Slashdot

WordPress Hacks Behind Surging Neutrino EK Traffic

msm1267 writes: More than 2,000 websites running WordPress have been compromised and are responsible for a surge this week in traffic from the Neutrino Exploit Kit. Attacks against sites running older versions of the content management system, 4.2 and earlier, were spotted by Zscaler. Those sites are backdoored and redirect a victim's browser through iframes to a landing page hosting the exploit kit where a Flash exploit awaits. The exploits generally target Internet Explorer, Zscaler said, and victims' computers are eventually infected with CryptoWall 3.0 ransomware. This analysis is in line with a similar report from the SANS Institute, which pointed the finger at a particular cybercrime group that had steered away from using the prolific Angler Exploit Kit and moved operations to Neutrino.

Read more of this story at Slashdot.

Two US Marines Foil Terrorist Attack On Train In France

hcs_$reboot writes: A heavily armed gunman opened fire aboard a packed high-speed train traveling from Amsterdam to Paris late Friday afternoon, wounding several passengers before he was tackled and subdued by two Americans Marines. The assault was described as a terrorist attack. President Barack Obama has expressed his gratitude for the "courage and quick thinking" of the passengers on a high-speed train in France, including U.S. service members, who overpowered the gunman. Bernard Cazeneuve, the French interior minister, paid tribute to the Marines as he arrived at the scene, and said "Thanks to them we have averted a drama. The Americans were particularly courageous and showed extreme bravery in extremely difficult circumstances."

Read more of this story at Slashdot.

Extortionists Begin Targeting AshleyMadison Users, Demand Bitcoin

tsu doh nimh writes: It was bound to happen: Brian Krebs reports that extortionists have begun emailing people whose information is included in the leaked Ashleymadison.com user database, threatening to find and contact the target's spouse and alert them if the recipient fails to cough up 1 Bitcoin. Krebs interviews one guy who got such a demand, a user who admits to having had an affair after meeting a woman on the site and who is now worried about the fallout, which he said could endanger his happily married life with his wife and kids. Perhaps inevitable: two Canadian law firms have filed a class action lawsuit against the company, seeking more than half a billion dollars in damages.

Read more of this story at Slashdot.

Ask Slashdot: Do You Press "6" Key With Right Or Left Hand?

New submitter ne0phyte73 writes: In some countries and in some touch typing books key "6" is pressed with right hand and in some others with left. It's not a big issue until you have a split keyboard. Guys at UHK are putting it on the left side. Do you agree? What hand do you use to press "6"? Left hand here, but it's not a strong preference; I'll take a keyboard that omits Caps Lock wherever they put the 6.

Read more of this story at Slashdot.

Object Storage and POSIX Should Merge

storagedude writes: Object storage's low cost and ease of use have made it all the rage, but a few additional features would make it a worthier competitor to POSIX-based file systems, writes Jeff Layton at Enterprise Storage Forum. Byte-level access, easier application portability and a few commands like open, close, read, write and lseek could make object storage a force to be reckoned with. 'Having an object storage system that allows byte-range access is very appealing,' writes Layton. 'It means that rewriting applications to access object storage is now an infinitely easier task. It can also mean that the amount of data touched when reading just a few bytes of a file is greatly reduced (by several orders of magnitude). Conceptually, the idea has great appeal. Because I'm not a file system developer I can't work out the details, but the end result could be something amazing.'

Read more of this story at Slashdot.

Amazon Work-Life Balance Defender: Prior Employer Nearly Killed Me and My Team

theodp writes: New York Times Public Editor Margaret Sullivan questions whether her paper's portrayal of Amazon's brutal workplace was on target, citing a long, passionate response in disagreement from Nick Ciubotariu, a head of infrastructure development at Amazon. Interestingly, Ciubotariu — whose take on Amazon's work-life balance ("I've never worked a single weekend when I didn't want to") was used as Exhibit A by CEO Jeff Bezos to refute the NYT's report — wrote last December of regretting his role as an enabler of his team's "Death March" at a former employer (perhaps Microsoft, judging by Ciubotariu's LinkedIn profile and his essay's HiPo and Vegas references). "I asked if there were any questions," wrote Ciubotariu of a team meeting. "Nadia, one of my Engineers, had one: 'Nick, when will this finally end?' As I looked around the room, I saw 9 completely broken human beings. We had been working over 100 hours a week for the past 2 months. Two of my Engineers had tears on their faces. I did my best to keep from completely breaking down myself. With my voice choking, I looked at everyone, and said: 'This ends right now'." Ciubotariu added, "I hope they can forgive me for being an enabler of their death march, however unwilling, and that I ultimately didn't do enough to stop it. As a 'reward' for all this, I calibrated #1 overall in my organization, and received yet another HiPo nomination and induction, at the cost of a shattered family life, my health, and a broken team. I don't think I ever felt worse in my entire career. If I could give it all back, I would, in an instant, no questions asked. Physically and mentally, I took about a year to heal."

Read more of this story at Slashdot.

Gamers Are Fans of Games, Not Genres

_xeno_ writes: A recent article on Steam Spy talks about how a "target audience" for game genres doesn't exist — or, more specifically, how there is no such thing as an "FPS gamer" or an "MMO gamer" or a "MOBA gamer." The majority of players tend to be fans of specific games, rather than genres. For example, the wildly popular MMO World of Warcraft managed to reach over 10 million players at its peak. However, these players never became "MMO gamers" — they were simply World of Warcraft gamers. As World of Warcraft's subscriber numbers fall, there's been no corresponding uptick in subscribers of other, competing MMOs. In fact, pretty much ever MMO released since World of Warcraft has been forced to move to a "free-to-play" model simply to survive. The article explains how the majority of gamers concentrate on a very small number of games, rarely trying new games: they're fans of a specific game, not any game that plays like it.

Read more of this story at Slashdot.

MIT 3D Prints With Glass

An anonymous reader writes: MIT's Mediated Matter Group has published a paper and a video about their new technique for 3D printing with glass. The top part of their printer is a kiln that heats the glass to temperatures of approximately 1900 degrees Fahrenheit, causing it to melt. The molten glass is then passed through an alumina-zircon-silica nozzle, which moves just like an extruder on normal 3D printers. "The frame of the printer is constructed out of 80/20 aluminum stock and square steel tube. They used three independent stepper motors and a lead screw gantry system and drivers which were controlled via an Arduino and a RAMPS 1.4 Arduino shield." The device's makers say, "The tunability enabled by geometrical and optical variation driven by form, transparency and color variation can drive; limit or control light transmission, reflection and refraction, and therefore carries significant implications for all things glass."

Read more of this story at Slashdot.

Meet Linux's Newest File-System: Bcachefs

An anonymous reader writes: Bcachefs is a new open-source file-system derived from the bcache Linux kernel block layer cache. Bcachefs was announced by Kent Overstreet, the lead Bcache author. Bcachefs hopes to provide performance like XFS/EXT4 while having features similar to Btrfs and ZFS. The bachefs on-disk format hasn't yet been finalized and the code isn't yet ready for the Linux kernel. That said, initial performance results are okay and "It probably won't eat your data — but no promises." Features so far for Bcachefs are support for multiple devices, built-in caching/tiering, CRC32C checksumming, and Zlib transparent compression. Support for snapshots is to be worked on.

Read more of this story at Slashdot.

The Real NASA Technologies In 'The Martian'

An anonymous reader writes: On October 2, movie audiences will get to see Ridley Scott's adaptation of Andy Weir's brilliant sci-fi novel The Martian, about a near-future astronaut who gets left for dead on the planet Mars. (Official trailer.) Both book and film are rooted in actual science, and NASA has now posted a list of technologies featured in the movie that either already exist, or are in development. For example, the Mars rover: "On Earth today, NASA is working to prepare for every encounter with the Multi-Mission Space Exploration Vehicle (MMSEV). The MMSEV has been used in NASA's analog mission projects to help solve problems that the agency is aware of and to reveal some that may be hidden. The technologies are developed to be versatile enough to support missions to an asteroid, Mars, its moons and other missions in the future." They also show off their efforts to develop water reclamation, gardens in space, and oxygen recovery.

Read more of this story at Slashdot.

Do You Have a Right To Use Electrical Weapons?

An anonymous reader writes: David Cravets points out a growing debate in U.S. constitutional law: does the second amendment grant the same rights regarding electrical weapons as it does for traditional firearms? A Massachusetts ban on private ownership of stun-guns being considered by the Supreme Court, and it's unclear whether such ownership has constitutional protection. The state's top court didn't think so: "... although modern handguns were not in common use at the time of enactment of the Second Amendment, their basic function has not changed: many are readily adaptable to military use in the same way that their predecessors were used prior to the enactment. A stun gun, by contrast, is a thoroughly modern invention (PDF). Even were we to view stun guns through a contemporary lens for purposes of our analysis, there is nothing in the record to suggest that they are readily adaptable to use in the military." The petitioner is asking the court (PDF) to clarify that the Second Amendment covers non-lethal weapons used for self-defense. Constitutional law expert Eugene Volokh agrees: "Some people have religious or ethical compunctions about killing. ... Some adherents to these beliefs may therefore conclude that fairly effective non-deadly defensive tools are preferable to deadly tools."

Read more of this story at Slashdot.

A New Take on Wearable Devices

minstrelmike writes: A company called Polyera is working on a wrist-worn device with a flexible, fabric-like screen that uses e-Ink technology and can go days without recharging. "Right now we design electronic devices that are built on rigid little bricks, so our devices end up looking like rigid little bricks. We wanted to make a fundamental technology that would completely open up the design capabilities. Now we're playing with materials that are more warm, and integrating electronics with materials that are more like leather than they are metal or glass." Their device is touch-sensitive and has much more usable screen space than most wrist-borne devices, which comes at the cost of being lower-resolution and grayscale.

Read more of this story at Slashdot.

Firefox Will Run Chrome Extensions

An anonymous reader writes: Today Mozilla announced some big changes to its extension support. Their new addon API, WebExtensions, is mostly compatible with the extension model used by Chrome and Opera. In short, this means we'll soon see cross-platform browser extensions. They say, "For some time we've heard from add-on developers that our APIs could be better documented and easier to use. In addition, we've noticed that many Firefox add-on developers also maintain a Chrome, Safari, or Opera extension with similar functionality. We would like add-on development to be more like Web development: the same code should run in multiple browsers according to behavior set by standards, with comprehensive documentation available from multiple vendors."

Read more of this story at Slashdot.

City of Munich Struggling With Basic Linux Functionality

jones_supa writes: Just like the city planned a year ago, Munich is still calling for a switch back to Windows from LiMux, their Ubuntu derivative. The councilors from Munich's conservative CSU party have called the operating system installed on their laptops "cumbersome to use" and "of very limited use." The letter from the two senior members of the city's IT committee (PDF in German) asks the mayor to consider removing the Linux-based OS and to install Windows and Office. "There are no programs for text editing, Skype, Office etc. installed and that prevents normal use," the letter argues. Another complaint from councilors is that "the lack of user permissions makes them of limited use." These kind of arguments raise eyebrows, as all that functionality is certainly found on Linux.

Read more of this story at Slashdot.

Jeb Bush Comes Out Against Encryption

An anonymous reader writes: Presidential candidate Jeb Bush has called on tech companies to form a more "cooperative" arrangement with intelligence agencies. During a speech in South Carolina, Bush made clear his opinion on encryption: "If you create encryption, it makes it harder for the American government to do its job — while protecting civil liberties — to make sure that evildoers aren't in our midst." He also indicated he felt the recent scaling back of the Patriot Act went too far. Bush says he hasn't seen any indication the bulk collection of phone metadata violated anyone's civil liberties.

Read more of this story at Slashdot.

Twenty Years Later, Nintendo's Virtual Boy Is Still an Oddity

An anonymous reader writes: Nintendo launched its Virtual Boy gaming console twenty years ago today. Expectations were high after the company sold tends of millions of its previous devices, but the Virtual Boy only sold about 770,000 units. It was conceived at the height of the '90s VR craze, but the technology of the time just couldn't produce the kind of experience that Nintendo (or gamers) envisioned. An article from Benj Edwards provides insight into the Virtual Boy's development and its inevitable failure. "A major problem with the idea of making VR32 wearable, according to Makino, was that Nintendo engineers were concerned about placing a chip with high radio emissions near a user's head, since the safety of EMF radiation on the brain had yet to be thoroughly studied. Its proximity also produced visual noise in the displays. 'This meant that the internal CPU had to be covered by a metal plate,' says Makino, 'which made the whole system too heavy, forcing the goggle concept to be abandoned.' Not long after, Yokoi's console evolved from a strap-on headset into a heavier device that one could prop up onto one's face using a clumsy shoulder stand. Again, Nintendo's legal department feared liability issues; the device might cause children to fall down a stairwell while playing. ... Hobbled by liability concerns, VR32 soon evolved into a bulky red viewport mounted to a bi-pod that rested on a table."

Read more of this story at Slashdot.

San Jose May Put License Plate Scanners On Garbage Trucks

An anonymous reader writes: It's bad enough that some places have outfitted their police vehicles with automated license plate scanners, but now the city of San Jose may take it one step further. They're considering a proposal to install plate readers on their fleet of garbage trucks. This would give them the ability to blanket virtually every street in the city with scans once a week. San Jose officials made this proposal ostensibly to fight car theft, but privacy activists have been quick to point out the unintended consequences. ACLU attorney Chris Conley said, "If it's collected repeatedly over a long period of time, it can reveal intimate data about you like attending a religious service or a gay bar. People have a right to live their lives without constantly being monitored by the government." City councilman Johnny Khamis dismissed such criticism: "This is a public street. You're not expecting privacy on a public street."

Read more of this story at Slashdot.

New Blood-Cleansing Device Removes Pathogens, Toxins From Blood

jan_jes writes: A team of scientists at the Wyss Institute last year described the development of a device to treat sepsis that works by mimicking the human spleen. The device cleanses pathogens and toxins from blood flowing through a dialysis-like circuit. Now the team has developed an improved device that works with conventional antibiotic therapies and is better positioned for near-term use in clinics. The improved design will be described in the October issue of Biomaterials. This approach can be administered quickly, even without identifying the infectious agent.

Read more of this story at Slashdot.

Linux Foundation Project Will Evaluate Security of Open Source Software

An anonymous reader writes: The Core Infrastructure Initiative (CII), a project managed by The Linux Foundation, is developing a new free Badge Program, seeking input from the open source community on the criteria to be used to determine security, quality and stability of open source software. The first draft of the criteria is available on GitHub and is spearheaded by David A. Wheeler, an open source and security research expert who works for the Institute for Defense Analyses and is also coordinating the CII's Census Project, and Dan Kohn, a senior adviser on the CII.

Read more of this story at Slashdot.

MDM Vulnerability In Apple iOS Sandbox Facilitates 'Rogue Apps'

An anonymous reader writes: A vulnerability in Apple's iOS sandbox, which could affect personal information as well as configuration settings, has been discovered by Appthority's Enterprise Mobility Threat Team. It affects all mobile device management (MDM) clients, and any mobile applications distributed by an MDM that use the "Managed App Configuration" setting for private data. An attacker could potentially create a rogue app, perhaps masquerading as a productivity tool to increase the chances of it getting installed, and then distribute the attack by means of the iTunes store or "spear fishing" email attacks.

Read more of this story at Slashdot.

Pages