2016 were of men, and that almost 29% of all alcohol-caused deaths were down to injuries -- including traffic accidents and suicide. The report, which comes out every four years, reveals the continued impact of alcohol on public health around the world, and highlights that the young bear the brunt: 13.5% of deaths among people in their 20s are linked to booze, with alcohol responsible for 7.2% of premature deaths overall. It also stresses that harm from drinking is greater among poorer consumers than wealthier ones. While the proportion of deaths worldwide that have been linked to alcohol has fallen to 5.3% since 2012, when the figure was at 5.9%, experts say the findings make for sobering reading.

Read more of this story at Slashdot.

Some credential-stuffing botnets don't care about being noticed any more

TheRegister - Mon, 09/24/2018 - 04:03
They just take a battering ram to the gates

The bots spewing out malicious login attempts by the bucketload appear to have cranked it up a notch.…

Juniper's Contrail gets edgy, Cloudflare joins BGP club, and an $Important announcement

TheRegister - Mon, 09/24/2018 - 03:15
Listen up, it's the weekly network roundup

Juniper Networks this week pulled the covers off the latest in its Contrail range, a carrier edge product called Contrail Edge Cloud.…

PostgreSQL performance tuning for faster query execution

LXer - Mon, 09/24/2018 - 02:44
PostgreSQL is a reliable open source database available in many modern distribution's repository. The ease of use, the ability to use extensions and the stability it provides all add to it's popularity. While providing the base functionality, like answering to SQL queries, store inserted data consistently, handling transactions, etc. most mature database solutions provide tools and know-hows on how to tune the database, identify possible bottlenecks, and be able to solve performance problems bound to happen as the system powered by the given solution grows.

How an over-zealous yank took down the trading floor of a US bank

TheRegister - Mon, 09/24/2018 - 02:15
A minute's malfunction? Mere millions

Who, Me? Good Monday morning, Reg readers, and welcome once more to Who, Me? – our regular trip down memory lane for those with something to get off their chest.…

Famed Mathematician Claims Proof of 160-Year-Old Riemann Hypothesis

Slashdot - Mon, 09/24/2018 - 01:07
Slashdot reader OneHundredAndTen writes: Sir Michael Atiyah claims to have proved the Riemann hypothesis. This is not some internet crank, but one the towering figures of mathematics in the second half of the 20th century. The thing is, he's almost 90 years old. According to New Scientist, Atiyah is set to present his "simple proof" of the Riemann hypothesis on Monday at the Heidelberg Laureate Forum in Germany. Atiyah has received two awards often referred to as the Nobel prizes of mathematics, the Fields medal and the Abel Prize; he also served as president of the London Mathematical Society, the Royal Society and the Royal Society of Edinburgh. "[T]he hypothesis is intimately connected to the distribution of prime numbers, those indivisible by any whole number other than themselves and one," reports New Scientist. "If the hypothesis is proven to be correct, mathematicians would be armed with a map to the location of all such prime numbers, a breakthrough with far-reaching repercussions in the field."

Read more of this story at Slashdot.

Alibaba crafts AI chips, Facebook uses Bayesian magic to tweak code performance, and more

TheRegister - Mon, 09/24/2018 - 00:25
Your dose of machine-learning medicine

Roundup Good morning – here's some machine-learning bits and bytes to kick start your week. If this sort of tech is right up your street, then perhaps check out our AI conference, M3, in London, England. OK, on with the show...…

Yes, you too, you can become a crypto-millionnaire

LXer - Sun, 09/23/2018 - 23:52
Cryptocurrencies rely on free and open source protocols such as Bitcoin and Ethereum. Ready to hodl ?

Meet the World's First Self-Driving Car From 1968

Slashdot - Sun, 09/23/2018 - 22:04
Qbertino writes: The German Web industry magazine T3N (think of it as the German TechCrunch) has an article about a test circuit and a test vehicle -- a modified Mercedes Benz limousine of the time -- that was set up by the German tire manufacturer Continental in order to test tires in a precisely reproducible set of tests. Hence the self-driving mechanism provided by a wire in the test track to send and receive signals from the car and to record data on the test runs on magnetic tape and other high-tech stuff from the time. Here's a short video, erm, film clip showing the setup in action -- driverless seat included. Today's artificial intelligence is nowhere to be seen of course, but the entire setup itself seems pretty impressive and sophisticated.

Read more of this story at Slashdot.

How To Install and Use Docker Compose on Ubuntu 18.04

LXer - Sun, 09/23/2018 - 21:01
Docker Compose is a tool that allows you to define and manage multi-container Docker applications. It uses a YAML file to configure the application's services, networks and volumes.

How Qualcomm Tried and Failed To Steal Intel's Crown Jewel

Slashdot - Sun, 09/23/2018 - 20:02
An anonymous reader shares an article from Bloomberg: In early November, Qualcomm Chairman Paul Jacobs stood on a stage in the heart of Silicon Valley and vowed to break Intel's stranglehold on the world's most lucrative chip business. The mobile internet and cloud computing were booming and the data centers running this digital economy had an insatiable thirst for computer servers -- and especially the powerful, expensive server chips that Intel churns out by the million. Qualcomm had spent five years and hundreds of millions of dollars designing competing processors, trying to expand beyond its mobile business. Jacobs was leading a coming-out party featuring tech giants like Microsoft and HP, which had committed to try the new gear. "That's an industry that's been very slow moving, very complacent," Jacobs said on stage. "We're going to change that." Less than a year later, this once-promising business is in tatters, according to people familiar with the situation. Most of the key engineers are gone. Big customers are looking elsewhere or going back to Intel for the data center chips they need. Efforts to sell the operation -- including a proposed management buyout backed by SoftBank -- have failed, the people said. Jacobs, chief backer of the plan and the son of Qualcomm's founder, is out, too. The demise is a story of debt-fueled dealmaking and executive cost-cutting pledges in the face of restless investors seeking quick returns -- exactly the wrong environment for the painstaking and expensive task of building a new semiconductor business from scratch. It leaves Qualcomm more reliant on a smartphone market that's plateaued. And Intel's server chip boss is happy.

Read more of this story at Slashdot.

Japan's Two Hopping Rovers Successfully Land On Asteroid Ryugu

Slashdot - Sun, 09/23/2018 - 19:01
sharkbiter shares a report from Space.com: The suspense is over: Two tiny hopping robots have successfully landed on an asteroid called Ryugu -- and they've even sent back some wild postcards from their new home. The tiny rovers are part of the Japan Aerospace Exploration Agency's Hayabusa2 asteroid sample-return mission. Engineers with the agency deployed the robots early Friday (Sept. 21), but JAXA waited until today (Sept. 22) to confirm the operation was successful and both rovers made the landing safely. In order to complete the deployment, the main spacecraft of the Hayabusa2 mission lowered itself carefully down toward the surface until it was just 180 feet (55 meters) up. After the rovers were on their way, the spacecraft raised itself back up to its typical altitude of about 12.5 miles above the asteroid's surface (20 kilometers). The agency still has two more deployments yet to accomplish before it can rest easy: Hayabusa2 is scheduled to deploy a larger rover called MASCOT in October and another tiny hopper next year. And of course, the main spacecraft has a host of other tasks to accomplish during its stay at Ryugu -- most notably, to collect a sample of the primitive world to bring home to Earth for laboratory analysis. JAXA tweeted on Saturday: "We are sorry we have kept you waiting! MINERVA-II1 consists of two rovers, 1a & 1b. Both rovers are confirmed to have landed on the surface of Ryugu. They are in good condition and have transmitted photos & data. We also confirmed they are moving on the surface."

Read more of this story at Slashdot.

How To Change Linux Hostname In Ubuntu, Debian, Mint, Kali, CentOS, RedHat?

LXer - Sun, 09/23/2018 - 18:09
Hostname is used to name the systems. Normally the computer networks work with IP addresses in order to identify and communicate. But hostname provides human friendly way to name, identify, communicate with other systems.

Researchers Create 'Spray-On' 2D Antennas

Slashdot - Sun, 09/23/2018 - 17:23
In a study published in Science Advances, researchers in Drexel's College of Engineering describe a method for spraying invisibly thin antennas, made from a type of two-dimensional, metallic material called MXene, that perform as well as those being used in mobile devices, wireless routers and portable transducers. Phys.Org reports: The researchers, from the College's Department of Materials Science and Engineering, report that the MXene titanium carbide can be dissolved in water to create an ink or paint. The exceptional conductivity of the material enables it to transmit and direct radio waves, even when it's applied in a very thin coating. Preserving transmission quality in a form this thin is significant because it would allow antennas to easily be embedded -- literally, sprayed on -- in a wide variety of objects and surfaces without adding additional weight or circuitry or requiring a certain level of rigidity. Initial testing of the sprayed antennas suggest that they can perform with the same range of quality as current antennas, which are made from familiar metals, like gold, silver, copper and aluminum, but are much thicker than MXene antennas. Making antennas smaller and lighter has long been a goal of materials scientists and electrical engineers, so this discovery is a sizable step forward both in terms of reducing their footprint as well as broadening their application.

Read more of this story at Slashdot.

Judge Orders Cloudflare To Turn Over Identifying Data In Copyright Case

Slashdot - Sun, 09/23/2018 - 15:21
Cal Jeffrey reporting for TechSpot: Back in May, several studios started targeting movie-pirating sites and services. Dallas Buyers Club, Cobbler Nevada, Bodyguard Productions, and several other copyright owners filed a lawsuit against ShowBox, a movie-streaming app for mobile devices. The companies tried pressuring CDN and DDoS protection provider Cloudflare into releasing information on the operators of some of these platforms. However, Cloudflare told them if they wanted such information they would have to get it the right way -- through legal action. The plaintiffs did just that. A subpoena was issued in the case from a federal court in Hawaii. The documents were not made public, but TorrentFreak was able to obtain a portion of the subpoena from a source. The court order demands the details of the operators behind the Showboxbuzz website, Showbox.software, website Rawapk, Popcorn Time, and others. Cloudflare has not filed a motion to quash, so it appears likely that the company will hand over the requested data.

Read more of this story at Slashdot.

Syndicate content