By EditorDavid from Slashdot's insecurity-complex department
An anonymous reader shares a story about Dejan Ornig, a security analyst in Slovenia who warned the Slovenian police department about vulnerabilities in their supposedly secure communication system TETRA in 2013. (Here's Google's English translation of the article, and the Slovenian original.)
He discovered that the system, which was supposed to provide encrypted communication, was incorrectly configured. As a result lots of communication could be intercepted with a $25 piece of equipment and some software. To make matters worse, the system is not used just by the police, but also by the military, military police, IRS, Department of Corrections and a few other governmental institutions which rely on secure communications. After waiting for more than two years for a reaction, from police or Ministry of Interior and getting in touch with security researchers at the prestigious institute Jozef Stefan, he eventually decided to go public with his story... The police and Ministry of interior then launched an internal investigation, which then confirmed Ornig's findings and revealed internal communications problems between the departments... Ornig has been subject to a house search by the police, during which his computers and equipment that he used to listen in on the system were seized. Police also found a "counterfeit police badge" during the investigation. All along Ornig was offering his help with securing the system.
On May 11th Ornig received a prison sentence of 15 months suspended for duration of three years, provided that he doesn't repeat any of the offenses for which he was found guilty (illegal access of the communications system). He can appeal this judgment.Read Replies (0)
By EditorDavid from Slashdot's nasty-sunburn department
An anonymous reader writes:"The world's largest solar plant just torched itself," read the headline at Gizmodo, reporting on a fire Thursday at the Ivanpah Solar Electric Generating System. Built on 4,000 acres of public land in the Mojave Desert, the $2.2 billion plant "has nearly 350,000 computer controlled mirrors -- each roughly the size of a garage door," according to the Associated Press, which reports that misaligned mirrors focused the sunlight on electrical cables, causing them to burst into flames, according to the local fire department. The facility was temporarily shut down, and the fire damaged one of the facility's three towers, according to the Associated Press, while another tower is closed for maintenance, "leaving the sprawling facility on the California-Nevada border operating at only a third of its capacity." The New York Times reported that by 2011 Google had invested $168 in the facility.Read Replies (0)
By manishs from Slashdot's man-made-rain-is-so-yesterday department
A startup called Star-ALE wants to create a man-made meteor shower over the city of Tokyo for the 2020 Olympics opening ceremonies. The pyrotechnics show, Star-ALE says, will be visible from an area 200km across Japan, and the pyrotechnics will actually shower from space. Starting next year, Star-ALE will begin sending a fleet of microsatellites carrying 500 to 1000 specially-developed pellets that ignite and intensely glow as they re-enter the earth's atmosphere. ScienceAlert reports: But wonderment comes at a cost, and in this case, that cost isn't cheap. Each combustible pellet comes in at about $8,100 to produce, and that's not including the costs involved in actually launching the Sky Canvas satellite. The company has tested its source particles in the lab, using a vacuum chamber and hot gases to simulate the conditions the pellets would encounter upon re-entering Earth's atmosphere. In its testing, the particles burn with an apparent magnitude of -1, which should ensure they're clearly visible in the night sky, even in the polluted skyline of a metropolis like Tokyo.Read Replies (0)
By manishs from Slashdot's big-polluting-machine department
An anonymous reader cites a report on the Guardian: When the gargantuan Harmony of the Seas slips out of Southampton docks on Sunday afternoon on its first commercial voyage, the 16-deck-high floating city will switch off its auxiliary engines, fire up its three giant diesels and head to the open sea. But while the 6,780 passengers and 2,100 crew on the largest cruise ship in the world wave goodbye to England, many people left behind in Southampton say they will be glad to see it go. They complain that air pollution from such nautical behemoths is getting worse every year as cruising becomes the fastest growing sector of the mass tourism industry and as ships get bigger and bigger. According to its owners, Royal Caribbean, each of the Harmony's three four-storey high 16-cylinder Wartsila engines will, at full power, burn 1,377 US gallons of fuel an hour, or about 96,000 gallons a day of some of the most polluting diesel fuel in the world.Read Replies (0)
By EditorDavid from Slashdot's wait,-what? department
An anonymous reader writes: Open Source advocate Jack Wallen is a writer for Linux.com and Tech Republic. He predicts that both Windows and OS X will be Open Source within 5 years, writing that "neither Microsoft nor Apple make serious money from operating systems any longer" (with both companies giving away major OS upgrades), but argues that smaller software companies still see close-sourced code as a profit center. So yesterday Wallen wrote a surprising column urging Linux fans to begin considering closed-source software.
"That doesn't mean, in any way, you are giving up on the idea of freedom. What it means is that the best tool for the job is the one you should be using...be that open, closed, or somewhere in between. Should you close your mind to close sourced tools, you could miss out on some seriously amazing applications. On top of that (and this is something I've harped on for decades), the more you use closed source applications on open source environments, the more will be made available."
I'd be curious to hear how many Slashdot readers agree with Mr. Wallen...Read Replies (0)
By manishs from Slashdot's unhealthy-perspective department
At its I/O developer conference, Google had the message "Eat. Sleep. Code. Repeat." spread everywhere -- walls, t-shirts you name it. Dan Kim, a programmer at Basecamp, has shared an interesting view on the same. He says while he gets the "coding is awesome and we want to do it all the time!" enthusiasm from the company, but he doubts if that's the approach a programmer should take, adding that the company is wittingly or not promoting an "unhealthy perspective that programming is an all or nothing endeavor -- that to excel at it, you have to go all in." He writes: Whether it's racing cars, loving art, reading, hiking, spending time in nature, playing with their dog, running, gardening, or just hanging out with their family, these top-notch programmers love life outside of code. That's because they know that a truly balanced lifestyle -- one that gives your brain and your soul some space to breath non-programming airâS -- actually makes you a better programmer. Life outside of code helps nurture important qualities: inspiration, creative thinking, patience, flexibility, empathy, and many more. All of these skills make you a better programmer, and you can't fully realize them by just coding.Read Replies (0)
By EditorDavid from Slashdot's changing-your-mind department
An anonymous reader writes that in 2014, Geoffrey Stone was given access to America's national security apparatus as a member of the President's Review Group on Intelligence and Communications Technologies. Last week Stone, a staunch civil liberties supporter, moderated a live discussion with Edward Snowden from Russia, and this week he actually praised the NSA in a follow-up interview:
"The more I worked with the NSA, the more respect I had for them as far as staying within the bounds of what they were authorized to do. And they were careful and had a high degree of integrity... I came to the view that [the programs] were well intentioned, that they were designed in fact to collect information for the purpose of ferreting out potential terrorist plots both in the U.S. and around the world and that was their design and purpose...
"I don't doubt that Snowden was courageous and did what he did for what he thought were good reasons. But I think he was unduly arrogant, didn't understand the limitations of his own knowledge and basically decided to usurp the authority of a democracy."
Meanwhile, a new documentary about Julian Assange opened at the Cannes film festival this week, revisiting how Wikileaks warned Apple that iTunes could be used as a backdoor for spies to infiltrate computers and phones.Read Replies (0)
By EditorDavid from Slashdot's missing-millions department
An anonymous reader writes: The Daily Beast is investigating internal emails, contracts, and new information provided by a former accounting employee at Mt. Gox for clues about how and why the world's largest bitcoin exchange failed in 2014. They conclude that CEO Mark Karpeles "bought a company already missing tens of thousands of bitcoins" in 2011, leading to an email exchange a few months later where the previous owner suggested ways to make up the $800,000 shortfall. Unfortunately, Karpeles "had signed a non-disclosure agreement that left him unable to discuss the loss," and after a second larger hack, he moved the majority of bitcoins offline into "cold storage," leaving only enough online to complete transactions.
According to the article, former Mt. Gox employees "claim rogue U.S. government agents seized $5 million of Mt. Gox funds in summer 2013 in retaliation for Karpeles's refusal to cooperate with them. This seizure supposedly cut into the firm's operating reserves, which may have been the beginning of the end, at least according to the former Mt. Gox accountant."
While $450 million eventually disappeared, Thursday ZDNet reported that a class-action lawsuit brought against the bitcoin exchange by investors "has been dismissed."Read Replies (0)
By manishs from Slashdot's taking-a-stand department
Microsoft has updated its anti-terrorism policies. In a blog post, the Redmond, Washington-based company said that it would remove "terrorist content" from a fleet of its services including OneDrive, Outlook and Xbox Live, reports BetaNews. For its search engine Bing, however, Microsoft says that it would only remove links when it is required by local law, citing free expression for all. The company adds that it would fund research for a tool that could help it better scan such content and flag image, audio and video. From company's blog post: There is no universally accepted definition of terrorist content. For purposes of our services, we will consider terrorist content to be material posted by or in support of organizations included on the Consolidated United Nations Security Council Sanctions List that depicts graphic violence, encourages violent action, endorses a terrorist organization or its acts, or encourages people to join such groups. The UN Sanctions List includes a list of groups that the UN Security Council considers to be terrorist organizations.Read Replies (0)
By EditorDavid from Slashdot's clear-skies-initiative department
With the announcement of Google Home on Wednesday, one anonymous Slashdot reader asks a timely question about cloud-based "remote control" services that feed information on your activities into someone else's advertising system:
In principle, this should not be the case, but it is in practice. So how hard is it, really, to do 'home automation' without sending all your data to Google, Samsung, or whoever -- just keep it to yourself and share only what you want to share? How hard would it be, for instance, to hack a Nest thermostat so it talks to a home server rather than Google?
Or is there something already out there that would do the same thing as a Nest but without 'the cloud' as part of the requirement? Yes, a standard programmable thermostat does 90% of what a Nest does, but there are certain things that it won't do like respond to your comings and goings at odd hours, or be remotely switchable to a different mode (VPN to your own server from your phone and deal with it locally, perhaps?) Fundamentally, is there a way to get the convenience and not expose my entire life and home to unknown actors who by definition (read the terms of service) do not have my best interest in mind? Yesterday one tech company asked its readers, "What company do you trust most to always be listening inside your home?" The winner was "nobody", with 63% of the votes -- followed by Google with 16%, and Apple with 13%. (Microsoft scored just 3%, while Amazon scored 2%.) So share your alternatives in the comments. What's the best way to set up home automation without sending data into the cloud?Read Replies (0)