darthcamaro writes: Mozilla today publicly announced that secured areas of bugzilla, where non-public zero days are stored, were accessed by an attacker. The attacker got access to as many as 185 security bugs before they were made public. They say, "We believe they used that information to attack Firefox users." The whole hack raises the issue of Mozilla's own security, since it was a user password that was stolen and the bugzilla accounts weren't using two-factor authentication. According to Mozilla's FAQ about the breach (PDF), "The earliest confirmed instance of unauthorized access dates to September 2014. There are some indications that the attacker may have had access since September 2013."
An anonymous reader writes: Adobe, Apple, Google, and Intel have been embroiled in a high-profile court case accusing them of creating anti-poaching agreements in an attempt to keep tech industry salaries under control. Now, Judge Lucy Koh has ruled that the $415 million settlement against the tech giants is fair, and will stand. Koh also cut in half the amount awarded to the attorneys in the case. The lawsuit was a class-action originally joined by about 64,000 workers. Other companies were involved with the case, and reached settlements earlier, and a few members of the class action may opt out of any settlement. But the remaining members will only get something in the vicinity of $6,000 apiece for the damage done to their earnings.
An anonymous reader writes: The Pentagon announced yesterday it is issuing a moratorium on work at nine different biodefense labs after live anthrax was discovered outside containment at Dugway Proving Ground in Utah. The facility was discovered to have been shipping live anthrax specimens — instead of dead ones — to other labs. Work can only begin again after the shuttered facilities are certain to be clean of anthrax and assured of safe conduct. "The review calls for the military labs to ensure that personnel are properly trained on lab safety procedures and that necessary maintenance is conducted on biosafety level 3 lab facilities that work with some of the most dangerous pathogens. It calls for validating record-keeping and inventories of the military's 'Critical Reagents Program' — including 'ensuring that all materials associated with the CRP are properly accounted for.'"
An anonymous reader writes: Bloomberg reports that ZTE and its cheap Android smartphones have been grabbing more and more of the market in the U.S. It's not that the phones are particularly good — it's that they're "good enough" for the $60 price tag. The company has moved up to fourth among smartphone makers, behind Apple, Samsung and LG. That puts them ahead of a lot of companies making premium devices: HTC, Motorola, and BlackBerry, to name a few. ZTE, a Chinese manufacturer, seems to be better at playing the U.S. markets than competitors like Xiaomi and Huawei, and they're getting access to big carriers and big retailers. "Its phone sales are all the more surprising because it's been frozen out of the more lucrative telecom networking market since 2012. That year, the House Intelligence Committee issued a report warning that China's intelligence services could potentially use ZTE's equipment, and those of rival Huawei Technologies, for spying. Huawei then dismissed the allegations as 'little more than an exercise in China bashing.'"
New submitter Enderxeno writes with news that on September 25th, geek merchandise retailer ThinkGeek will open its first brick-and-mortar store in Orlando, Florida. The store will open in a mall, and the company will be running it with the help of GameStop, who bought ThinkGeek back in June. The new store will have a 3,000 square foot space that used to be occupied by Radio Shack, and it will focus "entirely on collectibles." (Disclosure: Slashdot and ThinkGeek used to share a corporate overlord. We don't talk anymore, but we still like them. Even though they finally took away our employee discounts.)
Lasrick writes: Many legislators regularly deny that there is a scientific consensus, or even broad scientific support, for government action to address climate change. Researchers recently assessed the content of congressional testimony related to either global warming or climate change from 1969 to 2007. For each piece of testimony, they recorded several characteristics about how the testimony discussed climate. For instance, noting whether the testimony indicated that global warming or climate change was happening and whether any climate change was attributable (in part) to anthropogenic sources. The results: Testimony to Congress—even under Republican reign—reflects the scientific consensus that humans are changing our planet's climate.
ckwu writes: A steel mesh with a novel self-cleaning coating can separate oil and water, easily lifting oil from an oil-water mixture and leaving the water behind. Unlike existing oil-water separation membranes, if the coated mesh gets contaminated with oil, it can be simply rinsed off with water and reused, without needing to be cleaned with detergents. The team was able to use the mesh to lift crude oil from a crude oil-seawater mixture, showcasing the feasibility of oil-spill cleanup. The membrane could also be used to treat oily wastewater and as a protective barrier in industrial sewer outlets to avoid oil discharge.
Ewan Palmer reports: A teenage boy in the UK has had a crime of making and distributing indecent images recorded against him after he sent a naked picture of himself to one of his female classmates. The 14-year-old was not formally arrested after he sent the explicit image to a girl of the same age via Snapchat. The police file against the boy will now remain active for 10 years, meaning any future employer conducting an advanced Criminal Records Bureau check will be aware of the incident. However, it is not clear whether a police file was recorded for the girl who saved and shared the image. Under new legislation, if she had been over 18, the girl could have been convicted under the so called 'revenge porn' law in the UK.
An anonymous reader writes: A pioneer in the field of acoustics, Dr. James L. Flanagan provided "the technical foundation for speech recognition, teleconferencing, MP3 music files, and the more efficient digital transmission of human conversation." The NYTimes covered his recent passing: "His innovations included preserving the sound of a human voice while crunching it digitally, as well as teaching computers to articulate — converting sound waves into digital pulses. He also helped devise a 'force-feedback' tactile glove, similar to today’s video game accessories, that enabled medical students to simulate hands-on examinations when a live patient or cadaver was not available (or to mimic a game of handball). Dr. Flanagan also played a minor role in the drama surrounding the downfall of President Richard M. Nixon." An older (2005) article from IEEE Spectrum titled "Sultan of Sound" provides background on his work and impact. An interview (1997) discussing his WWII service, research at AT&T Bell Labs & Rutgers University is part of the IEEE oral history series.
sciencehabit writes: Earth today supports more than 3 trillion trees—eight times as many as we thought a decade ago. But that number is rapidly shrinking, according to a global tree survey released today (abstract). We are losing 15 billion trees a year to toilet paper, timber, farmland expansion, and other human needs. So even though the total count is large, the decline is "a cause for concern," says Tom Spies, a forest ecologist with the U.S. Forest Service in Corvallis, Oregon, who was not involved with the work.
asjk points out a story of how a World War II bomb shelter, situated 33 meters beneath the streets of London, has been turned into a high-tech hydroponic farm. "The growing system uses energy-efficient LEDs instead of sun, no pesticides, needs 70 percent less water than growing plants in open fields, and less energy than a greenhouse." The computer-controlled environment is designed to shorten the growth cycle of plants like coriander and radishes. They're currently only using about a quarter of the gear necessary to fill up the shelter, but they can produce 5,000-20,000 kilograms of food per year, depending on what they raise. Co-founder Steven Dring said, "We've got to utilize the spaces we've got. There's a finite amount of land and we can grow salads and herbs — which start losing flavor and quality as soon as you cut them — in warehouses and rooftops in cities near the people who will eat them. Use the rural land for things like carrots, potatoes and livestock."
Lucas123 writes: Body cameras are the fastest growing segment of the police video camera business. The two largest police body camera manufacturers today — Taser and VieVu — say they've shipped devices to 41% of the nation's 18,000 police departments. But, the hardware is only the basis for the real business: video evidence storage. Last year, Taser's gross profit margins on hardware were 15.6%; the gross margins for video storage were 51%, according to Glenn Mattson, who follows Taser as an equity analyst for Ladenburg Thalmann. "There's no contest. They don't care about making money on the cameras," Mattson said. As of the first quarter of this year, more than a petabyte of police video has been uploaded to Taser's Evidence.com service. Just one of VieVu's clients, the Oakland PD, has uploaded more than a million police videos. The cost of storage, however, is so high that police departments have been forced to determine strict retention policies, that in some cases may effect the long-term handling of evidence. In Birmingham, Ala., for example, where they've deployed 300 cameras and hope to double that this year, the the video cameras themselves cost about $180,000, but the department's total outlay for a five-year contract including cloud storage with Taser will be $889,000.
An anonymous reader writes: The Saiga antelope has been hunted to near extinction. They've been put on the endangered species list, and they play a vital role in the ecosystems around Russia, Mongolia, and Kazakhstan, where their grazing helps get rid of fallen plant matter, which is prevented from decomposing by the cold temperatures. But earlier this year, a huge die-off hit the Saiga antelope herd in Kazakhstan, felling over 120,000 of them in a few short weeks. Scientists say an entire group of 60,000 died within a four-day span. The cause of this die-off is still a mystery. The researchers suspect some sort of bacteria, and early on pointed to Pasteurella strains. But those bacteria don't usually cause this much damage unless something else has weakened the antelope. "There is nothing so special about it. The question is why it developed so rapidly and spread to all the animals," one researcher said. They're looking into environmental factors, but nothing else seems too far out of the ordinary.
jfruh writes: The Machinima gaming video network took money from a marketing agency hired by Microsoft to pay "influencers" up to $45,000 to promote the Xbox One. Crucially, the video endorsers did not disclose that they'd been paid, which has caused trouble with the FTC. For its part, Machinima notes that this happened in 2013, when the current management was not in charge.
schwit1 writes: Months after the federal government admitted publicly that the personal data of more than 20 million government employees had been hacked they still have not sent notifications to those millions. The agency whose data was hacked, the Office of Personnel Management (OPM), said the Defense Department will begin "later this month" to notify employees and contractors across the government that their personal information was accessed by hackers. OPM said notifications would continue over several weeks and "will be sent directly to impacted individuals." OPM also announced that it hired a contractor to help protect the identities and credit ratings of employees whose data was hacked. In a statement, OPM said it had awarded a contract initially worth more than $133 million to a company called Identity Theft Guard Solutions LLC, doing business as ID experts, for identity theft protections for the 21.5 million victims of the security data breach. The contractor will provide credit and identity monitoring services for three years, as well as identity theft insurance, to affected individuals and dependent children aged under 18, the agency said.
An anonymous reader writes: A sexual health clinic in London accidentally disclosed the HIV positive status of almost 800 patients. The Guardian reports: "The health secretary, Jeremy Hunt, has ordered an inquiry into how the NHS handles confidential medical information after the “completely unacceptable” breach of the privacy of hundreds of HIV patients. The 56 Dean Street clinic in London apologized on Wednesday after sending a newsletter on Tuesday which disclosed the names and email addresses of about 780 recipients. The newsletter is intended for people using its HIV and other sexual health services, and gives details of treatments and support.
msm1267 writes: Netflix has released a tool it calls Sleepy Puppy. The tool injects cross-site scripting payloads into a target app that may not be vulnerable, but could be stored in a database and tracks the payload if it's reflected to a secondary application that makes use of the data in the same field. "We were looking for a way to provide coverage on applications that come from different origins or may not be publicly accessible," said co-developer Scott Behrens, a senior application security engineer at Netflix. "We also wanted to observe where stored data gets reflected back, and how data that may be stored publicly could also be reflected in a large number of internal applications." Sleepy Puppy is available on Netflix's Github repository and is one of a slew of security tools its engineers have released to open source.
An anonymous reader writes: At the beginning of August the Blender Institute released Cosmos Laundromat: First Cycle, its seventh open project. More than just a 10-minute short film, Cosmos Laundromat is the Blender Institute's most ambitious project, a pilot for the first fully free and open animated feature film. In his article on Opensource.com animator and open source advocate Jason van Gumster highlights the film project and takes a look at some of its most significant contributions to the Blender open source project.
kthreadd writes: Version 1.5.24 of the Mutt email client has been released. New features in this release includes among other things terminal status-line (TS) support, a new color object 'prompt', the ability to encrypt postponed messages and opportunistic encryption which automatically enables/disables encryption based on message recipients. SSLv3 is now also disabled by default.
An anonymous reader writes: A Canadian record label specializing in public domain releases has filed a complaint with the Competition Tribunal over alleged anti-competitive conduct by Universal, Sony, and host of other music industry leaders. The complaint tells a fascinating behind-the-scenes tale, with the recording industry doing everything in its powers — including posting false reviews, pressuring distributors, and lobbying for changes to the law — to stop the sale of competing public domain records.