Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Mozilla To Support Public Key Pinning In Firefox 32

Soulskill posted 9 hours ago | from the pin-the-key-on-the-fox dept.

Firefox 66

Trailrunner7 writes: Mozilla is planning to add support for public-key pinning in its Firefox browser in an upcoming version. In version 32, which would be the next stable version of the browser, Firefox will have key pins for a long list of sites, including many of Mozilla's own sites, all of the sites pinned in Google Chrome and several Twitter sites. Public-key pinning has emerged as an important defense against a variety of attacks, especially man-in-the-middle attacks and the issuance of fraudulent certificates. The function essentially ties a public key, or set of keys, issued by known-good certificate authorities to a given domain. So if a user's browser encounters a site that's presenting a certificate that isn't included in the set of pinned public keys for that domain, it will then reject the connection. The idea is to prevent attackers from using fake certificates in order to intercept secure traffic between a user and the target site.

Japanese Publishers Lash Out At Amazon's Policies

Soulskill posted 13 hours ago | from the does-not-play-nice-with-others dept.

Books 99

Nate the greatest writes: Amazon is in a bitter contract fight with Hachette in the U.S. and Bonnier in Germany, and now it seems the retail giant is also in conflict with publishers in Japan. Amazon has launched a new rating system in Japan which gives preference to publishers with larger ebook catalogs (and publishers that pay higher fees), leading to complaints that Amazon is using its market power to blackmail publishers. Where have we heard that complaint before?

The retailer is also being boycotted by a handful of Japanese publishers who disagree with Amazon offering a rewards program to students. The retailer gives students 10% of a book's price as points, which can be used to buy more books. This skirts Japanese fixed-price book laws, so several smaller publishers pulled their books from Amazon in protest. Businesses are out to make money and not friends, but Amazon sure is a lightning rod for conflicts, isn't it?

US Government Fights To Not Explain No-Fly List Selection Process

Soulskill posted yesterday | from the you-can-trust-us dept.

Government 230

An anonymous reader writes: On August 6, U.S. District Judge Anthony Trenga ordered the federal government to "explain why the government places U.S. citizens who haven't been convicted of any violent crimes on its no-fly database." Unsurprisingly, the federal government objected to the order, once more claiming that to divulge their no-fly list criteria would expose state secrets and thus pose a national security threat. When the judge said he would read the material privately, the government insisted that reading the material "would not assist the Court in deciding the pending Motion to Dismiss (PDF) because it is not an appropriate means to test the scope of the assertion of the State Secrets privilege." The federal government has until September 7 to comply with the judge's order unless the judge is swayed by the government's objection.

Why Women Have No Time For Wikipedia

timothy posted yesterday | from the busy-doing-real-stuff dept.

Wikipedia 504

Andreas Kolbe writes Wikipedia is well known to have a very large gender imbalance, with survey-based estimates of women contributors ranging from 8.5% to around 16%. This is a more extreme gender imbalance than even that of Reddit, the most male-dominated major social media platform, and it has a palpable effect on Wikipedia content. Moreover, Wikipedia editor survey data indicate that only 1 in 50 respondents is a mother – a good proportion of female contributors are in fact minors, with women in their twenties less likely to contribute to Wikipedia. Wikimedia Foundation efforts to address this "gender gap" have so far remained fruitless. Wikipedia's demographic pattern stands in marked contrast to female-dominated social media sites like Facebook and Pinterest, where women aged 18 to 34 are particularly strongly represented. It indicates that it isn't lack of time or family commitments that keep women from contributing to Wikipedia – women simply find other sites more attractive. Wikipedia's user interface and its culture of anonymity may be among the factors leading women to spend their online time elsewhere.

The Executive Order That Led To Mass Spying, As Told By NSA Alumni

samzenpus posted yesterday | from the I-see-you dept.

United States 176

An anonymous reader writes with this Ars piece about the executive order that is the legal basis for the U.S. government's mass spying on citizens. One thing sits at the heart of what many consider a surveillance state within the US today. The problem does not begin with political systems that discourage transparency or technologies that can intercept everyday communications without notice. Like everything else in Washington, there's a legal basis for what many believe is extreme government overreach—in this case, it's Executive Order 12333, issued in 1981. “12333 is used to target foreigners abroad, and collection happens outside the US," whistleblower John Tye, a former State Department official, told Ars recently. "My complaint is not that they’re using it to target Americans, my complaint is that the volume of incidental collection on US persons is unconstitutional.” The document, known in government circles as "twelve triple three," gives incredible leeway to intelligence agencies sweeping up vast quantities of Americans' data. That data ranges from e-mail content to Facebook messages, from Skype chats to practically anything that passes over the Internet on an incidental basis. In other words, EO 12333 protects the tangential collection of Americans' data even when Americans aren't specifically targeted—otherwise it would be forbidden under the Foreign Intelligence Surveillance Act (FISA) of 1978.

Canada Tops List of Most Science-Literate Countries

timothy posted yesterday | from the one-end-of-the-moose-has-more-gravity dept.

Canada 203

An anonymous reader writes "A recent survey of scientific education and attitudes showed the Canadian population to have the highest level of scientific literacy in the world, as well as the fewest reservations about the direction of scientific progress (full report). A key factor is a high level of scientific knowledge among the general population (despite comparatively low numbers of people employed in STEM fields). Another is a higher level of comfort with choosing rationality over religious belief — only 25% of Canadians surveyed agreed with the statement "We depend too much on science and not enough on faith", as opposed to 55% in the U.S. and 38% in the E.U.

I also wonder if the vaunted Canadian healthcare system plays a role. When advances in medical science are something you automatically expect to benefit from personally if you need them, they look a lot better than when you have to scramble just to cover your bills for what we have now."

Drought Inspires a Boom In Pseudoscience, From Rain Machines To 'Water Witches'

timothy posted yesterday | from the hi-cousin-barry dept.

Earth 254

merbs (2708203) writes Across drought-stricken California, farmers are desperate for water. Now, many of them are calling dowsers. These "water witches," draped in dubious pseudoscience or self-assembled mythologies—or both—typically use divining rods and some sort of practiced intuition to "find" water. The professional variety do so for a fee. And business is booming. They're just part of a storied tradition of pseudoscientific hucksters exploiting our thirst for water, with everything from cloudbusters to rainmachines to New Age rituals.

State of the GitHub: Chris Kelly Does the Numbers

timothy posted yesterday | from the git-along-little-hub dept.

Open Source 32

I talked with Chris Kelly of GitHub at last week's LinuxCon about GitHub. He's got interesting things to say about the demographics and language choices on what has become in short order (just six years) one of the largest repositories of code in the world, and one with an increasingly sophisticated front-end, and several million users. Not all of the code on GitHub is open source, but the majority is -- handy, when that means an account is free as in beer, too. (And if you're reading on the beta or otherwise can't view the video below, here's the alternative video link.)

PHP 5.6.0 Released

timothy posted yesterday | from the still-hard-to-pronounce dept.

PHP 112

An anonymous reader writes The PHP team has announced the release of PHP 5.6.0. New features include constant scalar expressions, exponentiation using the ** operator, function and constant importing with the use keyword, support for file uploads larger than 2 GB, and phpdbg as an interactive integrated debugger SAPI. The team also notes important changes affecting compatibility. For example: "Array keys won't be overwritten when defining an array as a property of a class via an array literal," json_decode() is now more strict at parsing JSON syntax, and GMP resources are now objects. Here is the migration guide, the full change log, and the downloads page.

Mozilla Rolls Out Sponsored Tiles To Firefox Nightly's New Tab Page

timothy posted yesterday | from the now-how-much-would-you-pay? dept.

Firefox 168

An anonymous reader writes Mozilla has rolled out directory tiles, the company's advertising experiment for its browser's new tab page, to the Firefox Nightly channel. We installed the latest browser build to give the sponsored ads a test drive. When you first launch Firefox, a message on the new tab page informs you of the following: what tiles are (with a link to a support page about how sponsored tiles work), a promise that the feature abides by the Mozilla Privacy Policy, and a reminder that you can turn tiles off completely and choose to have a blank new tab page. It's quite a lot to take in all at once.

Google Wins $1.3 Million From Patent Troll

timothy posted 2 days ago | from the may-the-bridge-collapse-upon-you-and-your-family dept.

Google 35

An anonymous reader writes Earlier this year, Google sued Beneficial Innovations for breach of contract, ostensibly in defense of its Doubleclick ad technology clients against whom Beneficial Innovations had filed suits despite Google having already paid licensing fees for the technology. Following Google's jury trial win, the company was originally awarded only 'nominal damages of $1 and a judicial order stopping Beneficial from going after more Doubleclick customers.' Now, however, the presiding judge has ruled that Google is entitled to some attorneys' fees in the amount of $1.3 million (PDF).

FBI Investigates 'Sophisticated' Cyber Attack On JP Morgan, 4 More US Banks

timothy posted 2 days ago | from the could-have-been-motivated-by-love dept.

Security 97

Bruce66423 writes with news of an electronic attack believed to affect at least five U.S. banking institutions this month, including JP Morgan, now being investigated by the FBI. According to the Independent, The attack on JP Morgan reportedly resulted in the loss of “gigabytes of sensitive data” that could have involved customer and employee information. It is said to have been of a level of sophistication beyond ordinary criminals, leading to speculation of a state link. The FBI is thought to be investigating whether there is a connection to Russia. American-Russian relations continue to be fraught amid the crisis in Ukraine, with sanctions ramped up. Bruce66423 asks "The quality of the attack, which appears to have led to 'gigabytes' of data being lost, is raising the prospect of a state being the source. The present culprit suggested is Russia... why the assumption it's not China — just because China isn't invading the Ukraine at the moment?" News of the attack is also at the New York Times, which notes Earlier this year, iSight Partners, a security firm in Dallas that provides intelligence on online threats, warned companies that they should be prepared for cyberattacks from Russia in retaliation for Western economic sanctions. But Adam Meyers, the head of threat intelligence at CrowdStrike, a security firm that works with banks, said that it would be “premature” to suggest the attacks were motivated by sanctions.

Indiana University Researchers Get $1 Million Grant To Study Memes

samzenpus posted 2 days ago | from the oh-long-johnson dept.

The Almighty Buck 125

An anonymous reader writes with news that the NSF has just awarded a group of researchers a grant to study the life cycle of memes. "Indiana University is receiving nearly $1 million in federal grant money to investigate the genesis, spread, and demise of Internet memes. The grant from the National Science Foundation awards four Indiana researchers $919,917 to for a project called Truthy that will, as the grant's abstract explains, "explore why some ideas cause viral explosions while others are quickly forgotten." (And yes, in case you're wondering, the name was inspired by Stephen Colbert's neologism "truthiness.") The government-funded research is aimed at identifying which memes are organic and which ones are mere astroturf. "While the vast majority of memes arise in a perfectly organic manner, driven by the complex mechanisms of life on the Web, some are engineered by the shady machinery of high-profile congressional campaigns," Truthy's About page explains."

Euro Bank Santander Commissions Study On Bitcoin's Impact On Banking

timothy posted 2 days ago | from the first-they-commission-a-story-about-you dept.

Bitcoin 50

First time accepted submitter Nikkos (544004) writes Digital currency news website HashReport broke the news Monday that European megabank Santander has commissioned a study to "Analyze the impact of bitcoin and other cryptocurrencies on banks and devise a strategic course of action." The study is being facilitated as a challenge through Yegii, an 'Insight Network' founded by Trond Undheim. Undheim is also a Senior Lecturer at MIT Sloan School of Management, as well as Managing Director at Tautec Consulting. The challenge was initiated by Julio Faura — Head of Corporate development for Banco Santander. According to Dr. Undheim, Faura was "looking for additional outside perspective onto the topic of Bitcoin. While acquiring consulting services from top tier consulting firms can be exciting, he thought that an outsider, multidisciplinary perspective, would be particularly helpful."

Netflix Open Sources Internal Threat Monitoring Tools

timothy posted 2 days ago | from the how-they-watch-you-watching-them dept.

Open Source 20

alphadogg (971356) writes Netflix has released three internal tools it uses to catch hints on the Web that hackers might target its services. "Many security teams need to stay on the lookout for Internet-based discussions, posts and other bits that may be of impact to the organizations they are protecting," wrote Andy Hoernecke and Scott Behrens of Netflix's Cloud Security Team. One of the tools, called Scumblr, can be used to create custom searches of Google sites, Twitter and Facebook for users or keywords.

$33 Firefox Phone Launched In India

samzenpus posted 2 days ago | from the cheaper-by-the-dozen dept.

Mozilla 83

davidshenba writes Intex and Mozilla have launched Cloud FX, a smartphone powered by Mozilla's Firefox OS. The phone has a 1 GHz processor, 2 Megapixel camera, dual SIM, 3.5 inch capacitive touchscreen. Though the phone has limited features, initial reviews say that the build quality is good for the price range. With a price tag of $33 (2000 INR), and local languages support the new Firefox phone is hitting the Indian market of nearly 1 billion mobile users.

New NRC Rule Supports Indefinite Storage of Nuclear Waste

samzenpus posted 2 days ago | from the can-I-leave-this-here? dept.

Government 168

mdsolar writes in with news about a NRC rule on how long nuclear waste can be stored on-site after a reactor has shut down. The five-member board that oversees the Nuclear Regulatory Commission on Tuesday voted to end a two-year moratorium on issuing new power plant licenses. The moratorium was in response to a June 2012 decision issued by the U.S. Court of Appeals for the District of Columbia that ordered the NRC to consider the possibility that the federal government may never take possession of the nearly 70,000 metric tons of spent nuclear fuel stored at power plant sites scattered around the country. In addition to lifting the moratorium, the five-member board also approved guidance replacing the Waste Confidence Rule. "The previous Waste Confidence Rule determined that spent fuel could be safely stored on site for at least 60 years after a plant permanently ceased operations," said Neil Sheehan, spokesman for the NRC. In the new standard, Continued Storage of Spent Nuclear Fuel Rule, NRC staff members reassessed three timeframes for the storage of spent fuel — 60 years, 100 years and indefinitely.

CenturyLink: Comcast Is Trying To Prevent Competition In Its Territories

Soulskill posted 2 days ago | from the my-kingdom-for-a-non-monopoly dept.

The Internet 110

mpicpp sends word that CenturyLink has accused Comcast of restricting competition in the development of internet infrastructure. CenturyLink asked the FCC to block the acquisition of Time Warner Cable to prevent Comcast from further abusing its size and power. For example, Comcast is urging local authorities to deny CenturyLink permission to build out new infrastructure if they can't reach all of a city's residents during the initial buildout. Of course, a full buildout into a brand new market is much more expensive than installing connections a bit at a time. Comcast argues that CenturyLink shouldn't be able to cherry-pick the wealthy neighborhoods and avoid the poor ones. CenturyLink points out that no other ISP complains about this, and says allowing the merger would let Comcast extend these tactics to regions currently operated by Time Warner Cable.

Ask Slashdot: What To Do About Repeated Internet Overbilling?

timothy posted 2 days ago | from the hey-these-guys-did-it-to-me-too dept.

AT&T 349

An anonymous reader writes "AT&T has been overbilling my account based on overcounting DSL internet usage (they charge in 50 gigabyte units after the first 150). I have been using a Buffalo NFinity Airstation as a managed switch to count all traffic. As you may know, this device runs firmware based on dd-wrt and has hidden telnet functionality, so I am able to load a script to count traffic directly onto the device. I have an auto-scraper that collects the data and saves it on my computer's hard disk every two minutes while the computer is running. While it is not running, the 2 minute counters accumulate in RAM on the device. Power problems are not normally an issue here; and even when they are I can tell it has happened. The upshot of all this is I can measure the exact amount of download bandwidth and a guaranteed overestimate of upload bandwidth in bytes reliably. I have tested this by transferring known amounts of data and can account for every byte counted, including ethernet frame headers. AT&T's billing reporting reports usage by day only, lags two days, and uses some time basis other than midnight. It is also reading in my testing a fairly consistent 14% higher whenever the basis doesn't disturb the test by using too much bandwidth too close to midnight.

AT&T has already refused to attempt to fix the billing meter, and asserts they have tested it and found it correct. Yet they refuse to provide a realtime readout of the counter that would make independent testing trivial. I've been through the agencies (CPUC, FCC, and Weights & Measures) and can't find one that is interested, AT&T will not provide any means for reasonable independent testing of the meter. It is my understanding that if there is a meter and its calibration cannot be checked, there is a violation of the law, yet I can't find an agency that can even accept such a claim (I'm not getting "your claim is meritless", but "we don't handle that"). If indeed they are not overbilling, my claim of no way to verify the meter still stands. My options are running thin here. So that my account can be identified by someone who recognizes the case: 7a6c74964fafd56c61e06abf6c820845cbcd4fc0 (bit commitment).

GOG Introduces DRM-Free Movie Store

Unknown Lamer posted 2 days ago | from the am-I-dreaming? dept.

Businesses 126

Via Engadget comes news that GOG, the DRM-free game store platform, has launched a DRM-free movie store. The initial set of movies are gamer oriented, and you won't find major studio releases (yet, and not for a lack of trying on the part of GOG). From GOG: Our goal is to offer you cinema classics as well as some all-time favorite TV series with no DRM whatsoever, for you to download and keep on your hard drive or stream online whenever you feel like it. We talked to most of the big players in the movie industry and we often got a similar answer: "We love your ideas, but we do not want to be the first ones. We will gladly follow, but until somebody else does it first, we do not want to take the risk". DRM-Free distribution is not a concept their lawyers would accept without hesitation.

We kind of felt that would be the case and that it's gonna take patience and time to do it, to do it, to do it right. That's quite a journey ahead of us, but every gamer knows very well that great adventures start with one small step. So why not start with something that feels very familiar? We offer you a number of gaming and Internet culture documentaries - all of them DRM-Free, very reasonably priced, and presenting some fascinating insight into topics close to a gamer's heart.
Videos are mostly 1080p (~8GB for a 90 minute film) and can be acquired for about $6. They're using h.264/mp4 and not VP9/Matroska, but you can't have everything ;). If you don't want to download that much data, it looks like all of the videos are also available in 720p and 576p.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>