Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
The Courts

Apple Wins iTunes DRM Case 187

Posted by Soulskill
from the drm-protected-history-is-written-by-the-victors dept.
An anonymous reader sends word that Apple's iTunes DRM case has already been decided. The 8-person jury took only a few hours to decide that the features introduced in iTunes 7.0 were good for consumers and did not violate antitrust laws. Following the decision, the plaintiff's head attorney Patrick Coughlin said an appeal is already planned. He also expressed frustrations over getting two of the security features — one that checks the iTunes database, and another that checks each song on the iPod itself — lumped together with the other user-facing features in the iTunes 7.0 update, like support for movies and games. "At least we got a chance to get it in front of the jury," he told reporters. ... All along, Apple's made the case that its music store, jukebox software, and hardware was simply an integrated system similar to video game consoles from Sony, Microsoft, and Nintendo. It built all those pieces to work together, and thus it would be unusual to expect any one piece from another company to work without issues, Apple's attorneys said. But more importantly, Apple offered, any the evolution of its DRM that ended up locking out competitors was absolutely necessary given deals it had with the major record companies to patch security holes.
Science

How Birds Lost Their Teeth 137

Posted by samzenpus
from the no-more-floss dept.
An anonymous reader writes A research team from the University of California, Riverside and Montclair State University, New Jersey, have found that the lack of teeth in all living birds can be traced back to a common ancestor who lived about 116 million years ago. From the article: "To solve this puzzle, the researchers used a recently created genome database that catalogues the genetic history of nearly all living bird orders--48 species in total. They were looking for two specific types of genes: one responsible for dentin, the substance that (mostly) makes up teeth, and another for the enamel that protects them. Upon finding these genes, researchers then located the mutations that deactivate them, and combed the fossil record to figure out when those mutations developed. They concluded that the loss of teeth and the development of the beak was a two-stage process, though the steps basically happened simultaneously. The paper states: 'In the first stage, tooth loss and partial beak development began on the anterior portion of both the upper and lower jaws. The second stage involved concurrent progression of tooth loss and beak development from the anterior portion of both jaws to the back of the rostrum.'"
The Military

Every Weapon, Armored Truck, and Plane the Pentagon Gave To Local Police 191

Posted by samzenpus
from the going-down-the-list dept.
v3rgEz writes You may have heard that the image-conscious Los Angeles Unified School District chose to return the grenade launchers it received from the Defense Department's surplus equipment program. You probably have not heard about some of the more obscure beneficiaries of the Pentagon giveaway, but now you can after MuckRock got the Department of Defense to release the full database, letting anyone browse what gear their local department has received.
Stats

'Moneyball' Approach Reduces Crime In New York City 218

Posted by timothy
from the precrime-works-citizens dept.
HughPickens.com writes The NYT reports that NY County District Attorney Cyrus Vance Jr.'s most significant initiative has been to transform, through the use of data, the way district attorneys fight crime. "The question I had when I came in was, Do we sit on our hands waiting for crime to tick up, or can we do something to drive crime lower?" says Vance. "I wanted to develop what I call intelligence-driven prosecution." When Vance became DA in 2009, it was glaringly evident that assistant D.A.s fielding the 105,000-plus cases a year in Manhattan seldom had enough information to make nuanced decisions about bail, charges, pleas or sentences. They were narrowly focused on the facts of cases in front of them, not on the people committing the crimes. They couldn't quickly sort minor delinquents from irredeemably bad apples. They didn't know what havoc defendants might be wreaking in other boroughs.
United Kingdom

UK Authorities Launching Massive Child Abuse Database 150

Posted by Soulskill
from the saving-gallons-of-eye-bleach dept.
mrspoonsi sends news that "Data taken from tens of millions of child abuse photos and videos will shortly be used as part of a new police system to aid investigations into suspected pedophiles across the UK." The Child Abuse Image Database (CAID) will be available to authorities starting December 11th. It's been populated with data seized in earlier investigations. The database assigns a hash to each photograph, so when a new drive full of illegal images is confiscated, it can immediately be plugged in and quickly scanned to see if there are any matches. It will also catalog GPS coordinates from Exif data.

The purpose of CAID is to eliminate the duplication of effort when investigating these photos. Often when storage drives are seized, they contain thousands or millions of images, and dozens of different police departments could end up unknowingly investigating the same victims. Law enforcement liaison officer Johann Hofmann said, "We're looking at 70, 80, up to 90% work load reduction. We're seeing investigations being reduced from months to days."
Social Networks

Crowd-Sourced Experiment To Map All Human Skills 70

Posted by samzenpus
from the what-can-you-do? dept.
spadadot writes French-based startup has just launched a website that will let you add your skills to a comprehensive map of human skills. As quoted from their website "We aim to build the largest, most accurate, multilingual skills database ever made, by allowing a diverse and skillful community to contribute their individual skills to the global map." The ontology is simple: skills can have zero or more sub-skills. Every new skill is available in all supported languages (only English and French at the moment). The crowdsourced data is free for non-commercial use."
Cloud

Amazon Goes After Oracle (Again) With New Aurora Database 102

Posted by samzenpus
from the brand-new dept.
Sez Zero writes with news about the latest from Amazon Web Services. "Once again Amazon Web Services is taking on Oracle, the kingpin of relational databases, with Aurora, a relational database that is as capable as 'proprietary database engines at 1/10 the cost,' according to AWS SVP Andy Jassy. Amazon is right that customers, even big Oracle customers who hesitate to dump tried-and-true database technology are sick of Oracle’s cost structure and refusal to budge from older licensing models. Still there are very few applications that are more “sticky” than databases, which after typically contains the keys to the kingdom. Financial institutions see their use of Oracle databases as almost a pre-requisite for compliance, although that perception may be changing."
Privacy

Judge Says Public Has a Right To Know About FBI's Facial Recognition Database 79

Posted by samzenpus
from the now-you-know dept.
schwit1 writes U.S. District Judge Tanya Chutkan said the bureau's Next Generation Identification program represents a "significant public interest" due to concerns regarding its potential impact on privacy rights and should be subject to rigorous transparency oversight. "There can be little dispute that the general public has a genuine, tangible interest in a system designed to store and manipulate significant quantities of its own biometric data, particularly given the great numbers of people from whom such data will be gathered," Chutkan wrote in an opinion.
Databases

Ask Slashdot: Choosing a Data Warehouse Server System? 147

Posted by timothy
from the index-cards-and-an-actual-warehouse dept.
New submitter puzzled_decoy writes The company I work has decided to get in on this "big data" thing. We are trying to find a good data warehouse system to host and run analytics on, you guessed it, a bunch of data. Right now we are looking into MSSQL, a company called Domo, and Oracle contacted us. Google BigQuery may be another option. At its core, we need to be able to query huge amounts of data in sometimes rather odd ways. We need a strong ETLlayer, and hopefully we can put some nice visual reporting service on top of wherever the data is stored. So, what is your experience with "big data" servers and services? What would you recommend, and what are the pitfalls you've encountered?
Earth

Using Naval Logbooks To Reconstruct Past Weather and Predict Future Climate 102

Posted by Soulskill
from the climate-change-destroyed-the-mermaid's-natural-habitat dept.
Lasrick writes: What a great idea: the Old Weather Project uses old logbooks to study the weather patterns of long ago, providing a trove of archival data to scientists who are trying to fill in the details of our knowledge about the atmosphere and the changing climate. "Pity the poor navigator who fell asleep on watch and failed to update his ship's logbook every four hours with details about its geographic position, time, date, wind direction, barometric readings, temperatures, ocean currents, and weather conditions." As Clive Wilkinson of the UK's National Maritime Museum adds, "Anything you read in a logbook, you can be sure that it is a true and faithful account."

The Old Weather Project uses citizen scientists to transcribe and digitize observations that were scrupulously recorded on a clockwork-like basis, and it is one of several that climate scientists are using to create "a three-dimensional computer simulation that will provide a continuous, century-and-a-half-long profile of the entire planet's climate over time" — the 20th Century Reanalysis Project. Data is checked and rechecked by three different people before entry into the database, and the logbook measurements are especially valuable because they were compiled at sea.
United Kingdom

Secret Policy Allows GCHQ Bulk Access To NSA Data 95

Posted by samzenpus
from the have-some-data dept.
hazeii writes Though legal proceedings following the Snowden revelations, Liberty UK have succeeded in forcing GCHQ to reveal secret internal policies allowing Britain's intelligence services to receive unlimited bulk intelligence from the NSA and other foreign agencies and to keep this data on a massive searchable databases, all without a warrant. Apparently, British intelligence agencies can "trawl through foreign intelligence material without meaningful restrictions", and can keep copies of both content and metadata for up to two years. There is also mention of data obtained "through US corporate partnerships". According to Liberty, this raises serious doubts about oversight of the UK Intelligence and Security Committee and their reassurances that in every case where GCHQ sought information from the US, a warrant for interception signed by a minister was in place.

Eric King, Deputy Director of Privacy international, said: "We now know that data from any call, internet search, or website you visited over the past two years could be stored in GCHQ's database and analyzed at will, all without a warrant to collect it in the first place. It is outrageous that the Government thinks mass surveillance, justified by secret 'arrangements' that allow for vast and unrestrained receipt and analysis of foreign intelligence material is lawful. This is completely unacceptable, and makes clear how little transparency and accountability exists within the British intelligence community."
Databases

Python-LMDB In a High-Performance Environment 98

Posted by Soulskill
from the fast-enough-to-cause-drama dept.
lkcl writes: In an open letter to the core developers behind OpenLDAP (Howard Chu) and Python-LMDB (David Wilson) is a story of a successful creation of a high-performance task scheduling engine written (perplexingly) in Python. With only partial optimization allowing tasks to be executed in parallel at a phenomenal rate of 240,000 per second, the choice to use Python-LMDB for the per-task database store based on its benchmarks, as well as its well-researched design criteria, turned out to be the right decision. Part of the success was also due to earlier architectural advice gratefully received here on Slashdot. What is puzzling, though, is that LMDB on Wikipedia is being constantly deleted, despite its "notability" by way of being used in a seriously-long list of prominent software libre projects, which has been, in part, motivated by the Oracle-driven BerkeleyDB license change. It would appear that the original complaint about notability came from an Oracle employee as well.
Security

Drupal Fixes Highly Critical SQL Injection Flaw 54

Posted by samzenpus
from the protect-ya-neck dept.
An anonymous reader writes Drupal has patched a critical SQL injection vulnerability in version 7.x of the content management system that can allow arbitrary code execution. The flaw lies in an API that is specifically designed to help prevent against SQL injection attacks. "Drupal 7 includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks," the Drupal advisory says. "A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution. Depending on the content of the requests this can lead to privilege escalation, arbitrary PHP execution, or other attacks."
Oracle

Oracle Database Certifications Are No Longer Permanent 108

Posted by Soulskill
from the you're-now-allowed-to-forget-things dept.
jfruh writes: It used to be that you could get an Oracle database certification and declare yourself Oracle-certified for the rest of your career. That time is now over, causing a certain amount of consternation among DBAs. On the one hand, it makes sense that someone who's only been certified on a decade-old version of the product should need to prove they've updated their skills. On the other, Oracle charges for certification and will definitely profit from this shift."
Security

Snapchat Says Users Were Victimized By Their Use of Third-Party Apps 90

Posted by Soulskill
from the illusion-of-impermanence dept.
Lucas123 writes: Reports that the servers of photo messaging site Snapchat were hacked are being denied by the company, which is now is saying its users were instead victimized by their use of third-party apps to send and receive Snaps. Hackers on 4chan have said broke into the site and they're preparing to release 200,000 photos or videos in their own database that will be searchable by Snapchatter name. According to one report, the third-party Snapchat client app enabled access for years to the data that was supposed have been deleted. The hackers have said they have a 13GB photo library. For its part, Snapchat in a statement reiterated its Terms of Use Policy, that "expressly prohibits" third-party app use "because they compromise our users' security."
Advertising

Why Do Contextual Ads Fail? 249

Posted by timothy
from the pandemic-tone-deafness dept.
minstrelmike writes If we give up all our privacy on-line for contextual ads, then how come so many of them are so far off the mark? Personal data harvesting for contextual ads and content should be a beautiful thing. They do it privately and securely, and it's all automated so that no human being actually learns anything about you. And then the online world becomes customized, just for you. The real problem with this scenario is that is we're paying for contextual ads and content with our personal data, but we're not getting what we pay for. Facebook advertising is off target and almost completely irrelevant. The question is: Why? Facebook has a database of our explicitly stated interests, which many users fill out voluntarily. Facebook sees what we post about. It knows who we interact with. It counts our likes, monitors our comments and even follows us around the Web. Yet, while the degree of personal data collection is extreme, the advertising seems totally random.
Medicine

Professor Kevin Fu Answers Your Questions About Medical Device Security 21

Posted by samzenpus
from the listen-up dept.
Almost a year ago you had a chance to ask professor Kevin Fu about medical device security. A number of events (including the collapse of his house) conspired to delay the answering of those questions. Professor Fu has finally found respite from calamity, coincidentally at a time when the FDA has issued guidance on the security of medical devices. Below you'll find his answers to your old but not forgotten questions.
Privacy

Dubai Police To Use Google Glass For Facial Recognition 122

Posted by samzenpus
from the watching-you-better dept.
cold fjord sends word about what the Dubai police plan on doing with their Google Glass. Police officers in Dubai will soon be able to identify suspects wanted for crimes just by looking at them. Using Google Glass and a custom-developed facial recognition software, Dubai police will be able to capture photos of people around them and search their faces in a database of people wanted for crimes ... When a match is made in the database, the Glass device will receive a notification. .... What's particularly interesting about the project is that facial recognition technology is banned by the Google Glass developer policy. ... The section of the policy that addresses such technology seems to disqualify the Dubai police force's plan for Glass."
United States

Obama Names National Medal of Science, Technology & Innovation Winners 53

Posted by samzenpus
from the have-a-medal dept.
alphadogg writes Computer scientists who made breakthroughs in areas such as software architectures and database management systems were among those named National Medal of Technology and Innovation winners by President Barack Obama. These awards, along with the National Medal of Science, are the nation's highest honors for achievement and leadership in advancing the fields of science and technology. Overall, 18 medalists were named.
Businesses

Ask Slashdot: Software Issue Tracking Transparency - Good Or Bad? 159

Posted by samzenpus
from the to-show-them-or-not-to-show-them dept.
First time accepted submitter Mike Sheen writes I'm the lead developer for an Australian ERP software outfit. For the last 10 years or so we've been using Bugzilla as our issue tracking system. I made this publicly available to the degree than anyone could search and view bugs. Our software is designed to be extensible and as such we have a number of 3rd party developers making customization and integrating with our core product.

We've been pumping out builds and publishing them as "Development Stream (Experimental / Unstable" and "Release Stream (Stable)", and this is visible on our support site to all. We had been also providing a link next to each build with the text showing the number of bugs fixed and the number of enhancements introduced, and the URL would take them to the Bugzilla list of issues for that milestone which were of type bug or enhancement.

This had been appreciated by our support and developer community, as they can readily see what issues are addressed and what new features have been introduced. Prior to us exposing our Bugzilla database publicly we produced a sanitized list of changes — which was time consuming to produce and I decided was unnecessary given we could just expose the "truth" with simple links to the Bugzilla search related to that milestone.

The sales and marketing team didn't like this. Their argument is that competitors use this against us to paint us as producers of buggy software. I argue that transparency is good, and beneficial — and whilst our competitors don't publish such information — but if we were to follow our competitors practices we simply follow them in the race to the bottom in terms of software quality and opaqueness.

In my opinion, transparency of software issues provides:

Identification of which release or build a certain issue is fixed.
Recognition that we are actively developing the software.
Incentive to improve quality controls as our "dirty laundry" is on display.
Information critical to 3rd party developers.
A projection of integrity and honesty.

I've yielded to the sales and marketing demands such that we no longer display the links next to each build for fixes and enhancements, and now publish "Development Stream (Experimental / Unstable" as simply "Development Stream") but I know what is coming next — a request to no longer make our Bugzilla database publicly accessible. I still have the Bugzilla database publicly exposed, but there is now only no longer the "click this link to see what we did in this build".

A compromise may be to make the Bugzilla database only visible to vetted resellers and developers — but I'm resistant to making a closed "exclusive" culture. I value transparency and recognize the benefits. The sales team are insistent that exposing such detail is a bad thing for sales.

I know by posting in a community like Slashdot that I'm going to get a lot of support for my views, but I'm also interested in what people think about the viewpoint that such transparency could be bad thing.

In seeking the unattainable, simplicity only gets in the way. -- Epigrams in Programming, ACM SIGPLAN Sept. 1982

Working...