Forgot your password?
typodupeerror

Catch up on stories from the past week (and beyond) at the Slashdot story archive

Firefox

Mozilla To Support Public Key Pinning In Firefox 32 63

Posted by Soulskill
from the pin-the-key-on-the-fox dept.
Trailrunner7 writes: Mozilla is planning to add support for public-key pinning in its Firefox browser in an upcoming version. In version 32, which would be the next stable version of the browser, Firefox will have key pins for a long list of sites, including many of Mozilla's own sites, all of the sites pinned in Google Chrome and several Twitter sites. Public-key pinning has emerged as an important defense against a variety of attacks, especially man-in-the-middle attacks and the issuance of fraudulent certificates. The function essentially ties a public key, or set of keys, issued by known-good certificate authorities to a given domain. So if a user's browser encounters a site that's presenting a certificate that isn't included in the set of pinned public keys for that domain, it will then reject the connection. The idea is to prevent attackers from using fake certificates in order to intercept secure traffic between a user and the target site.
Google

Google Testing Drone Delivery System: 'Project Wing' 52

Posted by Soulskill
from the ok-google-bring-me-a-pizza dept.
rtoz writes: Google's research division, Google X, is developing a fleet of drones to deliver goods. This drone delivery system is called "Project Wing," and Google X has been developing it in secret for the past two years. During a recent test in Australia, drones successfully delivered a first aid kit, candy bars, dog treats, and water to a couple of Australian farmers. The self-flying vehicle uses four electrically-driven propellers to get around, and it has a wingspan of about five feet. It weighs just under 19 pounds and can take off and land without a runway. Google's long-term goal is to develop drones that could be used for disaster relief by delivering aid to isolated areas.
Google

Google Wins $1.3 Million From Patent Troll 35

Posted by timothy
from the may-the-bridge-collapse-upon-you-and-your-family dept.
An anonymous reader writes Earlier this year, Google sued Beneficial Innovations for breach of contract, ostensibly in defense of its Doubleclick ad technology clients against whom Beneficial Innovations had filed suits despite Google having already paid licensing fees for the technology. Following Google's jury trial win, the company was originally awarded only 'nominal damages of $1 and a judicial order stopping Beneficial from going after more Doubleclick customers.' Now, however, the presiding judge has ruled that Google is entitled to some attorneys' fees in the amount of $1.3 million (PDF).
Open Source

Netflix Open Sources Internal Threat Monitoring Tools 20

Posted by timothy
from the how-they-watch-you-watching-them dept.
alphadogg (971356) writes Netflix has released three internal tools it uses to catch hints on the Web that hackers might target its services. "Many security teams need to stay on the lookout for Internet-based discussions, posts and other bits that may be of impact to the organizations they are protecting," wrote Andy Hoernecke and Scott Behrens of Netflix's Cloud Security Team. One of the tools, called Scumblr, can be used to create custom searches of Google sites, Twitter and Facebook for users or keywords.
Cloud

Google Buys Zync Cloud Graphics Rendering Service 20

Posted by Unknown Lamer
from the cloud-tracing dept.
mpicpp (3454017) writes To beef up its cloud platform with more specialized packages, Google is acquiring Zync for its large scale rendering service for movie special effects, called Zync Render. Google plans to offer the Zync service on its Google Cloud Platform, where it can be used by motion picture studios that do not want to build their own rendering farms.
Chromium

Chromium 37 Launches With Major Security Fixes, 64-bit Windows Support 112

Posted by Unknown Lamer
from the almost-makes-up-for-<dialog> dept.
An anonymous reader writes Google has released Chrome/Chromium version 37 for Windows, Mac, and Linux. Among the changes are better-looking fonts on Windows and a revamped password manager. There are 50 security fixes, including several to patch a sandbox escaping vulnerability. The release also brings stable 64-bit Windows support which ...offers many benefits for speed, stability and security. Our measurements have shown that the native 64-bit version of Chrome has improved speed on many of our graphics and media benchmarks. For example, the VP9 codec that’s used in High Definition YouTube videos shows a 15% improvement in decoding performance. Stability measurements from people opted into our Canary, Dev and Beta 64-bit channels confirm that 64-bit rendering engines are almost twice as stable as 32-bit engines when handling typical web content. Finally, on 64-bit, our defense in depth security mitigations such as Partition Alloc are able to far more effectively defend against vulnerabilities that rely on controlling the memory layout of objects. The full changelog.
Security

Project Zero Exploits 'Unexploitable' Glibc Bug 98

Posted by Unknown Lamer
from the never-say-never dept.
NotInHere (3654617) writes with news that Google's Project Zero has been busy at work. A month ago they reported an off-by-one error in glibc that would overwrite a word on the heap with NUL and were met with skepticism at its ability to be used in an attack. Google's 'Project Zero' devised an exploit of the out-of-bounds NUL write in glibc to gain root access using the setuid binary pkexec in order to convince skeptical glibc developers. 44 days after being reported, the bug has been fixed. They even managed to defeat address space randomization on 32-bit platforms by tweaking ulimits. 64-bit systems should remain safe if they are using address space randomization.
Education

Free Law Casebook Project Starts With IP Coursebook 22

Posted by timothy
from the good-way-to-start dept.
An anonymous reader writes Duke Law School's James Boyle and Jennifer Jenkins just published a CC licensed, freely downloadable textbook called "Intellectual Property Law and the Information Society." (Which includes a discussion of whether and when the term "intellectual property" is a dangerous misnomer). The book is apparently part of an attempt to lower what the authors describe as the "obscene cost" of legal textbooks. "This is the first in a series of free digital/low cost print legal educational materials to be published by Duke's Center for the Study of the Public Domain—starting with statutory supplements aimed at the basic classes. The goal of this project... is to improve the pricing and access norms of the world of legal textbook publishing, while offering the flexibility and possibility for customization that unfettered digital access provides. We hope it will provide a pleasant, restorative, competitive pressure on the commercial publishers to lower their prices and improve their digital access norms." The book's "problems range from a video of the Napster oral argument to counseling clients about search engines and trademarks, applying the First Amendment to digital rights management and copyright or commenting on the Supreme Court's new rulings on gene patents.. [The book] includes discussions of such issues as the Redskins trademark cancelations, the Google Books case and the America Invents Act."
Chrome

VMware Unveils Workplace Suite and NVIDIA Partnership For Chromebooks 59

Posted by samzenpus
from the check-it-out dept.
Gamoid writes At VMworld today, VMware introduced the Workplace Suite, a platform for securely delivering applications and content across desktops and mobile devices from the cloud. The really cool part, though, is a partnership with Google and NVIDIA to deliver even graphics-intensive Windows applications on a Chromebook. From the article: "The new VMware Workplace Suite takes advantage of three existing VMware products: Tools for application, device, and content management as well as secure cloud file storage that comes from the January acquisition of enterprise mobile management company AirWatch; VMware Horizon for desktop-as-a-service; and brand-new acquisition CloudVolumes for app delivery. "
Transportation

California DMV Told Google Cars Still Need Steering Wheels 503

Posted by samzenpus
from the keep-your-hands-on-the-wheel dept.
cartechboy writes Google showed us what it feels is the car of the future. It drives itself, it doesn't have a gas or brake pedal, and there's no steering wheel. But that last one might be an issue. Back in May California's Department of Motor Vehicles published safety guidelines aimed at manufacturers of self-driving vehicles. After seeing Google's self-driving car vision, the California DMV has told the company it needs to add all those things back to their traditional locations so that occupants can take "immediate physical control" of the vehicle if necessary. Don't for a second think this is a major setback for Google, as the prototypes unveiled weren't even close to production ready. While the DMV may loosen some of these restrictions in the future as well all become more comfortable with the idea of self-driving vehicles, there's no question when it comes down to the safety of those on the road.
Businesses

Amazon To Buy Twitch For $970 Million 58

Posted by Unknown Lamer
from the about-that-previous-speculation... dept.
Dave Knott (2917251) writes Amazon has agreed to acquire the live game-streaming service Twitch for approximately $970 million in cash, a move that could help Amazon bolster its position in the fast-growing business of online gaming and give it technology to compete with video-streaming rivals Netflix and YouTube. The acquisition, which has been approved by Twitch's shareholders, is expected to be completed by the end of the year. Google had for some time been reported to have interest in acquiring Twitch, but those talks cooled in recent weeks. Google was unable to close the deal, said sources familiar with the talks, because it was concerned about potential antitrust issues that could have come with the acquisition.
Privacy

850 Billion NSA Surveillance Records Searchable By Domestic Law Enforcement 207

Posted by Unknown Lamer
from the you're-a-criminal dept.
onproton (3434437) writes The Intercept reported today on classified documents revealing that the NSA has built its own "Google-like" search engine to provide over 850 billion collected records directly to law enforcement agencies, including the FBI and the DEA. Reporter Ryan Gallagher explains, "The documents provide the first definitive evidence that the NSA has for years made massive amounts of surveillance data directly accessible to domestic law enforcement agencies." The search engine, called ICREACH, allows analysts to search an array of databases, some of which contain metadata collected on innocent American citizens, for the purposes of "foreign intelligence." However, questions have been raised over its potential for abuse in what is known as "parallel construction," a process in which agencies use surveillance resources in domestic investigations, and then later cover it up by creating a different evidence trail to use in court.
Businesses

Is Dong Nguyen Trolling Gamers With "Swing Copters"? 112

Posted by samzenpus
from the stirring-the-pot dept.
Nerval's Lobster writes Given its extreme difficulty, it's tempting to think that the new Swing Copters is Dong Nguyen's attempt at a joke (You thought 'Flappy Bird' was hard? Check this out!), or maybe even a meta-comment on the emerging "masocore" gaming category. Or maybe he just wanted to make another game, and the idea of an ultra-difficult one appealed. Whatever the case, Nguyen can rely on the enduring popularity of Flappy Bird to propel Swing Copters to the top of the Google and iOS charts. But his games' popularity illuminates a rough issue for developers of popular (or even just semi-popular) apps everywhere: how do you deal with all the copycats flooding the world's app stores? Although Google and Apple boast that their respective app stores feature hundreds of thousands of apps, sometimes it seems as if most of those apps are crude imitations of other apps. The perpetual fear among app developers is that they'll score a modest hit—only to see their years of hard work undermined by someone who cobbles together a clone in a matter of weeks or days. If Apple and Google want to make things friendlier out there for developers, they might consider stricter enforcement policies for the blatant rip-offs filling their digital storefronts.
Data Storage

Dropbox Caught Between Warring Giants Amazon and Google 272

Posted by Soulskill
from the rsync-is-still-pretty-cheap dept.
An anonymous reader writes: Google and Amazon are both aggressively pursuing the cloud storage market, constantly increasing available storage space and constantly dropping prices. On its face, this looks great for the consumer — competition is a wonderful thing. Unfortunately, many smaller companies like Box, Dropbox, and Hightail simply aren't able to run their services at a loss like the giants can. Dropbox's Aaron Levie said, "These guys will drive prices to zero. You do not want to wait for Google or Amazon to keep cutting prices on you. 'Free' is not a business model."

The result is that the smaller companies are pivoting to win market share, relying on specific submarkets or stronger feature sets rather than available space or price. "Box is trying to cater to special data storage needs, like digital versions of X-rays for health care companies and other tasks specific to different kinds of customers. Hightail is trying to do something similar for customers like law firms. And Dropbox? It is trying to make sure that its consumer-minded service stays easier to use than what the big guys provide." It's going to be tough for them to hold out, and even tougher for new storage startups to break in. But that might be the only thing keeping us from choosing between the Wal-Mart-A and Wal-Mart-B of online storage.
Education

ACM Blames the PC For Driving Women Away From Computer Science 329

Posted by timothy
from the how-you-slice-and-dice-the-factors dept.
theodp (442580) writes "Over at the Communications of the ACM, a new article — Computing's Narrow Focus May Hinder Women's Participation — suggests that Bill Gates and Steve Jobs should shoulder some of the blame for the dearth of women at Google, Facebook, Apple, Twitter and other tech companies. From the article: "Valerie Barr, chair of ACM's Council on Women in Computing (ACM-W), believes the retreat [of women from CS programs] was caused partly by the growth of personal computers. 'The students who graduated in 1984 were the last group to start college before there was personal computing. So if you were interested in bioinformatics, or computational economics, or quantitative anthropology, you really needed to be part of the computer science world. After personal computers, that wasn't true any more.'" So, does TIME's 1982 Machine of the Year deserve the bad rap? By the way, the ACM's Annual Report discusses its participation in an alliance which has helped convince Congress that there ought to be a federal law making CS a "core subject" for girls and boys: "Under the guidance of the Education Policy Committee, ACM continued its efforts to reshape the U.S. education system to see real computer science exist and count as a core graduation credit in U.S. high schools. Working with the CSTA, the National Center for Women and Information Technology, NSF, Microsoft, and Google, ACM helped launch a new public/private partnership under the leadership of Code.org to strengthen high school level computing courses, improve teacher training, engage states in bringing computer science into their core curriculum guidelines, and encourage more explicit federal recognition of computer science as a key discipline in STEM discussions.""
Google

Sources Say Amazon Will Soon Be Targeting Ads, a la Google AdWords 83

Posted by timothy
from the cookies-are-delicious dept.
According to The Register (citing a paywalled WSJ article), a new face in targeted ads is emerging (according to "people familiar with the matter") to compete with Google, and it's Amazon. They already have a vast, mineable collection of data about customers' buying, listening and viewing habits, so exploiting personalized ads seems a natural follow-on. According to the report, the ad system would replace Google as ad vendor on Amazon itself, and "It is also apparently hoping to beef up its ad placement business on other sites as part of Amazon's strategy to carve its way into Google's multi-billion-dollar AdWords' empire." Pretty soon Amazon will able to just save me time by ordering the things I would have ordered based on ads that they themselves have placed.
Operating Systems

A New Homegrown OS For China Could Arrive By October 93

Posted by timothy
from the which-governement-holds-your-data? dept.
According to a Reuters report, China could have a new homegrown operating system by October to take on imported rivals such as Microsoft Corp, Google Inc and Apple Inc, Xinhua news agency said on Sunday. Computer technology became an area of tension between China and the United States after a number of run-ins over cyber security. China is now looking to help its domestic industry catch up with imported systems such as Microsoft's Windows and Google's mobile operating system Android. The operating system would first appear on desktop devices and later extend to smartphone and other mobile devices, Xinhua said, citing Ni Guangnan who heads an official OS development alliance established in March. It would make sense for even a "homegrown" operating system to be based on existing ones, in the way Red Flag Linux is. Conceptually related: Earlier this year, Chinese company Coship Electronics announced (and demonstrated) a mobile OS called 960 OS.
Businesses

Major Delays, Revamped Beta For Credit-Card Consolidating Gadget Coin 78

Posted by timothy
from the nickelback-quarterback-pedalback dept.
The premise behind Coin is attractive: consolidate credit cards onto a single card-sized gadget. However, on Friday the company announced a delay in the release of its final version from this summer to spring of 2015, and in a way that angered many of the project's crowd-funding backers. The announcement of a delay was not only sudden, and quite close to the previously announced shipping date, but upset those who'd pre-ordered by outlining a confusing beta program that would involve an interim product release — recipients of the beta version (limited to 10,000) would have had to then pay $30 to upgrade to the final product. As CNET reports, the delay until 2015 remains, but with regard to that beta program, Coin has now reversed its stance. The beta program will be free -- meaning preorder customers who opt-in will no longer forfeit the $55 they paid and will still receive the finished Coin product next year. The program will also expand from 10,000 customers to 15,000. Regardless of whether your smartphone is running Apple's iOS or Google's Android operating system, preorder customers can opt-in to Coin's beta program through its app and will be eligible for a device if they fall within the 15,000-person threshold. The order is determined by when you bought your Coin. Coin customers, some who placed orders as far back as November 2013 when the startup first opened its website for preorders, were displeased not so much with the product delay as with the way Coin handled the situation. The company had, as recently as August 14, sent out an update explaining that a long-awaited shipping announcement would arrive at month's end --yet without an indication that it may miss its shipping target.
Space

Slashdot Asks: Cheap But Reasonable Telescopes for Kids? 185

Posted by timothy
from the will-take-credit-for-the-nobel-prize dept.
I am interested in a telescope for the use of some elementary and middle school aged relatives. Older and younger siblings, and parents, would no doubt get some scope time, too. Telescopes certainly come in a range of prices, from cheap to out of this world, and I am purely a duffer myself. But I enjoy looking at the moon and stars with magnification, and think they would, too. What I'm trying to find might be phrased like this: "the lowest priced scope that's reasonably robust, reasonably accurate, and reasonably usable for kids" -- meaning absolute precision is less important than a focus that is easy to set and doesn't drift. Simplicity in design beats tiny, ill-labeled parts or an incomprehensible manual, even if the complicated one might be slightly better when perfectly tuned. I'd be pleased if some of these kids decide to take up astronomy as a hobby, but don't have any strong expectation that will happen -- besides, if they really get into it, the research for a better one would be another fun project. That said, while I'm price sensitive, I'm not looking *only* at the price tag so much as seeking insight about the cluster of perceived sweet spots when it come to price / performance / personality. By "personality" I mean whether it's friendly, well documented, whether it comes intelligently packaged, whether it's a crapshoot as to whether a scope with the same model name will arrive in good shape, etc -- looking at online reviews, it seems many low-end scopes have a huge variance in reviews. What scopes would you would consider giving to an intelligent 3rd or 4th grader? As a starting point, Google has helped me find some interesting guides that list some scopes that sound reasonable, including a few under or near $100. (Here's one such set of suggestions.) What would you advise buying, from that list or otherwise? (There are some ideas that sound pretty good in this similar question from 2000, but I figure the state of the art has moved on.) I'm more interested in avoiding awful junk than I am expecting treasure: getting reasonable views of the moon is a good start, and getting at least some blurry rings around Saturn would be nice, too. Simply because they are so cheap, I'd like to know if anyone has impressions (worth it? pure junk?) of the Celestron FirstScope models, which are awfully tempting for under $50.

If I'd known computer science was going to be like this, I'd never have given up being a rock 'n' roll star. -- G. Hirst

Working...