By EditorDavid from Slashdot's window-frames department
Gnome contributor Tobias Bernard is on a crusade against title bars -- "the largely empty bars at the top of some application windows [that] contain only the window title and a close button." Instead he wants to see header bars -- "a newer, more flexible pattern that allows putting window controls and other UI elements in the same bar." Tobias Bernard writes:
Header bars are client-side decorations (CSD), which means they are drawn by the app rather than the display server. This allows for better integration between application and window chrome. All GNOME apps (except for Terminal) have moved to header bars over the past few years, and so have many third-party apps. However, there are still a few holdouts.
He's announcing the CSD Initiative, "an effort to get apps (both GNOME and third-party) to drop title bars and adopt GNOME-style client-side decorations... The only way to solve this problem long-term is to patch applications upstream to not use title bars. So this is what we'll have to do."
Talk to the maintainers and convince them that this is a good idea
Do the design work of adapting the layout and make mockups
Figure out what is required at a technical level
Actually implement the new layout and get it merged
Implementation is already in progress for Firefox, though it has not yet been started for other high-priority apps like LibreOffice, GNOME Terminal, and Skype. "If you want to help with any of the above tasks," writes Tobias, "come talk to us on #gnome-design on IRC/Matrix."Read Replies (0)
By EditorDavid from Slashdot's wrongfully-accused department
Long-time Slashdot reader kbahey writes:
Can a single pixel cost you your livelihood and/or freedom? Apparently, this has already happened in Turkey to thousands of people and their relatives. It all stems from the purge by president Edrogan following a failed coupe. The result is that many innocent people lost their jobs (and source of income), their freedom, their reputation, and more.
The details are frightening. The underlying technology is the use of 1x1 transparent pixels, as most web sites do, to track their visitors. This particular pixel was used by Bylock, a messaging app that the Turkish government deemed seditious, in their purge against Fethullah Gulen loyalists. Pre-dawn raids by police were conducted on those who have this pixel. The long legal proceedings caused a digital forensic expert to challenge those cases, because [the pixel using] the servers for Bylock was also being used by other applications for music streaming, and prayer times/direction of Mecca.
30,000 innocent people may have been swept up among the 150,000 Turks detained, arrested or forced from their jobs under state of emergency decrees since the summer of 2016. One 29-year-old high school teacher "wished the worst" for the revolutionaries accused of using Bylock, "until authorities said he was one of them."
The government eventually exonerated 11,480 of the wrongly accused, but some had already spent months in prison, and reportedly some even committed suicide.Read Replies (0)
By EditorDavid from Slashdot's I-spy department
Long-time Slashdot readers Agilulf, Sara Chan, and wiredmikey -- plus an anonymous reader -- all submitted the same story. Agilulf writes:
Dutch hackers from AIVD (their intelligence agency) infiltrated Russian hackers, had access to their CCTV system, and followed them for more than a year, watched their attack on the DNC, provided the proof to the U.S. intelligence community that Russia was behind those hacks and the stolen emails, and were disappointed with the response from the U.S.
The Dutch agents also watched Russian agents breach a non-classified network at the U.S. State Department in 2014, where the Russians then sent a phishing email to the White House, successfully stole login credentials, and then accessed email from embassies and diplomats.
"Three American intelligence services state with 'high confidence' that the Kremlin was behind the attack on the Democratic Party," according to the article, which adds that that certainty "is derived from the AIVD hackers having had access to the office-like space in the center of Moscow for years."Read Replies (0)
By EditorDavid from Slashdot's crimes-for-cryptocurrency department
An anonymous reader writes:
"I will be short. I've got an order to kill you," the note said, demanding $2,800 in U.S. dollars or Bitcoin. "I switched from being upset about it to, 'I need to get the word out'," one of its targets told a local newscaster. They filed a report through the FBI's web site.
"If only 1% of people send money -- there's no overhead for them; that's money in the bank," one FBI agent tells the news team. A quick Google search finds recent reports of two nearly identical threats using the same text.
"I have been thinking for a long time whether it is worth sending this notice, and decided that you still have the right to know... I've got an order to kill you, because some of your activity causes trouble to several people... I decided to break some rules, as this will be my final order... As soon as I receive the funds, I will forward you the name of the man [this] order came from, and all other information I have."Read Replies (0)
By EditorDavid from Slashdot's fake-stars department
A private satellite company launched a three-foot-wide, carbon-fiber orb called the Humanity Star into the sky last week. Rocket Lab has promised the Humanity Star will be "the brightest thing in the sky," presumably other than the sun. The orb will reflect light from the sun back to Earth to achieve this effect. It's expected to orbit the Earth once every 90 minutes for the next nine months before it falls out of the sky and burns up in the atmosphere. The reaction on social media has been largely swift and scornful...
The stated goal of the project, at least, seems admirable: "No matter where you are in the world, rich or in poverty, in conflict or at peace, everyone will be able to see the bright, blinking Humanity Star orbiting Earth in the night sky," Rocket Lab CEO Peter Beck said in a statement on the project's website. "Wait for when the Humanity Star is overhead, and take your loved ones outside to look up and reflect. You may just feel a connection to the more than 7 billion other people on this planet we share this ride with."
Slashdot reader dmoberhaus writes that "astronomers are annoyed by what they perceive as just another piece of space junk getting in the way."
"Wow. Intentionally bright long-term space graffiti. Thanks a lot Rocket Lab," complained an astronomer at the California Institute of Technology. And one New Zealand journalist accused Rocket Lab of "vandalising the night sky with shiny space rubbish."Read Replies (0)
By EditorDavid from Slashdot's like-a-bad-penny department
jwhyche, Slashdot reader #6,192, writes:
If you bought some illegal narcotics off Silk Road or even gave money to Wikileaks. Researchers at Qatar University and Hamad Bin Khalifa University have been able to link these transactions with real world identities. They have been able to do this even if the transactions are years old. Their research shows how easy it is to link accounts to these transactions without using any of the tools available to law enforcement like search warrants or subpoenas.
The researchers started with 88 unique bitcoin addresses from Tor hidden services, and then searched 5 billion tweets and 1 million pages on the Bitcoin Talk forum -- ultimately linking 125 unique users to 20 Tor hidden services. "Bitcoin addresses should always be considered exploitable," the researchers conclude, "as they can be used to deanonymize users retroactively."
Their paper is titled "When a Small Leak Sinks a Great Ship: Deanonymizing Tor Hidden Service Users Through Bitcoin Transactions Analysis," and Wired summarizes one of their conclusions. "Even deleting profile information that includes bitcoin addresses may not be enough if a post has been cached or captured by services like the Internet Archive, they point out. 'If you're vulnerable now, you're vulnerable in the future.'"Read Replies (0)
By EditorDavid from Slashdot's halt-who-goes-there department
An anonymous reader quotes CSO:
"The strategy around Zero Trust boils down to don't trust anyone. We're talking about, 'Let's cut off all access until the network knows who you are. Don't allow access to IP addresses, machines, etc. until you know who that user is and whether they're authorized,'" says Charlie Gero, CTO of Enterprise and Advanced Projects Group at Akamai Technologies in Cambridge, Mass... The Zero Trust model of information security basically kicks to the curb the old castle-and-moat mentality that had organizations focused on defending their perimeters while assuming everything already inside didn't pose a threat and therefore was cleared for access. Security and technology experts say the castle-and-moat approach isn't working. They point to the fact that some of the most egregious data breaches happened because hackers, once they gained access inside corporate firewalls, were able move through internal systems without much resistance...
< article continued at Slashdot's halt-who-goes-there department
>Read Replies (0)
By EditorDavid from Slashdot's I'm-feeling-private department
An anonymous reader quotes the Verge:
DuckDuckGo is launching updated versions of its browser extension and mobile app, with the promise of keeping internet users safe from snooping "beyond the search box." The company's flagship product, its privacy-focused search engine, will remain the same, but the revamped extension and app will offer new tools to help users keep their web-browsing as safe and private as possible. These include grade ratings for websites, factoring in their use of encryption and ad tracking networks, and offering summaries of their terms of service (with summaries provided by third-party Terms of Service Didn't Read). The app and extension are available for Firefox, Safari, Chrome, iOS, and Android.
The ability to block ad tracking networks is probably the most important feature here. These networks are used by companies like Google and Facebook to follow users around the web, stitching together their browsing history to create a more accurate profile for targeted advertising.
DuckDuckGo calls it "a major step to simplify online privacy," adding that without it, "It's hard to use the Internet without it feeling a bit creepy -- like there's a nosey neighbor watching everything you do from across the street."Read Replies (0)
By EditorDavid from Slashdot's along-for-the-ride department
Cory Doctorow writes:
Millions of new cars sold in the US and Europe are "connected," having some mechanism for exchanging data with their manufacturers after the cars are sold; these cars stream or batch-upload location data and other telemetry to their manufacturers, who argue that they are allowed to do virtually anything they want with this data, thanks to the "explicit consent" of the car owners -- who signed a lengthy contract at purchase time that contained a vague and misleading clause deep in its fine-print.
Slashdot reader Luthair adds that "OnStar infamously has done this for some time, even if the vehicle's owner was not a subscriber of their services." But now 78 million cars have an embedded cyber connection, according to one report, with analysts predicting 98% of new cars will be "connected" by 2021. The Washington Post calls it "Big Brother on Wheels."
"Carmakers have turned on a powerful spigot of precious personal data, often without owners' knowledge, transforming the automobile from a machine that helps us travel to a sophisticated computer on wheels that offers even more access to our personal habits and behaviors than smartphones do."Read Replies (0)
By EditorDavid from Slashdot's Bug-hunt-at-outpost-nine department
The Guardian quotes Paul Verhoeven, the director of Starship Troopers:
Robert Heinlein's original 1959 science-fiction novel was militaristic, if not fascistic. So I decided to make a movie about fascists who aren't aware of their fascism... I was looking for the prototype of blond, white and arrogant, and Casper Van Dien was so close to the images I remembered from Leni Riefenstahl's films. I borrowed from Triumph of the Will in the parody propaganda reel that opens the film, too. I was using Riefenstahl to point out, or so I thought, that these heroes and heroines were straight out of Nazi propaganda...
With a title like Starship Troopers, people were expecting a new Star Wars. They got that, but not really: it stuck in your throat. It said: "Here are your heroes and your heroines, but by the way -- they're fascists."
The actors weren't even clear on what the giant arachnids would look like, since their "Bug" battles were filmed entirely with green screens, remembers one of the movie's stars, Denise Richards. Instead Verhoeven "would be there jumping up and down with a broom in the air so we would have a sense of how big they were."
Verhoeven told one interviewer that he never actually read Robert Heinlein's original book. "I stopped after two chapters because it was so boring. It is really quite a bad book."Read Replies (0)
By EditorDavid from Slashdot's loving-languages department
An anonymous reader quotes InfoWorld:
The survey involved 39,441 developers, and concluded that "Python ruled among all age groups," according to Application Development Trends, "except for those 55 years or older, who narrowly prefer C."Read Replies (0)
By EditorDavid from Slashdot's violence-and-video-games department
A newly-released affidavit reveals that money was at stake in a game of Call Of Duty: World War II which led to the fatal real-life police shooting of Andrew Finch. The Wichita Eagle reports:
Investigators learned that Shane Gaskill, who lives in Wichita, was involved in an online video game with other people when he accidentally [virtually] shot and killed one of his teammates in the online game. The teammate who was killed in the game became "extremely upset" and began talking trash to Gaskill, the affidavit says. The dispute escalated until the teammate, who the document identifies as Casey Viner of North College Hill, Ohio, threatened via Twitter to "SWATT" Gaskill, according to the affidavit. Gaskill replied, "Please try some s---." He then posted the address...
Viner "is considered a suspect in several 'swatting' incidents in Cincinnati," reports the Los Angeles Times, adding that prosecutors are still deciding whether these two gamers should also face criminal charges.
Meanwhile, Kansas officials have been informed that the third gamer who actually made the phone call, 25-year-old Tyler Barriss, matches the voice on a fake 2015 bomb threat, and is already the subject of an open investigation by an FBI Joint Terrorism Task Force.Read Replies (0)
By BeauHD from Slashdot's under-the-hood department
An anonymous reader quotes a report from CNBC: Tesla's problems with battery production at the company's Gigafactory in Sparks, Nevada, are worse than the company has acknowledged and could cause further delays and quality issues for the new Model 3, according to a number of current and former Tesla employees. These problems include Tesla needing to make some of the batteries by hand and borrowing scores of employees from one of its suppliers to help with this manual assembly, said these people. Tesla's future as a mass-market carmaker hinges on automated production of the Model 3, which more than 400,000 people have already reserved, paying $1,000 refundable fees to do so. The company has already delayed production, citing problems at the Gigafactory. On Nov. 1, 2017, CEO Elon Musk assured investors in an earnings call that Tesla was making strides to correct its manufacturing issues and get the Model 3 out. But more than a month later, in mid-December, Tesla was still making its Model 3 batteries partly by hand, according to current engineers and ex-Tesla employees who worked at the Gigafactory in recent months. They say Tesla had to "borrow" scores of employees from Panasonic, which is a partner in the Gigafactory and supplies lithium-ion battery cells, to help with this manual assembly. Tesla is still not close to mass producing batteries for the basic $35,000 model of this electric sedan, sources say.Read Replies (0)
By BeauHD from Slashdot's land-before-time department
Archaeologists in Israel have discovered the oldest fossil of a modern human outside Africa, suggesting that humans first migrated out of the content much earlier than previously believed. NPR reports: The scientists were digging in a cave called Misliya, on the slopes of Mount Carmel on the northern coast of Israel. "The cave is one of a series of prehistoric caves," says Mina Weinstein-Evron of the Zinman Institute of Archaeology at the University of Haifa, who led the team. "It's a collapsed cave, but people lived there before it collapsed." The cave had been occupied for several hundred thousand years, she says. All the archaeological evidence suggested that the ancient people who lived in the cave were hunter-gatherers. "They were hunting animals, mainly ungulates, like fallow dear, gazelle, aurochs [an extinct species of wild cattle] and other small animals," says Weinstein-Evron. "They built fireplaces throughout the length of the cave, again and again, in the same place, in the same sort of defined arrangement." Weinstein-Evron says she and her team wanted to find out which species of ancient humans lived in the cave. So, she says, they kept digging. "And among the animal bones and flint tools we found a jawbone, an upper jawbone of an individual," she says. A detailed analysis of the jawbone and the teeth confirmed that it indeed belonged to someone of our species, Homo sapiens. And when they dated the fossil, it turned out to be between 177,000 and 194,000 years old, making it the oldest known such fossil outside the African continent.Read Replies (0)
By BeauHD from Slashdot's here-we-go-again department
In October 2017, a researcher caught OnePlus silently collecting all sorts of data from its users. Now, a new report says that there's still a OnePlus app that can grab data from the phone and send it to servers in China without a user's knowledge or express consent. BGR reports: The French security researcher hiding behind the name Elliot Alderson on Twitter detailed OnePlus's data collection practices back in October, and he has now discovered a strange file in the OnePlus clipboard app. A Badword.txt file contains various keywords, including "Chairman, Vice President, Deputy Director, Associate Professor, Deputy Heads, General, Private Message, shipping, Address, email," and others. The file is then duplicated in a zip file called pattern alongside six other .txt files. All these files are apparently used in "in an obfuscated package which seems to be an #Android library from teddymobile." Now, TeddyMobile is a Chinese company that works with plenty of smartphone makers from China. The company seems to be able to recognize words and numbers in text messages. And OnePlus is apparently sending your phone's IMEI number to a TeddyMobile server, too. It looks like the TeddyMobile package might be able to grab all sorts of data from a phone. Even bank numbers are apparently recognized. OnePlus has yet to issue a statement on the matter.Read Replies (0)
By BeauHD from Slashdot's promise-is-a-promise department
Last December, Boring Company CEO Elon Musk promised to sell a Boring Company-branded flamethrower after selling 50,000 Boring Company hats. Well, sure enough, 50,000 hats were sold and Musk is delivering on his promise. The Verge reports: Mark this down as one of the promises Elon delivers on, apparently, because it looks like the Boring Company flamethrower is here. Redditors in a few SpaceX, Boring Company, and Musk-related subreddits noticed earlier this week that the URL "boringcompany.com/flamethrower" started redirecting to a page with a password box. And at least one user was able to guess the original password, too: "flame." (It's since been changed.) Behind that password was a shop page that looks just like the one for The Boring Company's hat. But instead of a $20 cap, they found a preorder prompt for a $600 flamethrower. "Prototype pictured above," the listing reads. "Final production flamethrower will be better."Read Replies (0)