Feed aggregator

New Linux Distro Created Specifically for Windows 10

LXer - Sun, 09/23/2018 - 15:18
What’s important to note, however, is that WLinux is available on the Microsoft Store with a $19.99 price, but the distro is offered for a limited time with a 50 percent discount, so it costs just $9.99.

Wendy's Faces Lawsuit For Unlawfully Collecting Employee Fingerprints

Slashdot - Sun, 09/23/2018 - 14:20
An anonymous reader quotes a report from ZDNet: A class-action lawsuit has been filed in Illinois against fast food restaurant chain Wendy's accusing the company of breaking state laws in regards to the way it stores and handles employee fingerprints. The complaint is centered around Wendy's practice of using biometric clocks that scan employees' fingerprints when they arrive at work, when they leave, and when they use the Point-Of-Sale and cash register systems. Plaintiffs, represented by former Wendy's employees Martinique Owens and Amelia Garcia, claim that Wendy's breaks state law -- the Illinois Biometric Information Privacy Act (BIPA) -- because the company does not make employees aware of how it handles their data. More specifically, the lawsuit claims that Wendy's does not inform employees in writing of the specific purpose and length of time for which their fingerprints were being collected, stored, and used, as required by the BIPA, and nor does it obtain a written release from employees with explicit consent to obtain and handle the fingerprints in the first place. Wendy's also doesn't provide a publicly available retention schedule and guidelines for permanently destroying employees' fingerprints after they leave the company, plaintiffs said. [The plaintiffs also claim that Wendy's sends this data to a third-party without their consent.]

Read more of this story at Slashdot.

IAU Ad Hoc Committee Publishes Revised Set of Definitions For SETI Terms

Slashdot - Sun, 09/23/2018 - 13:19
RockDoctor writes: An ad hoc committee of the International Astronomical Union has been working for 5 months on revisions and clarifications to the definitions of various terms used in technical and popular discussions of SETI -- the Search For Extraterrestrial Intelligence. They've published their draft report. The terms of reference -- to account for existing popular and technical uses of the terms -- should mean that no major changes in usage occur, but interesting points do emerge from the discussion paper. For example, in discussing the term "extraterrestrial," their proposed definition ("shorthand for life or technology not originating recently on Earth") includes cover for possibilities such as "panspermia" which may be popular in "popular science," but certainly are not popular in the technical discussions. They go on to discuss that "by this definition, life on another planet with a common origin to Earth life but which diverged billions of years ago would be extraterrestrial, but Earth life accidentally brought to Mars on a human-built lander would not." Waiting for the invasion of the pedants, clutching their feet in their hands.

Read more of this story at Slashdot.

PlayStation Now Is Making Its Games Downloadable

Slashdot - Sun, 09/23/2018 - 12:18
PlayStation revealed in a blog post that PS Now subscribers will be able to download most PS4 and PS2 games currently in the PS Now Library and play them locally, offline. "Almost all PS4 games in the service, including Bloodborne, God of War 3 Remastered, NBA 2K16, and Until Dawn, will be available for download, in addition to the PS Now lineup of classic PS2 games remastered for PS4," the announcement reads. "This feature will be gradually rolled out to PS Now subscribers over the next couple of days, so if you don't see the feature on your PS Now today, make sure to check back again soon." Kotaku reports: While being connected to the internet isn't required to play PS Now games once they've been downloaded, the support page says your system will have to go online "every few days" in order to validate the PS Now subscription. In the past, PS Now had been exclusively for streaming games to your PS4. When it was announced in 2014, it was building off of Sony's 2012 acquisition of the Gaikai video game streaming service. While it offered a way for people to play older games on the newer console (since, unlike Xbox One, the PS4 isn't backwards compatible), it was hardly ideal due to problems with latency and its reliance on a consistently strong internet connection. Honestly, the only surprise here is that Sony didn't make this move sooner.

Read more of this story at Slashdot.

Coding Error Sends 2019 Subaru Ascents To the Car Crusher

Slashdot - Sun, 09/23/2018 - 11:17
An anonymous reader quotes a report from IEEE Spectrum: [A] software remedy can't solve Subaru's issue with 293 of its 2019 Ascent SUVs. All 293 of the SUVs that were built in July will be scrapped because they are missing critical spot welds. According to Subaru's recall notice [PDF] filed with the U.S. National Highway Transportation Safety Administration, the welding robots at the Subaru Indiana Automotive plant in Lafayette, Ind., were improperly coded, which meant the robots omitted the spot welds required on the Ascents' B-pillar. Consumer Reports states that the B-pillar holds the second-row door hinges. As a result, the strength of the affected Ascents' bodies may be reduced, increasing the possibility of passenger injuries in a crash. Subaru indicated in the recall that "there is no physical remedy available; therefore, any vehicles found with missing welds will be destroyed." Luckily, only nine Ascents had been sold, and those customers are going to receive new vehicles. The rest were on dealer lots or in transit.

Read more of this story at Slashdot.

MIT Develops New Type of Battery That Gobbles Up Carbon Dioxide

Slashdot - Sun, 09/23/2018 - 10:16
MIT has developed a new type of battery that could be made partly from carbon dioxide captured from power plants. "Rather than attempting to convert carbon dioxide to specialized chemicals using metal catalysts, which is currently highly challenging, this battery could continuously convert carbon dioxide into a solid mineral carbonate as it discharges," reports SciTechDaily. From the report: While still based on early-stage research and far from commercial deployment, the new battery formulation could open up new avenues for tailoring electrochemical carbon dioxide conversion reactions, which may ultimately help reduce the emission of the greenhouse gas to the atmosphere. The battery is made from lithium metal, carbon, and an electrolyte that the researchers designed. The findings are described today in the journal Joule, in a paper by assistant professor of mechanical engineering Betar Gallant, doctoral student Aliza Khurram, and postdoc Mingfu He. [...] Gallant and her co-workers, whose expertise has to do with nonaqueous (not water-based) electrochemical reactions such as those that underlie lithium-based batteries, looked into whether carbon-dioxide-capture chemistry could be put to use to make carbon-dioxide-loaded electrolytes -- one of the three essential parts of a battery -- where the captured gas could then be used during the discharge of the battery to provide a power output. This approach is different from releasing the carbon dioxide back to the gas phase for long-term storage, as is now used in carbon capture and sequestration, or CCS. That field generally looks at ways of capturing carbon dioxide from a power plant through a chemical absorption process and then either storing it in underground formations or chemically altering it into a fuel or a chemical feedstock. Instead, this team developed a new approach that could potentially be used right in the power plant waste stream to make material for one of the main components of a battery. While interest has grown recently in the development of lithium-carbon-dioxide batteries, which use the gas as a reactant during discharge, the low reactivity of carbon dioxide has typically required the use of metal catalysts. Not only are these expensive, but their function remains poorly understood, and reactions are difficult to control. By incorporating the gas in a liquid state, however, Gallant and her co-workers found a way to achieve electrochemical carbon dioxide conversion using only a carbon electrode. The key is to preactivate the carbon dioxide by incorporating it into an amine solution. "What we've shown for the first time is that this technique activates the carbon dioxide for more facile electrochemistry," Gallant says. "These two chemistries -- aqueous amines and nonaqueous battery electrolytes -- are not normally used together, but we found that their combination imparts new and interesting behaviors that can increase the discharge voltage and allow for sustained conversion of carbon dioxide." The approach reportedly works, producing a lithium-carbon dioxide battery with voltage and capacity that are competitive with that of state-of-the-art lithium-gas batteries," reports SciTechDaily. "Moreover, the amine acts as a molecular promoter that is not consumed in the reaction."

Read more of this story at Slashdot.

Instagram Says It's Not Working On a Regram Feature

Slashdot - Sun, 09/23/2018 - 09:15
Soon after The Verge reported that Instagram was working on a reshare feature, the company said that the function is "not happening." It told The Verge and TechCrunch that it's neither building nor testing a regram feature. Engadget reports: The Verge reported on Thursday that Instagram appeared to be working on a way for users to easily share others' posts in their own feed. The feature would be housed in the menu situated in the upper right-hand corner of each post and would give users the option to "share to feed." A source familiar with the feature provided The Verge with screenshots of posts shared with the feature, which the site noted looked like was in very early stages of development.

Read more of this story at Slashdot.

Ecuador Wanted To Make Julian Assange a Diplomat and Send Him To Moscow

Slashdot - Sun, 09/23/2018 - 08:14
An anonymous reader quotes a report from Ars Technica: Last year, Ecuador attempted to deputize WikiLeaks founder Julian Assange as one of its own diplomats and send him to Russia, according to a Friday report by Reuters. Citing an "Ecuadorian government document," which the news agency did not publish, Assange apparently was briefly granted a "special designation" to act as one of its diplomats, a privilege normally granted to the president for political allies. However, that status was then withdrawn when the United Kingdom objected. The Associated Press reported earlier in the week that newly-leaked documents showed that Assange sought a Russian visa back in 2010. WikiLeaks has vehemently denied that Assange did so.

Read more of this story at Slashdot.

Thieves Who Stole GPS Tracking Devices Were Caught Within Hours

Slashdot - Sun, 09/23/2018 - 07:34
"These devices kind of look like cell phone chargers, so they probably thought they had some kind of street value," said the co-founder of Roambee, a shipping-monitoring services company, in a classic story shared by Iwastheone: [He's] talking about the hundred or so GPS tracking devices that were stolen recently from the company's Dela Cruz Avenue labs. "The moment we realized they had a box of trackers, we went into recovery mode," Subramanian said. "We notified the police and equipped them to track the devices, and in about 5 or 6 hours, it was done...." It wasn't long before the police were using Roambee's software to locate the devices and the thieves. "We were able to pinpoint the location of these trackers to a warehouse in Union City and two of the devices had gone mobile, and the thieves were driving around with them in the East Bay," Subramanian said. The two men were arrested in Alameda. Before stealing 100 battery-powered GPS-tracking devices, one of the thieves also grabbed a beer out of the office refrigerator -- and cut themselves -- leaving behind both fingerprints and an actual blood sample. The company is now using this 2017 episode as an instructive case study. "Roambee wirelessly synced with all 100 devices and remotely set them to stealth mode (so there's no blinking LEDs to alert the thieves) and then switched the location reporting intervals from once every hour to once every minute."

Read more of this story at Slashdot.

Linux developers threaten to pull “kill switch”

LXer - Sun, 09/23/2018 - 05:15
Linux powers the internet, the Android in your pocket, and perhaps even some of your household appliances. A controversy over politics is now seeing some of its developers threatening to withdraw the license to all of their code, potentially destroying or making the whole Linux kernel unusable for a very long time.

Nmap-bootstrap-xsl Hack Creates Visually Appealing Nmap Scan Reports : Interview With Its Creator, Andreas Hontzia

LXer - Sun, 09/23/2018 - 01:50
As the title itself states, nmap-xsl-bootstrap, a brand-new utility or, better to say an Nmap hack, that helps in beautifying the regular Nmap output which comes out of your Nmap scans.

Why Attackers Are Using C# For Post-PowerShell Attacks

Slashdot - Sun, 09/23/2018 - 01:34
An anonymous Slashdot reader summarizes an article by a senior security researcher at Forecepoint Security Labs: Among cyber criminals, there has been a trend in recent years for using more so called 'fileless' attacks. The driver for this is to avoid detection by anti-virus. PowerShell is often used in these attacks. Part of the strategy behind fileless attacks is related to the concept of 'living off the land', meaning that to blend in and avoid detection, attackers strive for only using the tools that are natively available on the target system, and preferably avoiding dropping executable files on the file system. Recently, C# has received some attention in the security community, since it has some features that may make it more appealing to criminals than PowerShell. [Both C# and Powershell use the .NET runtime.] A Forcepoint researcher has summarized the evolvement of attack techniques in recent years, particularly looking at a recent security issue related to C# in a .NET utility in terms of fileless attacks. From the article: A recent example of C# being used for offensive purposes is the PowerShell/C# 'combo attack' noted by Xavier Mertens earlier this month in which a malware sample used PowerShell to compile C# code on the fly. Also, a collection of adversary tools implemented in C# was released. Further, an improved way was published for injecting shellcode (.NET assembly) into memory via a C# application.... Given recent trends it seems likely that we'll start to see an increased number of attacks that utilize C# -- or combinations of C# and PowerShell such as that featured in Xavier Mertens' SANS blog -- in the coming months.

Read more of this story at Slashdot.

Understanding Bitcoin’s Legacy: What Was Satoshi’s Bitcoin Vision?

LXer - Sat, 09/22/2018 - 22:59
Bitcoin’s code has been open source from the very beginning. (Satoshi) didn’t patent it or try to sell it. Meanwhile, his stash of roughly a million bitcoins, mined during the early days of the bitcoin network, has never been moved (aside from a few test transactions back in 2009). At its height in December 2017, Satoshi’s stash of one million bitcoins was worth about $20 billion, which would have made him the 44th richest man on the planet. Satoshi, however, does not appear to have ever touched his wealth. At the same time, Satoshi has not publicly revealed himself, which suggests he doesn’t care much about fame.

Slashdot Asks: Anyone Considering an Apple Watch 4?

Slashdot - Sat, 09/22/2018 - 21:44
Long-time Slashdot reader kwelch007 writes: I finally gave in, after years of Android loyalty, because the iPhone and Apple Watch just worked, so I was told (and it is true). I changed from my Motorola Maxx for an iPhone 7, because I wanted the Apple Watch. Shortly after, I purchased a second-hand Apple Watch Series 1. I have never looked back...and I'm happy with it. Last week, I was able to buy an Apple Watch Series 4 with the exact specs I wanted... Wow! The screen is a ton bigger than my Series 1. I noticed right away when it asked me to set my passcode...the buttons were WAY bigger! It truly has the "side-to-side" screen...it's noticable... "Walkie Talkie" is super convenient (used with my associate who told me that it was in stock at Best Buy...) Cool: 1) It's big, but not much bigger on your wrist than the 42mm versions previous...rather, the screen is bigger, brighter, and more usable. 2) The speakers and mics are far and away better than previous versions of the Apple Watch. But they don't yet have access to "the highly-touted 'ECG' capability". (Fortune reports it was only approved by America's FDA the day before the launch event -- and isn't yet available for "international" customers.) And the software also isn't ready yet for "Fall Protection," a feature which calls emergency responders if it detects that you've fallen to the ground and you don't respond to prompts for the next 60 seconds. ("The feature is automatic with Watch owners who identify themselves as 65 and up," USA Today reported last week.) "I spoke to several people in their 40s or 50s who said the same thing: they were already considering buying Series 4 watches for their parents for this feature alone," reported Daring Fireball, and both sites concluded that excitement was actually higher for Apple's new watches than it was for their new iPhones. ("We're talking about a device used by over a billion people -- the iPhone," writes USA Today, "compared with an accessory that analysts say have sold about 15 million units.") Daring Fireball acknowledges that the Apple Watch isn't the "nicest" watch in the world, but it's definitely the nicest if you compare it only to other smart watches and fitness trackers. (Though "that's like saying you're the richest person in the poorhouse.") But what do Slashdot readers think? Is anyone considering an Apple Watch 4?

Read more of this story at Slashdot.

How to Set Up SSH Keys on Ubuntu 18.04

LXer - Sat, 09/22/2018 - 20:07
In this tutorial we will walk through how to generate SSH keys on Ubuntu 18.04 machines. We will also show you how to setup a SSH key-based authentication and connect to your remote Linux servers without entering a password.

Huge Trove of Employee Records Discovered At Abandoned Toys 'R' Us

Slashdot - Sat, 09/22/2018 - 19:34
An anonymous reader writes: Hackaday recently engaged in a bit of urban exploration, taking a look inside of a recently purchased Toys "R" Us location that has been boarded up since the once giant toy store chain folded in June. Inside they found plenty of hardware left behind, from point-of-sale systems to the Cisco networking gear in the server room. But the most interesting find was on paper. In a back office, they found "several boxes" of personal information about the store's employees, from their medical records to photocopies of their driver's licenses and Social Security cards [and also tax forms]. A video included with the article gives the viewer an impression of just how large a collection of files were left behind. The author wonders if the situation in this particular store was a fluke, or if the other [800] Toys "R" Us locations were left in a similar state. The article calls it "a very surprising look at what get's left behind when the money runs out and the employees simply give up...." "We saw the great lengths the company went to protect customer information, so to see how little regard they had for their own people was honestly infuriating."

Read more of this story at Slashdot.

MIT's Elegant Schoolbus Algorithm Was No Match For Angry Parents

Slashdot - Sat, 09/22/2018 - 17:34
"Computers can solve your problem. You may not like the answer," writes the Boston Globe. Slashdot reader sandbagger explains: "Boston Public Schools asked MIT graduate students Sebastien Martin and Arthur Delarue to build an algorithm that could do the enormously complicated work of changing start times at dozens of schools -- and re-routing the hundreds of buses that serve them. In theory this would also help with student alertness...." MIT also reported that "Approximately 50 superfluous routes could be eliminated using the new method, saving the school district between $3 million and $5 million annually." The Globe reports: They took to the new project with gusto, working 14- and 15-hour days to meet a tight deadline -- and occasionally waking up in the middle of the night to feed new information to a sprawling MIT data center. The machine they constructed was a marvel. Sorting through 1 novemtrigintillion options -- that's 1 followed by 120 zeroes -- the algorithm landed on a plan that would trim the district's $100 million-plus transportation budget while shifting the overwhelming majority of high school students into later start times.... But no one anticipated the crush of opposition that followed. Angry parents signed an online petition and filled the school committee chamber, turning the plan into one of the biggest crises of Mayor Marty Walsh's tenure. The city summarily dropped it. The failure would eventually play a role in the superintendent's resignation... Big districts stagger their start times so a single fleet of buses can serve every school: dropping off high school students early in the morning, then circling back to get the elementary and middle school kids. If you're going to push high school start times back, then you've probably got to move a lot of elementary and middle schools into earlier time slots. The district knew that going in, and officials dutifully quizzed thousands of parents and teachers at every grade level about their preferred start times. But they never directly confronted constituents with the sort of dramatic change the algorithm would eventually propose -- shifting school start times at some elementary schools by as much as two hours. Even more... Hundreds of families were facing a 9:30 to 7:15 a.m. shift. And for many, that was intolerable. They'd have to make major changes to work schedules or even quit their jobs... Nearly 85% of the district had ended up with a new start time, and "In the end, the school start time quandary was more political than technical... This was a fundamentally human conflict, and all the computing power in the world couldn't solve it." But will the whole drama play out again? "Last year, even after everything went sideways in Boston, some 80 school districts from around the country reached out to the whiz kids from MIT, eager for the algorithm to solve their problems."

Read more of this story at Slashdot.

Solus 3.9999 ISO Refresh Released

LXer - Sat, 09/22/2018 - 17:05
While the release of Solus 4 isn’t around the corner for some time, the developers of this neat-looking and fast Linux distro have gone ahead and pushed a Solus 3 ISO refresh. They’ve called it Solus 3.9999.

Comcast Outbids Fox With $40 Billion Offer For Sky In Auction

Slashdot - Sat, 09/22/2018 - 16:34
Comcast outbid Rupert Murdoch's Twenty-First Century Fox after offering $40 billion in an auction on Saturday. According to Yahoo Finance, "The U.S. cable giant bid $22.59 a share for control of London-listed Sky, bettering a $20.49 dollars-a-share offer by Fox, Britain's Takeover Panel said." From the report: Buying Sky will make Philadelphia-based Comcast, which owns the NBC network and Universal Pictures, the world's largest pay-TV operator with around 52 million customers. Chairman and chief executive Brian Roberts has had his eye on Sky as a way to help counter declines in subscribers for traditional cable TV in its core U.S. market as viewers switch to video-on-demand services like Netflix and Amazon. Comcast's knock-out offer thwarted Murdoch's long-held ambition to win control of Sky, and is also a setback for U.S. entertainment giant Walt Disney which would have likely been its ultimate owner. Disney agreed a separate $71 billion deal to buy most of Fox's film and TV assets, including its existing 39 percent stake in Sky, in June and would have taken full ownership after a successful Fox takeover.

Read more of this story at Slashdot.

NSA's 'Codebreaker Challenge' Features Exploiting Blockchain To Steal Ethereum

Slashdot - Sat, 09/22/2018 - 15:34
"The National Security Agency's 2018 Codebreaker Challenge kicked off on Friday, 9/21, and runs through 12/31," writes Slashdot reader eatvegetables. Each year's challenge -- which is open to U.S. students -- comes with its own (fictitious) backstory which the organizers say is "meant for providing realistic context." This year's story? A new strain of ransomware has managed to penetrate several critical government networks and NSA has been called upon to assist in remediating the infection to prevent massive data losses. For each infected machine, an encrypted copy of the key needed to decrypt the ransomed files has been stored in a smart contract on the Ethereum blockchain* and is set to only be unlocked upon receipt of the ransom payment. Your mission is to ultimately (1) find a way to unlock the ransomware without giving in to the attacker's demands and (2) figure out a way to recover all of the funds already paid by other victims. * For the purposes of this challenge, a private blockchain has been created with no real monetary value associated with the Ether. "The first half focuses on network protocol analysis and binary reverse-engineering," writes eatvegetables, while "The second half is all about attempting to exploit the blockchain." An email address from "a recognized U.S. school or university" is required, and the original submission notes that America's college students "are already hard at work trying to push their school to the top of the leaderboard."

Read more of this story at Slashdot.

Syndicate content