Feed aggregator

Drone perves defeated by tinfoil houses

TheRegister - Tue, 01/16/2018 - 00:02
Boffins figure out when drones are watching, without decrypting the video stream

If a drone-creeper is snooping on you, you could catch them by grabbing the video stream – but what if it's encrypted?…

From the Field

LXer - Mon, 01/15/2018 - 23:43
Just released on 1-14-2018: the 4.15-rc8 Linux kernel. You can view the commit diff here, and more information is available from The Linux Kernel Archives.

Developer plots server virtualization comeback for XenServer

TheRegister - Mon, 01/15/2018 - 23:03
Plans open source revival of XCP, to go places Citrix won’t

Moves are afoot to revive Xen Cloud Platform (XCP), the open source version of XenServer that existed independently of Citrix before the company released its code to the Xen Project and made its own efforts open source.…

China's first space station to – ahem – de-orbit in late March

TheRegister - Mon, 01/15/2018 - 22:01
Tiangong-1 is out of control and can't keep it up any more

Predictions are firming up for when China's Tiangong-1 spacecraft will make its final re-entry-crash-and-burn.…

KDE Plasma 5.12 LTS Enters Beta, Brings Unified Look and Phone Integration

LXer - Mon, 01/15/2018 - 21:48
The KDE Project announced a few moments ago the release of the beta version of the upcoming KDE Plasma 5.12 LTS desktop environment for GNU/Linux operating systems.

Why You Shouldn't Stifle Your Sneeze

Slashdot - Mon, 01/15/2018 - 21:30
An anonymous reader quotes a report from The Guardian: In a season where colds are rife, holding your nose and closing your mouth might seem like a considerate alternative to an explosive "Achoo!" But doctors have warned of the dangers of such a move after a man was found to have ruptured the back of his throat when attempting to stifle a sneeze. Medics say the incident, which they detail in the British Medical Journal Case Reports, came to light when a 34-year old man arrived in A&E with a change to his voice, a swollen neck, pain when swallowing and a popping sensation in his neck after he pinched his nose to contain an expulsion. The team took scans of the man's neck to investigate and discovered bubbles of air in the tissues at the back of the throat, and in the neck from the base of the skull to halfway down the man's back. That, they say, suggested a tear had occurred at the back of the throat as a result of increased pressure from the stifled sneeze, leading to air collecting in his soft tissues. The authors warn that blocking the nostrils and mouth when sneezing is dangerous, noting that while tearing of the throat tissue is rare, it could result in a ruptured eardrum or even a brain aneurysm.

Read more of this story at Slashdot.

SpaceX and Boeing Slated For Manned Space Missions By Year's End

Slashdot - Mon, 01/15/2018 - 20:45
schwit1 shares a report from Fortune, covering NASA's announcement last week that it expects SpaceX to conduct a crewed test flight by the end of the year: SpaceX's crewed test flight is slated for December, after an uncrewed flight in August. Boeing will also be demonstrating its CST-100 Starliner capsule, with a crewed flight in November following an uncrewed flight in August. NASA's goal is to launch crews to the ISS from U.S. soil, a task that has fallen to Russia's space program since the retirement of the U.S. Space Shuttle program in 2011. NASA began looking for private launch companies to take over starting in 2010, and contracted both SpaceX and Boeing in 2014 to pursue crewed launches. The push to restore America's crewed spaceflight capacity has been delayed in part, according to a detailed survey by Ars Technica, by Congress redirecting funds in subsequent years. The test flights could determine whether Boeing or SpaceX conducts the first U.S. commercial space launch to the ISS. Whichever company gets that honor may also claim a symbolic U.S. flag stuck to a hatch on the space station. Sources speaking to Ars describe the race between the two companies as too close to call, and say that a push to early 2019 is entirely possible. But in an apparent vote of confidence, NASA has already begun naming astronauts to helm the flights.

Read more of this story at Slashdot.

Google's Museum App Finds Your Fine Art Doppelganger

Slashdot - Mon, 01/15/2018 - 20:05
The latest update to the Google Arts & Culture app now lets you take a selfie, and using image recognition, finds someone in its vast art collection that most resembles you. It will then present you and your fine art twin side-by-side, along with a percentage match, and let you share the results on social media. Engadget reports: The app, which appears to be unfortunately geo-restricted to the United States, is like an automated version of an article that circulated recently showing folks standing in front of portraits at museums. In many cases, the old-timey people in the paintings resemble them uncannily, but, other than in rare cases, that's not the case at all with Google's app. Google matched me with someone who doesn't look like me in the slightest, a certain Sir Peter Francois Bourgeois, based on a painting hanging in Dulwich Picture Gallery. Taking a buzz around the internet, other folks were satisfied with their matches, some took them as a personal insult, and many were just plain baffled, in that order.

Read more of this story at Slashdot.

Canada charges chap alleged to run stolen data-mart Leakedsource

TheRegister - Mon, 01/15/2018 - 19:59
Unlike similar services, this one sold purloined passwords

The Royal Canadian Mounted Police has announced it has cuffed and charged a man for selling stolen identities and passwords at LeakedSource.com.…

2 scientific calculators for the Linux desktop

LXer - Mon, 01/15/2018 - 19:54
Every Linux desktop environment comes with at least a simple desktop calculator, but most of those simple calculators are just that: a simple tool for simple calculations.Fortunately, there are exceptions; programs that go far beyond square roots and a couple of trigonometric functions, yet are still easy to use. Here are two powerful calculator tools for Linux, plus a couple of bonus options.read more

10 Years of the MacBook Air

Slashdot - Mon, 01/15/2018 - 19:25
Ten years ago today, Steve Jobs introduced the MacBook Air. "Apple's Macworld 2008 was a special one, taking place just days after the annual Consumer Electronics Show had ended and Bill Gates bid farewell to Microsoft," The Verge recalls. "Jobs introduced the MacBook Air by removing it from a tiny paper office envelope, and the crowd was audibly shocked at just how small and thin it was..." From the report: At the time, rivals had thin and light laptops on the market, but they were all around an inch thick, weighed 3 pounds, and had 8- or 11-inch displays. Most didn't even have full-size keyboards, but Apple managed to create a MacBook Air with a wedge shape so that the thickest part was still thinner than the thinnest part of the Sony TZ Series -- one of the thinnest laptops back in 2008. It was a remarkable feat of engineering, and it signaled a new era for laptops. Apple ditched the CD drive and a range of ports on the thin MacBook Air, and the company introduced a multi-touch trackpad and SSD storage. There was a single USB 2.0 port, alongside a micro-DVI port and a headphone jack. It was minimal, but the price was not. Apple's base MacBook Air cost $1,799 at the time, an expensive laptop even by today's standards.

Read more of this story at Slashdot.

Bad benchmarks bedevil boffins' infosec efforts

TheRegister - Mon, 01/15/2018 - 18:58
'Benchmark crimes' understate true performance impact of security controls

A group of operating systems specialists has said that sloppy benchmarking is harming security efforts by making it hard to assess the likely performance impact of security countermeasures.…

Renewable Energy Set To Be Cheaper Than Fossil Fuels By 2020, Says Report

Slashdot - Mon, 01/15/2018 - 18:45
An anonymous reader quotes a report from The Independent: Continuous technological improvements have led to a rapid fall in the cost of renewable energy in recent years, meaning some forms can already comfortably compete with fossil fuels. The report suggests this trend will continue, and that by 2020 "all the renewable power generation technologies that are now in commercial use are expected to fall within the fossil fuel-fired cost range." Of those technologies, most will either be at the lower end of the cost range or actually undercutting fossil fuels. "This new dynamic signals a significant shift in the energy paradigm," said Adnan Amin, director-general of the International Renewable Energy Agency (IREA), which published the report. "Turning to renewables for new power generation is not simply an environmentally conscious decision, it is now -- overwhelmingly -- a smart economic one." The report looked specifically at the relative cost of new energy projects being commissioned. As renewable energy becomes cheaper, consumers will benefit from investment in green infrastructure. The current cost for fossil fuel power generation ranges from around 4p to 12p per kilowatt hour across G20 countries. By 2020, IREA predicted renewables will cost between 2p and 7p, with the best onshore wind and solar photovoltaic projects expected to deliver electricity by 2p or less next year.

Read more of this story at Slashdot.

'Very High Level of Confidence' Russia Used Kaspersky Software For Devastating NSA Leaks

Slashdot - Mon, 01/15/2018 - 18:03
bricko shares a report from Yahoo Finance: Three months after U.S. officials asserted that Russian intelligence used popular antivirus company Kaspersky to steal U.S. classified information, there are indications that the alleged espionage is related to a public campaign of highly damaging NSA leaks by a mysterious group called the Shadow Brokers. In August 2016, the Shadow Brokers began leaking classified NSA exploit code that amounted to hacking manuals. In October 2017, U.S. officials told major U.S. newspapers that Russian intelligence leveraged software sold by Kaspersky to exfiltrate classified documents from certain computers. (Kaspersky software, like all antivirus software, requires access to everything stored on a computer so that it can scan for malicious software.) And last week the Wall Street Journal reported that U.S. investigators "now believe that those manuals [leaked by Shadow Brokers] may have been obtained using Kaspersky to scan computers on which they were stored." Members of the computer security industry agree with that suspicion. "I think there's a very high level of confidence that the Shadow Brokers dump was directly related to Kaspersky ... and it's very much attributable," David Kennedy, CEO of TrustedSec, told Yahoo Finance. "Unfortunately, we can only hear that from the intelligence side about how they got that information to see if it's legitimate."

Read more of this story at Slashdot.

Wi-Fi Alliance announces WPA3 to secure modern networks

LXer - Mon, 01/15/2018 - 18:00
The alliance announced the Wi-Fi Protected Access 3 (WPA3), a new standard of Wi-Fi security that greatly increases the security capabilities of the wireless standard. WPA2, which is the current standard in wireless security, has been around for 14 years, so this is way overdue.

Microsoft extends patent protection shield on-premises

TheRegister - Mon, 01/15/2018 - 17:58
Azure Stack users invited under ‘IP Advantage’ umbrella

Microsoft’s extended its “Azure IP Advantage” litigation protection shield to on-premises technology, by applying it to the Azure Stack hybrid-cloud-in-a-box systems.…

OnePlus Customers Report Credit Card Fraud After Buying From the Company's Website

Slashdot - Mon, 01/15/2018 - 17:20
If you purchased a OnePlus smartphone recently from the official OnePlus website, you might want to check your transactions to make sure there aren't any you don't recognize. "A poll was posted on the OnePlus forum on Thursday asking users if they had noticed fraudulent charges on their credit cards since purchasing items on the OnePlus site," reports Android Police. "More than 70 respondents confirmed that they had been affected, with the majority saying they had bought from the site within the past 2 months." From the report: A number of FAQs and answers follow, in which OnePlus confirms that only customers who made credit card payments are affected, not those who used PayPal. Apparently, card info isn't stored on the site but is instead sent directly to a "PCI-DSS-compliant payment processing partner" over an encrypted connection. [...] OnePlus goes on to say that intercepting information should be extremely difficult as the site is HTTPS encrypted, but that it is nevertheless carrying out a complete audit. In the meantime, affected customers are advised to contact their credit card companies immediately to get the payments canceled/reversed (called a chargeback). OnePlus will continue to investigate alongside its third-party service providers, and promises to update with its findings as soon as possible. According to infosec firm Fidus, there is actually a brief window in which data could be intercepted. Between entering your card details into the form and hitting 'submit,' the details are apparently hosted on-site, which could give attackers all the time they need to steal those precious digits and head off on a spending spree. Fidus also notes that the company doesn't appear to be PCI-compliant, but that directly contradicts OnePlus' own statement. We'll have to wait until more details emerge before we pass judgment. Here's OnePlus' official statement on the matter: "At OnePlus, we take information privacy extremely seriously. Over the weekend, members of the OnePlus community reported cases of unknown credit card transactions occurring on their credit cards post purchase from oneplus.net. We immediately began to investigate as a matter of urgency, and will keep you updated. This FAQ document will be updated to address questions raised."

Read more of this story at Slashdot.

From the Field

Linux Journal - Mon, 01/15/2018 - 16:58

News digest for January, 15, 2018.

Just released on 1-14-2018: the 4.15-rc8 Linux kernel. You can view the commit diff here, and more information is available from The Linux Kernel Archives. more>>

City-Owned Internet Services Offer Cheaper and More Transparent Pricing, Says Harvard Study

Slashdot - Mon, 01/15/2018 - 16:43
An anonymous reader quotes a report from Ars Technica: Municipal broadband networks generally offer cheaper entry-level prices than private Internet providers, and the city-run networks also make it easier for customers to find out the real price of service, a new study from Harvard University researchers found. Researchers collected advertised prices for entry-level broadband plans -- those meeting the federal standard of at least 25Mbps download and 3Mbps upload speeds -- offered by 40 community-owned ISPs and compared them to advertised prices from private competitors. The report by researchers at the Berkman Klein Center for Internet & Society at Harvard doesn't provide a complete picture of municipal vs. private pricing. But that's largely because data about private ISPs' prices is often more difficult to get than information about municipal network pricing, the report says. In cases where the researchers were able to compare municipal prices to private ISP prices, the city-run networks almost always offered lower prices. This may help explain why the broadband industry has repeatedly fought against the expansion of municipal broadband networks.

Read more of this story at Slashdot.

Linux kernel mailing list back online; Meltdown and Spectre vulnerabilities; Mobile OS eelo; Barcelona now using Linux

Linux Journal - Mon, 01/15/2018 - 16:15

News digest for January, 15, 2018.

Just released on 1-14-2018: the 4.15-rc8 Linux kernel. You can view the commit diff here, and more information is available from The Linux Kernel Archives. more>>

Syndicate content