Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

Tor Is Building the Next Generation Dark Net With Funding From DARPA 16

Posted by Soulskill
from the seek-and-go-hide dept.
Patrick O'Neill writes: After years of relative neglect, Tor has been able to dedicate increasing time and resources to its hidden services thanks to funding in part by DARPA, as well as an upcoming crowdfunding campaign. DARPA's funding lasts 1-3 years and covers several projects including security and usability upgrades that close the gap between hidden services and the everyday Internet. "Next-generation hidden services may be run from multiple hosts to better deal with denial of service attacks and high traffic in general, a potentially big power boost that further closes the gap between the Dark Net and normal websites. ... Hidden services, which make up about 4 percent of the entire Tor network, have until recently been relatively neglected when it comes to funding and developing."
Security

D-Link Apologizes For Router Security 93

Posted by samzenpus
from the our-bad dept.
Mark Wilson writes D-Link has issued an apology to its customers for an on-going security issue with many of its routers. A problem with the Home Network Administration Protocol (HNAP) means that it is possible to bypass authorization and run commands with escalated privileges. The list of routers affected by the issue is fairly lengthy, and D-Link has already issued one patch. But rather than fixing the problem, last week's update left routers wide open to exactly the same problem. As it stands at the moment, a firmware patch is still being produced for a total of 17 routers. In the meantime, all D-Link has to offer is an apology. While unhelpful patches have already been issued, D-Link is currently working away on replacement firmware updates. The release dates for these patches is not yet set in stone, but some are due today (20 April), some tomorrow (21 April) and the remainder on 24 April.
Communications

Norway Will Switch Off FM Radio In 2017 283

Posted by timothy
from the video-sought-by-police-for-questioning dept.
New submitter titten writes The Norwegian Ministry of Culture has announced that the transition to DAB will be completed in 2017. This means that Norway, as the first country in the world to do so, has decided to switch off the FM network. Norway began the transition to DAB in 1995. In recent years two national and several local DAB-networks has been established. 56 per cent of radio listeners use digital radio every day. 55 per cent of households have at least one DAB radio, according to Digitalradio survey by TNS Gallup, continuously measuring the Norwegian`s digital radio habits.
Security

Calling Out a GAO Report That Says In-Flight Wi-Fi Lets Hackers Access Avionics 113

Posted by timothy
from the this-postcard-is-just-an-atom-bomb dept.
An anonymous reader writes A new report from the U.S. Government Accountability Office (GAO) warns that in-flight W-Fi, including wireless entertainment and internet-based cockpit communications, may allow hackers to gain remote access to avionics systems and take over navigation. At the same time, a cyber expert and pilot called the report "deceiving" and said that "To imply that because IP is used for in-flight WiFi and also on the avionics networks means that you can automatically take over the avionics network makes about as much sense as saying you can take over the jet engines because they breathe air like the passengers and there is no air gap between passengers who touch the plane and the engines which are attached to the plane."
Security

The Voting Machine Anyone Can Hack 105

Posted by samzenpus
from the vote-now-vote-often dept.
Presto Vivace writes about a study published by the Virginia Information Technology Agency outlining just how bad the security of the AVS WINVote machine is. "Virginia election officials have decertified an electronic voting system after determining that it was possible for even unskilled people to surreptitiously hack into it and tamper with vote counts. The AVS WINVote, made by Advanced Voting Solutions, passed necessary voting systems standards and has been used in Virginia and, until recently, in Pennsylvania and Mississippi. It used the easy-to-crack passwords of 'admin,' 'abcde,' and 'shoup' to lock down its Windows administrator account, Wi-Fi network, and voting results database respectively, according to a scathing security review published Tuesday by the Virginia Information Technologies Agency. The agency conducted the audit after one Virginia precinct reported that some of the devices displayed errors that interfered with vote counting during last November's elections."
Microsoft

Windows Remains Vulnerable To Serious 18-Year-Old SMB Security Flaw 171

Posted by samzenpus
from the protect-ya-neck dept.
Mark Wilson writes A serious security hole leaves millions of Windows users open to attack, making it possible to extract encrypted credentials from a target machine. Researchers at Cylance say the problem affects "any Windows PC, tablet or server" (including Windows 10) and is a slight progression of the Redirect to SMB attack discovered by Aaron Spangler way back in 1997. Redirect to SMB is essentially a man-in-the-middle attack which involves taking control of a network connection. As the name suggests, victims are then redirected to a malicious SMB server which can extract usernames, domains and passwords. Cylance also reports that software from companies such as Adobe, Oracle and Symantec — including security and antivirus tools — are affected.
Books

Book Review: Networking For System Administrators 33

Posted by samzenpus
from the read-all-about-it dept.
Saint Aardvark writes Michael W. Lucas has been writing technical books for a long time, drawing on his experience as both a system and a network administrator. He has mastered the art of making it both easy and enjoyable to inhale large amounts of information; that's my way of saying he writes books well and he's a funny guy. Networking for System Administrators, available both in DRM-free ebook and dead tree formats, is his latest book, and it's no exception to this trend. Keep reading for the rest of Saint Aardvark's review.
Piracy

Nearly Half of Game of Thrones Season 5 Leaks Online 148

Posted by samzenpus
from the how-about-leaking-the-books-GRRM dept.
HughPickens.com writes Paul Tassi reports at Forbes that the first four episodes of the new season of "Game of Thrones", nearly half of the ten total episodes, have been leaked online to various torrent sites. The four episodes appeared to come from a screener sent to reviewers with the digital watermark blurred out and are in 480p video format, equivalent to standard-definition TV, not HD.The episodes have already been downloaded almost 800,000 times, and that figure was expected to blow past a million downloads by the season 5 premiere. Game of Thrones has consistently set records for piracy, which has almost been a point of pride for HBO. "Our experience is [piracy] leads to more penetration, more paying subs, more health for HBO, less reliance on having to do paid advertising If you go around the world, I think you're right, Game of Thrones is the most pirated show in the world. Well, you know, that's better than an Emmy."

How the leak happened isn't a mystery. Television critics typically receive the first four episodes of an HBO show before its season premiere, and "Game of Thrones" is no exception. HBO could not immediately say whether the leak could be traced to screener copies of the show. "I suspect HBO may be a bit more restrictive about handing out Game of Thrones screeners to press, given the event-like nature of the show and its reliance on keeping spoilers close to the chest," writes Tassi. "I really don't see why commentary like that needs to exist in the first place." The network can take solace in at least one thing, though. Episode four ends on a heck of a cliffhanger, and those who pirated the episodes will be in the same boat as those of us who received them legally — waiting until May to find out what happens next. "I would imagine it's more fun to just spend the next month watching week to week as nature intended, even if you are watching illegally," concludes Tassi. "Game of Thrones is one of the last true "event" shows where it's something you want to talk about Sunday night or Monday morning with friends and strangers alike."
Network

Nokia Networks Demonstrates 5G Mobile Speeds Running At 10Gbps Via 73GHz 54

Posted by timothy
from the that-is-one-packed-headline dept.
Mark.JUK writes The Brooklyn 5G Summit appears to have provided a platform for Nokia Networks to demo a prototype of their future 5G (5th Generation) mobile network technology, which they claim can already deliver data speeds of 10 Gigabits per second using millimeter Wave (mmW) frequency bands of 73GHz. The demo also made use of 2×2 Multiple-Input and Multiple-Output (MIMO) links via single carrier Null Cyclic Prefix modulation and frame size of 100 micro seconds, although crucially no information about the distance of this demo transmission has been released and at 73GHz you'd need quite a dense network in order to overcome the problems of high frequency signal coverage and penetration.
Transportation

How Flight Tracking Works: a Global Network of Volunteers 50

Posted by timothy
from the tapping-into-ocd dept.
An anonymous reader writes If a website can show the flight path and all those little yellow planes in real time, how can they not know where Malaysia Airlines flight MH370 went down? Answering that involves understanding a little about how flight-tracking sites work, where they get their data, and the limitations of existing technologies. It also involves appreciating a relatively new approach that the two large flight-tracking companies, Texas-based FlightAware and Sweden-based Flightradar24 are rushing to expand, a global sensor system known as ADS-B, which broadcasts updates of aircraft GPS data in real time. ADS-B is slowly superseding the ground-based radar systems that have been used for decades, becoming central not only to flight tracking but also to the future of flight safety. And it's powered, in part, by thousands of dedicated aviation hobbyists around the globe.
Power

The Myth of Going Off the Power Grid 280

Posted by Soulskill
from the tell-that-to-my-hamster-wheel-colony dept.
Lasrick writes: Dawn Stover uses Elon Musk's announcement that Tesla will soon be unveiling plans for a battery that could power your home as a starting point to explore the idea that "going off the grid" is going to solve climate change. "The kind of in-house energy storage he is proposing could help make renewables a bigger part of the global supply. But headlines announcing that a Tesla battery 'could take your home off the grid' spread misconceptions about what it takes to be self-sufficient — and stop global warming." Stover worries that shifting responsibility for solutions to climate change from governments to individuals creates an 'every-man-for-himself' culture that actually works against energy solutions and does little to reduce overall greenhouse gas emissions. Instead, "smart grid" technology would be much more efficient: "With a smarter grid, excess electricity generated by solar panels and wind turbines could be distributed to a network of on-the-grid home and car batteries. Some utilities have also experimented with using home water heaters as an economical substitute for batteries."
Security

French TV Network TV5Monde Targeted In 'Pro-ISIS' Cyberattack 71

Posted by timothy
from the hate-by-wire dept.
An anonymous reader writes French broadcaster TV5Monde [was] today working to regain control of its 11 television channels and online platforms after hackers claiming ties with the Islamic State hijacked its network on Wednesday evening, forcing the media group to show only pre-recorded content. The television network was able to return in part to its planned schedule by 1:00am (23:00 GMT) last night, after the hacking group had suspended its broadcast services for three hours. Yves Bigot, the Parisian company's director general, said that the network had been "severely damaged" by an "unprecedented attack" which would have taken weeks to prepare. The hacking group posted threats and shared a collection of files across TV5Monde's Facebook page which it claimed were copies of ID cards and CVs of relatives of French soldiers involved in anti-IS operations. More coverage at The Independent, which says the attack "revealed personal details of French soldiers."
The Internet

Bell Labs Fighting To Get More Bandwidth Out of Copper 106

Posted by samzenpus
from the I'm-giving-it-all-she's-got-captain dept.
jfruh writes You might think that DSL lost the race to cable and fiber Internet years ago, but Alcatel-Lucent's Bell Labs is working on a host of projects to extract more and faster bandwidth out of existing technologies. The company's G.fast technology aims to get hundreds of megabits a second over telephone lines. Other projects are aiming to boost speeds over fiber and cell networks as well.
Power

Feds Boost Goal To 75k New Solar Power Workers By 2020 69

Posted by Soulskill
from the fortunate-sun dept.
An anonymous reader writes: The U.S. government has announced plans to help train 75,000 people to enter the solar workforce by 2020, including a number of veterans. The new goal is part of the U.S. Department of Energy (DOE) SunShot Initiative, which helps fund research, manufacturing and market creation. The SunShot Initiative's Solar Instructor Training Network works with 400 community colleges across the country for training, and claims to have already certified 1,000 solar instructors and nearly 30,000 students in the last five years. Ultimately, the SunShot Initiative has a goal for solar energy to reach price parity with conventional power sources in five years.
Piracy

Australian ISPs Must Hand Over Pirates' Info 136

Posted by Soulskill
from the making-more-lawyers-rich dept.
wabrandsma sends this report from the BBC: An Australian court has ordered internet service providers to hand over details of customers accused of illegally downloading a U.S. movie. In a landmark move, the Federal Court told six firms to divulge names and addresses of those who downloaded The Dallas Buyers Club. ... The court said the data could only be used to secure "compensation for the infringements" of copyright. In the case, which was heard in February, the applicants said they had identified 4,726 unique IP addresses from which their film was shared online using BitTorrent, a peer-to-peer file sharing network. They said this had been done without their permission. Once they received the names of account holders, the company would then have to prove copyright infringement had taken place.
Security

Research Finds Shoddy Security On Connected Home Gateways 88

Posted by timothy
from the junction-box-is-open dept.
chicksdaddy writes Connected home products are the new rage. But how do you connect your Nest thermostat, your DropCam surveillance device and your Chamberlin MyQ 'smart' garage door opener? An IoT hub, of course. But not so fast: a report from the firm Veracode may make you think twice about deploying one of these IoT gateways in your home. As The Security Ledger reports, Veracode researchers found significant security vulnerabilities in each of six IoT gateways they tested, suggesting that manufacturers are giving short shrift to security considerations during design and testing. The flaws discovered ranged from weak authentication schemes (pretty common) to improper validation of TLS and SSL certificates, to gateways that shipped with exposed debugging interfaces that would allow an attacker on the same wireless network as the device to upload and run malicious code. Many of the worst lapses seem to be evidence of insecure design and lax testing of devices before they were released to the public, Brandon Creighton, Veracode's research architect, told The Security Ledger. This isn't the first report to raise alarms about IoT hubs. In October, the firm Xipiter published a blog post describing research into a similar hub by the firm VeraLite. Xipiter discovered that, among other things, the VeraLite device shipped with embedded SSH private keys stored in immutable areas of the firmware used on all devices.
The Almighty Buck

Build Your Own Satellite For Less Than $30K 49

Posted by samzenpus
from the on-the-cheap dept.
schwit1 writes An industry of new cubesat builders can now build satellites for anyone for any reason for very little money. From the article: "The miniaturization of technology allows people to do more with less hardware, said Chad Anderson, the managing director of Space Angels Network, an investment house specializing in the space industry. That industry, he said, was worth $300bn (£200bn) last year. Constellations of smaller satellites, like those suggested as tracking devices for planes over oceans, are now a possibility. 'The launch costs are coming down and people leveraging today's technology are able to do more with less and launch less mass to orbit. The price point has come down to where start-ups and entrepreneurs can really make an impact on the scene for the first time,' he said." When the first tiny satellite launch companies arrive, expect this industry to blossom at an astonishing rate.
Crime

Watching a "Swatting" Slowly Unfold 246

Posted by samzenpus
from the in-gory-detail dept.
netbuzz writes That online gamers have been victimized has unfortunately allowed us to see what "swatting" looks like from the perspective of the target: terrifying and potentially deadly. A similar type of criminally unnecessary SWAT scene played out Saturday night when a caller to police in Hopkinton, Mass., claimed to be holed up in the town's closed public library with two hostages and a bomb. The library stands within eyesight of the starting line for the Boston Marathon. An editor for Network World, there by happenstance, watched for two hours, and, while it was a hoax and no one was hurt, his account highlights the disruption and wastefulness these crimes inflict.
Google

Google In Talks To Create International Roaming Network 25

Posted by timothy
from the hello-operator dept.
jones_supa writes Google is in talks towards a deal with Hutchison Whampoa, the owner of the mobile operator Three, that will allow United States customers to use their phones abroad at no extra cost. The two giants are discussing a wholesale access agreement that would become an important part of Google's planned attempt to shake up the US mobile market with its own network. It is understood that Google aims to create a global network that will cost the same to use for calls, texts and data no matter where a customer is located. By linking up with Hutchison, it could gain wholesale access to mobile service in the UK, Ireland, Italy and several more countries where the Hong Kong conglomerate owns mobile networks.
Open Source

US NAVY Sonar/Lidar Editing Software Released To the World 56

Posted by timothy
from the public-domain-makes-registration-a-temporary-annoyance dept.
New submitter PFMABE writes The Naval Oceanographic Office (NAVO) has spent 16 years developing the Pure File Magic Area Based Editor (PFMABE) software suite to edit the huge volumes of lidar and sonar data they collect every year. In accordance with 17 USC 105, copyright protection is not available to any work of the US government. Originally developed to run on RedHat OS with network distributed storage, it has been migrated to Windows 7. This software, and accompanying source code (Win & Linux), has been released to the public domain at pfmabe.software, free for download with registration.