Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Businesses

Win Or Lose, Discrimination Suit Is Having an Effect On Silicon Valley 57

Posted by samzenpus
from the to-pay-or-not-to-pay-that-is-the-question dept.
SpzToid sends word that the Ellen Pao vs. Kleiner Perkins Caufield & Byers discrimination case wrapped up yesterday. No matter what the outcome turns out to be, it has already effected how business is being done in Silicon Valley. "'Even before there's a verdict in this case, and regardless of what the verdict is, people in Silicon Valley are now talking,' said Kelly Dermody, managing partner at Lieff Cabraser Heimann & Bernstein, who chairs the San Francisco law firm's employment practice group. 'People are second-guessing and questioning whether there are exclusionary practices [and] everyday subtle acts of exclusion that collectively limit women's ability to succeed or even to compete for the best opportunities. And that's an incredibly positive impact.' Women in tech have long complained about an uneven playing field — lower pay for equal work, being passed over for promotions and a hostile 'brogrammer' culture — and have waited for a catalyst to finally overhaul the status quo. This trial — pitting a disgruntled, multimillionaire former junior partner against a powerful Menlo Park, Calif., venture capital firm — was far from the open-and-shut case that many women had hoped for. More gender discrimination suits against big tech firms are expected to follow; some already have, including lawsuits against Facebook Inc. and Twitter Inc."
Government

GAO Denied Access To Webb Telescope Workers By Northrop Grumman 42

Posted by samzenpus
from the sorry-you-can't-come-in dept.
schwit1 writes In a report as well as at House hearings today the GAO reported that Northrop Grumman has denied them one-on-one access to workers building the James Webb Space Telescope. "The interviews, part of a running series of GAO audits of the NASA flagship observatory, which is billions of dollars overbudget and years behind schedule, were intended to identify potential future trouble spots, according to a GAO official. But Northrop Grumman Aerospace, which along with NASA says the $9 billion project is back on track, cited concerns that the employees, 30 in all, would be intimidated by the process." To give Northrop Grumman the benefit of the doubt, these interviews were a somewhat unusual request. Then again, if all was well why would they resist? Note too that the quote above says the cost of the telescope project is now $9 billion. If the project was "back on track" as the agency and Northrop Grumman claim, then why has the budget suddenly increased by another billion?
Businesses

PayPal To Pay $7.7 Million For Sanctions Violations 40

Posted by samzenpus
from the pay-up dept.
jfruh writes PayPal may not be a bank, but it's still legally required to follow regulations on transferring money — but the company has admitted to a number of violations, including allowing transfers to an individual specifically sanctioned by the U.S. State Department for helping proliferate nuclear weapons. From Ars: "On Wednesday afternoon, PayPal reached a settlement with the US Treasury Department, agreeing that it would pay $7.7 million for allegedly processing payments to people in countries under sanction as well as to a man the US has listed as involved in the nuclear weapons black market. The company neither confirmed nor denied the allegations, but it voluntarily handed over its transaction data to the US Department of Treasury’s Office of Foreign Assets Control (OFAC)."
Australia

Australia Passes Mandatory Data Retention Law 61

Posted by timothy
from the what's-in-the-box dept.
Bismillah writes Opposition from the Green Party and independent members of parliament wasn't enough to stop the ruling conservative Liberal-National coalition from passing Australia's new law that will force telcos and ISPs to store customer metadata for at least two years. Journalists' metadata is not exempted from the retention law, but requires a warrant to access. The metadata of everyone else can be accessed by unspecified government agencies without a warrant however.
Data Storage

Micron and Intel Announce 3D NAND Flash Co-Development To Push SSDs Past 10TB 42

Posted by timothy
from the 10TB-can-hold-quite-a-few-home-movies dept.
MojoKid writes Both Micron and Intel noted in a release today that traditional planar NAND flash memory is reaching a dead-end, and as such, have been working together on 3D memory technology that could open the floodgates for high densities and faster speeds. Not all 3D memory is alike, however. This joint development effort resulted in a "floating gate cell" being used, something not uncommon for standard flash, but a first for 3D. Ultimately, this 3D NAND is composed of flash cells stacked 32 high, resulting in 256Gb MLC and 384Gb TLC die that fit inside of a standard package. That gives us 48GB per die, and up to 750GB in a single package. Other benefits include faster performance, reduced cost, and technologies that help extend the life of the memory.
Encryption

Generate Memorizable Passphrases That Even the NSA Can't Guess 170

Posted by timothy
from the exercise-for-the-reader dept.
HughPickens.com writes Micah Lee writes at The Intercept that coming up with a good passphrase by just thinking of one is incredibly hard, and if your adversary really is capable of one trillion guesses per second, you'll probably do a bad job of it. It turns out humans are a species of patterns, and they are incapable of doing anything in a truly random fashion. But there is a method for generating passphrases that are both impossible for even the most powerful attackers to guess, yet very possible for humans to memorize. First, grab a copy of the Diceware word list, which contains 7,776 English words — 37 pages for those of you printing at home. You'll notice that next to each word is a five-digit number, with each digit being between 1 and 6. Now grab some six-sided dice (yes, actual real physical dice), and roll them several times, writing down the numbers that you get. You'll need a total of five dice rolls to come up with each word in your passphrase. Using Diceware, you end up with passphrases that look like "cap liz donna demon self", "bang vivo thread duct knob train", and "brig alert rope welsh foss rang orb". If you want a stronger passphrase you can use more words; if a weaker passphrase is ok for your purpose you can use less words. If you choose two words for your passphrase, there are 60,466,176 different potential passphrases. A five-word passphrase would be cracked in just under six months and a six-word passphrase would take 3,505 years, on average, at a trillion guesses a second.

After you've generated your passphrase, the next step is to commit it to memory.You should write your new passphrase down on a piece of paper and carry it with you for as long as you need. Each time you need to type it, try typing it from memory first, but look at the paper if you need to. Assuming you type it a couple times a day, it shouldn't take more than two or three days before you no longer need the paper, at which point you should destroy it. "Simple, random passphrases, in other words, are just as good at protecting the next whistleblowing spy as they are at securing your laptop," concludes Lee. "It's a shame that we live in a world where ordinary citizens need that level of protection, but as long as we do, the Diceware system makes it possible to get CIA-level protection without going through black ops training."
Bug

'Bar Mitzvah Attack' Plagues SSL/TLS Encryption 8

Posted by timothy
from the process-not-product dept.
ancientribe writes Once again, SSL/TLS encryption is getting dogged by outdated and weak options that make it less secure. This time, it's the weak keys in the older RC4 crypto algorithm, which can be abused such that an attacker can sniff credentials or other data in an SSL session, according to a researcher who revealed the hack today at Black Hat Asia in Singapore. A slice: Bar Mitzvah exploits the weak keys used by RC4 and allows an attacker to recover plain text from the encrypted information, potentially exposing account credentials, credit card data, or other sensitive information. And unlike previous SSL hacks, this one doesn't require an active man-in-the-middle session, just passive sniffing or eavesdropping on SSL/TLS-encrypted connections, [researcher Itsik] Mantin says. But MITM could be used as well, though, for hijacking a session, he says.
Bug

MIT Debuts Integer Overflow Debugger 26

Posted by timothy
from the measure-twice-cut-once dept.
msm1267 writes Students from M.I.T. have devised a new and more efficient way to scour raw code for integer overflows, the troublesome programming bugs that serve as a popular exploit vector for attackers and often lead to the crashing of systems. Researchers from the school's Computer Science and Artificial Intelligence Laboratory (CSAIL) last week debuted the platform dubbed DIODE, short for Directed Integer Overflow Detection. As part of an experiment, the researchers tested DIODE on code from five different open source applications. While the system was able to generate inputs that triggered three integer overflows that were previously known, the system also found 11 new errors. Four of the 11 overflows the team found are apparently still lingering in the wild, but the developers of those apps have been informed and CSAIL is awaiting confirmation of fixes.
Security

RSA Conference Bans "Booth Babes" 231

Posted by timothy
from the can-I-ask-you-some-technical-questions dept.
netbuzz writes In what may be a first for the technology industry, RSA Conference 2015 next month apparently will be bereft of a long-controversial trade-show attraction: "booth babes." New language in its exhibitor contract, while not using the term 'booth babe," leaves no doubt as to what type of salesmanship RSA wants left out of its event. Says a conference spokeswoman: "We thought this was an important step towards making all security professionals feel comfortable and equally respected during the show." Easier at a venue like RSA; the annual Consumer Electronics Show, not so much.
Transportation

German Auto Firms Face Roadblock In Testing Driverless Car Software 127

Posted by timothy
from the and-what-if-that-man-was-your-mother?! dept.
An anonymous reader writes As nations compete to build the first operational autonomous car, German auto-manufacturers fear that current domestic laws limit their efforts to test the appropriate software for self-driving vehicles on public roads. German carmakers are concerned that these roadblocks are allowing U.S. competitors, such as Google, to race ahead in their development of software designed to react effectively when placed in real-life traffic scenarios. Car software developers are particularly struggling to deal with the ethical challenges often raised on the road. For example when faced with the decision to crash into a pedestrian or another vehicle carrying a family, it would be a challenge for a self-driving car to follow the same moral reasoning a human would in the situation. 'Technologically we can do fully automated self-driving, but the ethical framework is missing,' said Volkswagen CEO Martin Winterkorn.
Medicine

Is the Apple Watch a Useful Medical Device? (Video) 44

Posted by Roblimo
from the all-we-want-is-for-you-to-be-happy-happy-happy dept.
Let's kill the suspense right away by answering the title question, 'Probably not.' For one thing, according to interviewee Alfred Poor, the Apple Watch is in no way linked to the Apple Research Kit. Dr. Poor is editor of the Health Tech Insider website, so he follows this kind of thing more carefully than most people. And the Apple watch is not the only device mentioned in this video (or transcript, if you prefer reading to listening). If you want to ruminate about the possibility of direct mind control, for instance, you need to know about the Thync, whose vendor calls it 'A groundbreaking wearable device that enables you to shift your state of mind in minutes.' They say it 'induces on-demand shifts in energy, calm, or focus.' It even has a 'pleasure' setting. Crank that to 11 and you might happily spend your days prone, being fed by a drip and emptied by a catheter, moving only when an attendant turns you over to keep bedsores from developing -- not that you'll care if they do -- as you spend the rest of your life in an artificially-induced joyful stupor.
Education

NJ School District Hit With Ransomware-For-Bitcoins Scheme 151

Posted by timothy
from the so-is-there-a-downside? dept.
An anonymous reader sends news that unidentified hackers are demanding 500 bitcoins, currently worth about $128,000, from administrators of a New Jersey school district. Four elementary schools in Swedesboro-Woolwich School District, which enroll more than 1,700 students, are now locked out of certain tasks: "Without working computers, teachers cannot take attendance, access phone numbers or records, and students cannot purchase food in cafeterias. Also, [district superintendent Dr. Terry C. Van Zoeren] explained, parents cannot receive emails with students grades and other information." According to this blog post from security company BatBlue, the district has been forced to postpone the Common Core-mandated PARCC state exams, too. Small comfort: "Fortunately the Superintendent told CBS 3’s Walt Hunter the hackers, using a program called Ransomware, did not access any personal information about students, families or teachers." Perhaps the administrators can take heart: Ransomware makers are, apparently, starting to focus more on product support; payment plans are probably on the way.
Input Devices

What Makes the Perfect Gaming Mouse? 173

Posted by timothy
from the give-it-a-lot-of-cocaine dept.
An anonymous reader writes A new article looks at the advanced technology that goes into many gaming mice favoured by professional gamers, from dedicated processors to custom weights for the sake of ergonomics, discussing the developments with designers at three top peripheral companies: Logitech, Razer and SteelSeries. Surprisingly, some factors that were once thought to have reached the limit of their usefulness, such as DPI sensitivity, are becoming more important again as screens get bigger and we make the move to 4K resolution. ... "With the rise of higher resolution screens, especially looking into 4K multi monitor systems and beyond, DPI might become an important factor in the future again, so we are not ruling out changes in the maximum tracking rate," says Razer CEO Min-Liang Tan.
Security

Many Password Strength Meters Are Downright Weak, Researchers Say 138

Posted by timothy
from the it's-like-pressing-the-walk-button dept.
alphadogg writes "Website password strength meters often tell you only what you want to hear rather than what you need to hear. That's the finding from researchers at Concordia University in Montreal, who examined the usefulness of those ubiquitous red-yellow-green password strength testers on websites run by big names such as Google, Yahoo, Twitter and Microsoft/Skype. The researchers used algorithms to send millions of 'not-so-good' passwords through these meters, as well as through the meters of password management services such as LastPass and 1Password, and were largely underwhelmed by what they termed wildly inconsistent results. Inconsistent can go both directions: I've seen password-strength meters that balked at absolutely everything (accepting weak passwords as good, after calling wildly long and random ones poor).
Facebook

Facebook Sued For Alleged Theft of Data Center Design 72

Posted by timothy
from the architectural-plans-want-to-be-free dept.
itwbennett writes British engineering company BladeRoom Group says it contacted Facebook in 2011 about using its technique, which involves constructing data centers in a modular fashion from pre-fabricated parts. What happened next isn't clear, since much of the public version of BRG's lawsuit is redacted. But it claims Facebook ended up stealing its ideas and using them to build part of a data center in Lulea, Sweden, that opened last year. 'Facebook's misdeeds might never have come to light had it decided that simply stealing BRG's intellectual property was enough,' the company said in its lawsuit, filed Monday at the federal district court in San Jose, California. "Instead, Facebook went further when it decided to encourage and induce others to use BRG's intellectual property though an initiative created by Facebook called the 'Open Compute Project.'"