By manishs from Slashdot's security-woes department
Joseph Cox, reporting for Motherboard: Medium has become the go-to home for extended blog posts from researchers, CEOs, and even the President of the United States. Now, one hacker has found a way to edit or delete any post on the publishing platform. "I tried to think of different possibilities or testing cases on how can I delete a story of any user. And fortunately, I found a severe bug," Philippines-based freelance penetration test and bug bounty hunter Allan Jay Dumanhug told Motherboard in an email. The trick, Dumanhug explained in a blog post published at the end of last month, centres around Medium's "Publications" feature. Users can create their own publications -- perhaps a page dedicated to infosec news, for example -- and then request to add other users' posts to it. Each post on Medium is given its own unique, 12-character identifier code. The person who authored the post has to approve that request, otherwise their story doesn't go anywhere. But Dumanhug found that while adding his own story to his own publication, he could intercept the HTTP request and simply change the identifier to that of another post.Read Replies (0)
By manishs from Slashdot's gotta-catch-them-all department
Who would have thought that Nintendo will ever make a strong return to the market... especially with an app that is not designed for company's signature hardware. But that is exactly what has happened. Shares in Nintendo soared again on Monday, according to a report on Reuters, bringing market-value gains to $7.5 billion in just two days as investors cheered the runaway success of Pokemon Go, the company's first long-awaited title in mobile gaming. From the report: The game, which marries a classic 20-year old franchise with augmented reality, allows players to walk around real-life neighbourhoods while seeking virtual Pokemon game characters on their smartphone screens - a scavenger hunt that has earned enthusiastic early reviews. In the United States, by July 8 -- two days after its release -- it was installed on more than 5 percent of Android devices in the country, according to web analytics firm SimilarWeb. It is now on more Android phones than dating app Tinder and its rate of daily active users was neck and neck with social network Twitter, the analytics firm said. The game is also being played an average of 43 minutes a day, more time spent than on WhatsApp or Instagram, it added. Update: 07/11 11:03 GMT by M :A report on Quartz states that Pokemon Go has added nearly 11 billion USD to the value of Nintendo since its release.Read Replies (0)
By manishs from Slashdot's coming-to-terms-with-it department
An anonymous reader shares a Quartz report: The job site Indeed.com found Silicon Valley's hold on tech workers is slipping as opportunities, and the cost of living, changes the equation for living and working in one of the priciest places in the country. "There is more opportunity for tech professionals in more places than ever before," wrote Terence Chiu, vice president of Indeed Prime by email, citing cities such as Austin, Boston, Seattle, and New York City. "Obviously the San Francisco Bay remains the largest tech hub [but] what has made it so attractive has also made it expensive." Indeed's most recent survey of professional tech workers found more than 66% of tech workers say living and working in Silicon Valley is either "not that important" or "not at all important" for a career in technology. Just 12% consider it "very important." Opinions were split on generational lines. About half of millennial tech workers say it's important (26.5%) or very important (19%), but the number declined to 10.2% among the Boomer generation. "Seasoned talent is often searching for opportunity elsewhere," stated the report. New employees may see the high cost of living as an acceptable tradeoff for building up a reputation and experience in the Bay Area, but that seems to fade over time.Recently, Google co-founder Sergey Brin advised people to not come to Silicon Valley to start a business for the very same reasons.Read Replies (0)
By EditorDavid from Slashdot's what's-up,-doc? department
Slashdot reader schwit1 quotes an article from the New York Times: Something strange is going on in medicine. Major diseases, like colon cancer, dementia and heart disease, are waning in wealthy countries, and improved diagnosis and treatment cannot fully explain it...it looks as if people in the United States and some other wealthy countries are, unexpectedly, starting to beat back the diseases of aging. The leading killers are still the leading killers -- cancer, heart disease, stroke -- but they are occurring later in life, and people in general are living longer in good health.
The Times cites one researcher's pet theory" that the cellular process of aging itself may be gradually changing in humans' favor.Read Replies (0)
By EditorDavid from Slashdot's war-games department
Slashdot reader alphadogg quotes an article from Network World:
The new documentary about Stuxnet, "Zero Days", says the U.S. had a far larger cyber operation against Iran called Nitro Zeus that has compromised the country's infrastructure and could be used as a weapon in any future war. Quoting unnamed sources from inside the NSA and CIA, the movie says the Nitro Zeus program has infiltrated the systems controlling communications, power grids, transportation and financial systems, and is still ready to "disrupt, degrade and destroy" that infrastructure if a war should break out with Iran...
For the more technically inclined, the film contains some riveting interviews with researchers at Symantec who devoted their lives to unraveling the code line by line to figure out what it did, how it did it, who created it and what the target was. It was also a bit chilling in that after they figured out that governments were behind the worm they worried that the researchers themselves might be targeted to keep them silent. One Friday night, says Symantec researcher Eric Chien, he said to his research partner Liam O Murchu, "I'm not suicidal. If I should show up dead on Monday, it wasn't me."
In the film former NSA and CIA director Gen. Michael Hayden says "This stuff is hideously over classified."Read Replies (0)
By EditorDavid from Slashdot's forking-your-coding department
An anonymous Slashdot reader writes:
I always see a lot of different opinions about programming languages, but how much choice do you really get to have over which language to use? If you want to develop for Android, then you're probably using Java...and if you're developing for iOS, then you've probably been using Swift or Objective-C. Even when looking for a job, all your most recent job experience is usually tied up in whatever language your current employer insisted on using. (Unless people are routinely getting hired to work on projects in an entirely different language than the one that they're using now...)
Maybe the question I really want to ask is how often do you really get to choose your programming languages... Does it happen when you're swayed by the available development environment or intrigued by the community's stellar reputation, or that buzz of excitement that keeps building up around one particular language? Or are programming languages just something that you eventually just fall into by default?
Leave your answers in the comments. How often do you switch programming languages?Read Replies (0)
By EditorDavid from Slashdot's we-are-the-FBI department
A federal grand jury has indicted "KYAnonymous" -- more than three years after FBI agents raided and searched his home -- and charged him under the Computer Fraud and Abuse Act. An anonymous Slashdot reader quotes an article from Ars Technica:
After The New York Times published an account [late in 2012] of a horrific rape against a teenage girl in Steubenville, Ohio, an online vigilante campaign was started...the campaign targeted local officials who the vigilantes felt weren't prosecuting the rape investigation seriously because the alleged perpetrators were high school football players... Two teenage boys ended up being charged, and when the case went to trial in March 2013, the two were convicted of rape and sentenced to one to two years in prison.
The indictment says Deric Lostutter "knowingly and intentionally joined and voluntarily participated in a conspiracy" to "harass and intimidate and to gain publicity for their online identities," according to the Lexington Herald-Leader. "If convicted in the Kentucky case, Lostutter could face a maximum penalty of 16 years in prison (no more than five years on each of three counts, and one year on a fourth)..."
"The federal search warrant of Lostutter's home listed 'Guy Fawkes masks' among the items agents were looking for."Read Replies (0)
By EditorDavid from Slashdot's lame-duck-legislation department
An anonymous Slashdot reader writes:
"The TPP is simply bad for tech users and innovators," writes the Electronic Frontier Foundation, arguing the proposed trade agreement for the Pacific Rim "exports the most onerous parts of U.S. copyright law and prevents the U.S. from improving them in the future, while failing to include the balancing provisions that work for users and innovators, such as fair use." At a press conference, the EFF delivered 210,000 signatures gathered in conjunction with other activist groups "to call on Democratic Party Leader Nancy Pelosi to stop the Trans-Pacific Partnership from going to a vote during the 'lame duck' session of Congress following the November election."
More signatures are still being collected online, to be delivered on July 21. In a statement, the EFF adds that the TPP also "does nothing to safeguard the free and open Internet, by including phony provisions on net neutrality and encryption, trade secrets provisions that carry no exceptions for journalism or whistleblowing, and a simplistic ban on data localization...to buy off big tech."Read Replies (0)
By EditorDavid from Slashdot's dear-Silicon-Valley department
An anonymous reader write: To address the problem of motorists killed by police officers, Shervin Pishevar, the Iranian-born VC who backed Uber, is suggesting an app that allows police officers to communicate with motorists during traffic stops without either party leaving their vehicles. USA Today reports that Pishevar "says he has slept very little in the past 48 hours as he seeks input from law enforcement, software engineers and designers, lawmakers and from community members," and he's now working with former New York City police commissioner. Engadget has criticized Pishevar's proposal, writing "Dear Silicon Valley, not everything can be solved with apps."
At midnight on Friday, Uber also shut down their service for one minute "to create a moment of reflection for the Uber Community,", and also added a peace sign to their app, encouraging its users to "take a moment to think about what we can do to help," and changed the countdown for the arrival of a car into the amount of time left "to reflect on gun violence".Read Replies (0)
By EditorDavid from Slashdot's Gotham-City department
Slashdot reader HughPickens.com shares an article from the New York Times: The town of North Hempstead on Long Island has approved the construction of bat houses in several parks to attract more bats to the area because despite their less-than-desirable reputation, bats possess a remarkable ability to control insects, especially disease-carrying mosquitoes. "Bats can eat up to 1,000 mosquitoes per hour," says Judi Bosworth. "That's extraordinary. A pesticide couldn't do that." As mosquito season heats up, bringing with it the threat of the West Nile and Zika viruses, the bats make very welcome neighbors.
[T]he Asian tiger mosquito is found on Long Island and is capable of transmitting Zika in a laboratory setting, and as of October, 490 cases of West Nile and 37 deaths resulting from it have been recorded in New York since 2000. "If you minimize the mosquito population you minimize the possible incidence of the Zika virus," says Larry Schultz. "If you reduce the mosquito population, you make parks more accessible."
"Bats really have been very maligned," says Bosworth -- noting they don't really swoop down on your head and get tangled in your hair.Read Replies (0)
By EditorDavid from Slashdot's junk-food-science department
An anonymous Slashdot reader writes:
Where Twinkie once employed 22,000 workers in more than 40 bakeries, their workforce is now down to just 1,170, reports the Washington Post, relying mostly on robotic arms and other forms of automation. "This 500-person plant produces more than 1 million Twinkies a day, 400 million a year. That's 80% of Hostess' total output -- output that under the old regime required 14 plants and 9,000 employees."
"We like to think of ourselves as a billion-dollar startup," Hostess chief executive Bill Toler said Tuesday, announcing that Hostess Brands, which had twice filed for bankruptcy, now plans to become a publicly-listed company valued at $2.3 billion.Read Replies (0)
By EditorDavid from Slashdot's one-small-step department
An anonymous Slashdot reader writes:
"The code that took America to the moon was just published to GitHub, and it's like a 1960s time capsule," reports Quartz. Two lines of code include the comment "# TEMPORARY, I HOPE HOPE HOPE," and there's also a quote from Shakespeare's play Henry VI. In addition, the keyboard and display system program is named PINBALL_GAME_BUTTONS_AND_LIGHT, and "There's also code that appears to instruct an astronaut to 'crank the silly thing around.'"
A former NASA intern uploaded the thousands of lines of assembly code to GitHub, working from a 2003 transcription made from scans inherited by MIT from a Colorado airplane pilot, and developers are already using GitHub to submit funny issue tickets for the 40-year-old code -- for example, "Extension pack for picking up Matt Damon". Another issue complains that "A customer has had a fairly serious problem with stirring the cryogenic tanks with a circuit fault present." Because this issue succinctly describes the Apollo 13 mission in 1970, the issue has been marked "closed".Read Replies (0)
By EditorDavid from Slashdot's blinded-by-science department
Slashdot reader schwit1 quotes an article from Jeffrey Guhin, an assistant professor of sociology at UCLA:
Imagine a future society in which everything is perfectly logical. What could go wrong...? Last week, US astrophysicist Neil deGrasse Tyson offered up the perfect example of scientism when he proposed the country of Rationalia, in which "all policy shall be based on the weight of evidence". Tyson is a very smart man, but this is not a smart idea. It is even, we might say, unreasonable and without sufficient evidence... employing logic to consider the concept reveals that there could be no such thing...
First, experts usually don't know nearly as much as they think they do. They often get it wrong, thanks to their inherently irrational brains that -- through overconfidence, bubbles of like-minded thinkers, or just wanting to believe their vision of the world can be true -- mislead us and misinterpret information... And second, science has no business telling people how to live. It's striking how easily we forget the evil that following "science" can do. So many times throughout history, humans have thought they were behaving in logical and rational ways, only to realize that such acts have yielded morally heinous policies that were only enacted because reasonable people were swayed by "evidence".Read Replies (0)