For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×
Security

Amazon's New SSL/TLS Implementation In 6,000 Lines of Code 14 14

bmearns writes: Amazon has announced a new library called "s2n," an open source implementation of SSL/TLS, the cryptographic security protocols behind HTTPS, SSH, SFTP, secure SMTP, and many others. Weighing in at about 6k lines of code, it's just a little more than 1% the size of OpenSSL, which is really good news in terms of security auditing and testing. OpenSSL isn't going away, and Amazon has made clear that they will continue to support it. Notably, s2n does not provide all the additional cryptographic functions that OpenSSL provides in libcrypto, it only provides the SSL/TLS functions. Further more, it implements a relatively small subset of SSL/TLS features compared to OpenSSL.
Verizon

How Verizon Is Hindering NYC's Internet Service 21 21

Cuillere writes: Verizon promised to make FiOS available to all New York City residents. The deadline passed a year ago, and many residents still don't have FiOS as an option, but Verizon claims to have done its part. "The agreement required Verizon to 'pass' homes with fiber (not actually connect them), but no one wrote down in the agreement what they thought 'pass' meant. (Verizon’s interpretation, predictably, is that it doesn’t have to get very close.)" The situation is a mess, and the city isn't having much luck fighting it in the courts. Susan Crawford offers a solution: set up wholesale fiber access for third party ISPs and absolve Verizon of customer service responsibility.
Encryption

MIT's Bitcoin-Inspired 'Enigma' Lets Computers Mine Encrypted Data 17 17

Guy Zyskind, Oz Nathan, and the MIT Media Lab have developed a system to encrypt data in a way that it can still be shared and used without being decrypted. "To keep track of who owns what data—and where any given data’s pieces have been distributed—Enigma stores that metadata in the bitcoin blockchain, the unforgeable record of messages copied to thousands of computers to prevent counterfeit and fraud in the bitcoin economy." Enigma needs a fairly large base of users to operate securely, so its creators have proposed requiring a fee for anyone who wants data processed in this way. That fee would then be split among the users doing the processing. Those with encrypted datasets on the Enigma network could also sell access to datamining operations without letting the miners see the unencrypted data.
News

Analysis: Iran's Nuclear Program Has Been an Astronomical Waste 109 109

Lasrick writes: Business Insider's Armin Rosen uses a fuel-cost calculator from the Bulletin of the Atomic Scientists to show that Iran's nuclear program has been "astronomically costly" for the country. Rosen uses calculations from this tool to hypothesize that what Iran "interprets as the country's 'rights' under the 1970 Non-Proliferation Treaty is a diplomatic victory that justifies the outrageous expense of the nuclear program." Great data crunching.
United Kingdom

UK's National Computer Museum Looks For Help Repairing BBC Micros 40 40

tresho writes: 1981-era 8-bit BBC Micro computers and peripherals are displayed in a special interactive exhibit at the UK's National Museum of Computing designed to give modern students a taste of programming a vintage machine. Now, the museum is asking for help maintaining them. "We want to find out whether people have got skills out there that can keep the cluster alive as long as we can," said Chris Monk, learning coordinator at the organization.

"Owen Grover, a volunteer at the museum who currently helps maintain the cluster of BBC Micro machines, said they held up well despite being more than 30 years old. The BBC Micro was 'pretty robust,' he said, because it was designed to be used in classrooms. This meant that refurbishing machines for use in the hands-on exhibit was usually fairly straightforward. 'The main problem we need to sort out is the power supply,' he said. 'There are two capacitors that dry out and if we do not replace them they tend to explode and stink the place out. So we change them as a matter of course.'"
Privacy

Surveillance Court: NSA Can Resume Bulk Surveillance 97 97

An anonymous reader writes: We all celebrated back in May when a federal court ruled the NSA's phone surveillance illegal, and again at the beginning of June, when the Patriot Act expired, ending authorization for that surveillance. Unfortunately, the NY Times now reports on a ruling from the Foreign Intelligence Surveillance Court, which concluded that the NSA may temporarily resume bulk collection of metadata about U.S. citizens's phone calls. From the article: "In a 26-page opinion (PDF) made public on Tuesday, Judge Michael W. Mosman of the surveillance court rejected the challenge by FreedomWorks, which was represented by a former Virginia attorney general, Ken Cuccinelli, a Republican. And Judge Mosman said that the Second Circuit was wrong, too. 'Second Circuit rulings are not binding' on the surveillance court, he wrote, 'and this court respectfully disagrees with that court's analysis, especially in view of the intervening enactment of the U.S.A. Freedom Act.' When the Second Circuit issued its ruling that the program was illegal, it did not issue any injunction ordering the program halted, saying that it would be prudent to see what Congress did as Section 215 neared its June 1 expiration."
Safari

Is Safari the New Internet Explorer? 203 203

An anonymous reader writes: Software developer Nolan Lawson says Apple's Safari has taken the place of Microsoft's Internet Explorer as the major browser that lags behind all the others. This comes shortly after the Edge Conference, where major players in web technologies got together to discuss the state of the industry and what's ahead. Lawson says Mozilla, Google, Opera, and Microsoft were all in attendance and willing to talk — but not Apple.

"It's hard to get insight into why Apple is behaving this way. They never send anyone to web conferences, their Surfin' Safari blog is a shadow of its former self, and nobody knows what the next version of Safari will contain until that year's WWDC. In a sense, Apple is like Santa Claus, descending yearly to give us some much-anticipated presents, with no forewarning about which of our wishes he'll grant this year. And frankly, the presents have been getting smaller and smaller lately."

He argues, "At this point, we in the web community need to come to terms with the fact that Safari has become the new IE. Microsoft is repentant these days, Google is pushing the web as far as it can go, and Mozilla is still being Mozilla. Apple is really the one singer in that barbershop quartet hitting all the sour notes, and it's time we start talking about it openly instead of tiptoeing around it like we're going to hurt somebody's feelings."
Canada

Quebec Government May Force ISPs To Block Gambling Websites 50 50

New submitter ottawan- writes: In order to drive more customers to their own online gambling website, the Quebec government and Loto-Quebec (the provincial organization in charge of gaming and lotteries) are thinking about forcing the province's ISPs to block all other online gambling websites. The list of websites to be blocked will be maintained by Loto-Quebec, and the government believes that the blocking will increase government revenue by up to $27 million (CAD) per year.
Hardware Hacking

Celebrating Workarounds, Kludges, and Hacks 81 81

itwbennett writes: We all have some favorite workarounds that right a perceived wrong (like getting around the Wall Street Journal paywall) or make something work the way we think it ought to. From turning off annoying features in your Prius to getting around sanctions in Crimea and convincing your Android phone you're somewhere you're not, workarounds are a point of pride, showing off our ingenuity and resourcefulness. And sometimes artful workarounds can even keep businesses operating in times of crisis. Take, for example, the Sony employees, who, in the wake of the Great Hack of 2014 when the company's servers went down, dug out old company BlackBerrys that, while they had been abandoned, had never had their plans deactivated. Because BlackBerrys used RIM's email servers instead of Sony's, they could still communicate with one another, and employees with BlackBerrys became the company's lifeline as it slowly put itself back together. What hacks and workarounds keep your life sane?
The Courts

Apple Loses Ebook Price Fixing Appeal, Must Pay $450 Million 71 71

An anonymous reader writes: A federal appeals court ruled 2-1 today that Apple indeed conspired with publishers to increase ebook prices. The ruling puts Apple on the hook for the $450 million settlement reached in 2014 with lawyers and attorneys general from 33 states. The Justice Dept. contended that the price-fixing conspiracy raised the price of some e-books from the $10 standard set by Amazon to $13-$15. The one dissenting judge argued that Apple's efforts weren't anti-competitive because Amazon held 90% of the market at the time. Apple is unhappy with the ruling, but they haven't announced plans to take the case further. They said, "While we want to put this behind us, the case is about principles and values. We know we did nothing wrong back in 2010 and are assessing next steps."
Security

Stanford Starts the 'Secure Internet of Things Project' 50 50

An anonymous reader writes: The internet-of-things is here to stay. Lots of people now have smart lights, smart thermostats, smart appliances, smart fire detectors, and other internet-connect gadgets installed in their houses. The security of those devices has been an obvious and predictable problem since day one. Manufacturers can't be bothered to provide updates to $500 smartphones more than a couple years after they're released; how long do you think they'll be worried about security updates for a $50 thermostat? Security researchers have been vocal about this, and they've found lots of vulnerabilities and exploits before hackers have had a chance to. But the manufacturers have responded in the wrong way.

Instead of developing a more robust approach to device security, they've simply thrown encryption at everything. This makes it temporarily harder for malicious hackers to have their way with the devices, but also shuts out consumers and white-hat researchers from knowing what the devices are doing. Stanford, Berkeley, and the University of Michigan have now started the Secure Internet of Things Project, which aims to promote security and transparency for IoT devices. They hope to unite regulators, researchers, and manufacturers to ensure nascent internet-connected tech is developed in a way that respects customer privacy and choice.
DRM

Cory Doctorow Talks About Fighting the DMCA (2 Videos) 42 42

Wikipedia says, 'Cory Efram Doctorow (/kri dktro/; born July 17, 1971) is a Canadian-British blogger, journalist, and science fiction author who serves as co-editor of the blog Boing Boing. He is an activist in favour of liberalising copyright laws and a proponent of the Creative Commons organization, using some of their licenses for his books. Some common themes of his work include digital rights management, file sharing, and post-scarcity economics.' Timothy Lord sat down with Cory at the O'Reilly Solid Conference and asked him about the DMCA and how the fight against it is going. Due to management-imposed restraints on video lengths, we broke the ~10 minute interview into two parts, both attached to this paragraph. The transcript covers both videos, so it's your choice: view, read or listen to as much of this interview as you like.
Government

White House Lures Mudge From Google To Launch Cyber UL 18 18

chicksdaddy writes: The Obama Whitehouse has tapped famed hacker Peiter Zatko (aka "Mudge") to head up a new project aimed at developing an "underwriters' lab" for cyber security. The new organization would function as an independent, non-profit entity designed to assess the security strengths and weaknesses of products and publishing the results of its tests.

Zatko is a famed hacker and security luminary, who cut his teeth with the Boston-based hacker collective The L0pht in the 1990s before moving on to work in private industry and, then, to become a program manager at the DARPA in 2010. Though known for keeping a low profile, his scruffy visage (circa 1998) graced the pages of the Washington Post in a recent piece that remembered testimony that Mudge and other L0pht members gave to Congress about the dangers posed by insecure software.
Microsoft

Microsoft To Sell Bing Maps, Advertising Sections 58 58

UnknowingFool writes: Microsoft has announced that they will sell some Bing Maps technology to Uber and their advertising business to AOL. About 1,300 employees are expected to be offered positions in their new companies. CEO Nadella said previously that there would be "tough choices" to be made. Some outside analysts have said neither venture was very profitable for Microsoft and may have been unprofitable at times.
The Military

Test Pilot: the F-35 Can't Dogfight 664 664

schwit1 sends this report from the War Is Boring column: A test pilot has some very, very bad news about the F-35 Joint Strike Fighter. The pricey new stealth jet can't turn or climb fast enough to hit an enemy plane during a dogfight or to dodge the enemy's own gunfire, the pilot reported following a day of mock air battles back in January. And to add insult to injury, the JSF flier discovered he couldn't even comfortably move his head inside the radar-evading jet's cramped cockpit. "The helmet was too large for the space inside the canopy to adequately see behind the aircraft." That allowed the F-16 to sneak up on him. The test pilot's report is the latest evidence of fundamental problems with the design of the F-35 — which, at a total program cost of more than a trillion dollars, is history's most expensive weapon. Your tax dollars at work.