By msmash from Slashdot's long-conversations department
Swapnil Bhartiya, who runs the blog TFIR, had a chance to interview Linus Torvalds at Open Source Summit in the second half of August this year. (Some context: The interview, which was published this week, took place before Mr. Torvalds said he needs to take a step back to reflect on how he has dealt with the community over the years. Since then, we have learned that Mr. Torvalds is returning to his position.) In the wide-ranging interview, Mr. Torvalds has touched a wide-range of subjects, including formulating workarounds for the problematic hardware bugs (Meltdown, Spectre), and Chromebooks gaining traction (though it is still not a machine that he could use for his work yet). He also talked about companies gleaning a lot of data about their users, regulations, (a tad bit of politics), Linux community. Greg Kroah-Hartman (aka Greg K-H) joined Mr. Bhartiya and Mr. Torvalds for the second half of the interview. On Sunday, Mr. Bhartiya published an additional interview of Mr. Kroah-Hartman.Read Replies (0)
By msmash from Slashdot's a-primer department
Earlier this week, The New York Times reported that the Russians and the Chinese were eavesdropping on President Donald Trump's personal cellphone and using the information gleaned to better influence his behavior. This should surprise no one, writes Bruce Schneier. From a story: Security experts have been talking about the potential security vulnerabilities in Trump's cellphone use since he became president. And President Barack Obama bristled at -- but acquiesced to -- the security rules prohibiting him from using a "regular" cellphone throughout his presidency. Three broader questions obviously emerge from the story. Who else is listening in on Trump's cellphone calls? What about the cellphones of other world leaders and senior government officials? And -- most personal of all -- what about my cellphone calls? There are two basic places to eavesdrop on pretty much any communications system: at the end points and during transmission. This means that a cellphone attacker can either compromise one of the two phones or eavesdrop on the cellular network. Both approaches have their benefits and drawbacks. The NSA seems to prefer bulk eavesdropping on the planet's major communications links and then picking out individuals of interest. In 2016, WikiLeaks published a series of classified documents listing "target selectors": phone numbers the NSA searches for and records. These included senior government officials of Germany -- among them Chancellor Angela Merkel -- France, Japan, and other countries. Other countries don't have the same worldwide reach that the NSA has, and must use other methods to intercept cellphone calls. We don't know details of which countries do what, but we know a lot about the vulnerabilities. Insecurities in the phone network itself are so easily exploited that 60 Minutes eavesdropped on a U.S. congressman's phone live on camera in 2016. Back in 2005, unknown attackers targeted the cellphones of many Greek politicians by hacking the country's phone network and turning on an already-installed eavesdropping capability. The NSA even implanted eavesdropping capabilities in networking equipment destined for the Syrian Telephone Company. Alternatively, an attacker could intercept the radio signals between a cellphone and a tower. Encryption ranges from very weak to possibly strong, depending on which flavor the system uses. Don't think the attacker has to put his eavesdropping antenna on the White House lawn; the Russian Embassy is close enough.Read Replies (0)
By EditorDavid from Slashdot's series-of-tubes department
"When visiting a series of eight primary school class rooms recently, CS professor Judy Robertson talked to children aged 5-12 about how computers work and discussed pictures they drew of what they thought is inside a computer," writes Slashdot reader theodp:
"In my view," Robertson writes, "computational thinking has abstracted us too far away from the heart of computation — the machine. The world would be a tedious place if we had to do all out computational thinking ourselves; that's why we invented computers in the first place. Yet, the new school curricula across the world have lost focus on hardware and how code executes on it."
She notes, "What the pictures, and subsequent classroom discussions told me is that the children know names of components within a computer, and possibly some isolated facts about them. None of the pictures showed accurately how the components work together to perform computation, although the children were ready and willing to reason about this with their classmates. Although some of the children had programmed in the visual programming language, none of them knew how the commands they wrote in Scratch would be executed in the hardware inside a computer. One boy, who had been learning about variables in Scratch the previous day wanted to know whether if he looked in his computer he would really see apps with boxes full of variables in them." Time to get the Walk-Through Computer (1990 video) out of mothballs?
"Many of the children knew the names of the components within a computer: a chip, memory, a disc, and they were often insistent that there should be a fan in there. They knew that there would be wires inside, and that it would need a battery to make it work...."
But one student confessed that while they knew that a computer was full of both devices and code, "I am not sure what it looked like so I just scribbled."Read Replies (0)
By EditorDavid from Slashdot's going-up department
Slashdot reader hackingbear quotes the NZ Herald: A research team from Tsinghua University in Beijing has developed a fibre they say is so strong it could even be used to build an elevator to space. They say just 1 cubic centimeter of the fibre — made from carbon nanotube — would not break under the weight of 160 elephants, or more than 800 tonnes. And that tiny piece of cable would weigh just 1.6 grams... The Chinese team has developed a new "ultralong" fibre from carbon nanotube that they say is stronger than anything seen before, patenting the technology and publishing part of their research in the journal Nature Nanotechnology earlier this year...
The space elevator idea has remained in the realm of sci-fi, physical and mathematical models because there has been no material strong enough to make the super-light, ultra-strong cables needed...
Now, the Tsinghua team, led by Wei Fei, a professor with the Department of Chemical Engineering, says their latest carbon nanotube fibre has tensile strength of 80 gigapascals [over ten times more than the 7 gigapascals strenth NASA estimated to be required for a space elevator]... Chinese and Russian space scientists, for instance, are working together to find a safe, effective way to lower a fine, feather-light cable from a high-altitude orbit to the ground.
Wei also said his team was trying to get the carbon nanotube fibre into mass production for use in defense -- or to create super fast flywheels in a mechanical battery, which would have 40 times the energy density of a lithium battery.Read Replies (0)
By EditorDavid from Slashdot's grounded-for-life department
The New York Times reports that in Silicon Valley, "a wariness that has been slowly brewing is turning into a regionwide consensus: The benefits of screens as a learning tool are overblown, and the risks for addiction and stunting development seem high." One Facebook engineer doesn't allow his own kids to have any screen time, according to this article shared by schwit1, and even Chris Anderson, the former editor of Wired, believes screen time is addictive for children.
"On the scale between candy and crack cocaine, it's closer to crack cocaine," Mr. Anderson said of screens. Technologists building these products and writers observing the tech revolution were naive, he said. "We thought we could control it. And this is beyond our power to control. This is going straight to the pleasure centers of the developing brain... I didn't know what we were doing to their brains until I started to observe the symptoms and the consequences... We glimpsed into the chasm of addiction, and there were some lost years, which we feel bad about...."
Tim Cook, the C.E.O. of Apple, said earlier this year that he would not let his nephew join social networks. Bill Gates banned cellphones until his children were teenagers, and Melinda Gates wrote that she wished they had waited even longer. Steve Jobs would not let his young children near iPads. But in the last year, a fleet of high-profile Silicon Valley defectors have been sounding alarms in increasingly dire terms about what these gadgets do to the human brain. Suddenly rank-and-file Silicon Valley workers are obsessed. No-tech homes are cropping up across the region. Nannies are being asked to sign no-phone contracts....
< article continued at Slashdot's grounded-for-life department
>Read Replies (0)
By EditorDavid from Slashdot's not-coming-along-and-sharing-the-software department
Richard Stallman recently gave a 9,000-word interview in which he first reminisces about his early days at MIT's AI Lab where he "found something worth being loyal to" -- and then assesses how things have played out.
Open source is an amoral, depoliticized substitute for the free-software movement... [I]t's not the name of a philosophy -- it refers to the software, but not to the users. You'll find lots of cautious, timid organizations that do things that are useful, but they don't dare say: users deserve freedom. Like Creative Commons, which does useful, practical work -- namely, preparing licences that respect the freedom to share. But Creative Commons doesn't say that users are entitled to the freedom to share; it doesn't say that it's wrong to deny people the freedom to share. It doesn't actively uphold that principle.
Of course, it's much easier to be a supporter of open source, because it doesn't commit you to anything. You could spend ten minutes a week doing things that help advance open source, or just say you're a supporter -- and you're not a hypocrite, because you can't violate your principles if you haven't stated any. What's significant is that, in their attempt to separate our software from our ideas, they've reduced our ability to win people over by showing what those ideas have achieved...
< article continued at Slashdot's not-coming-along-and-sharing-the-software department
>Read Replies (0)
By EditorDavid from Slashdot's love-it-or-list-it department
Tech cities and their high housing prices are apparently now driving up home prices in other states. An anonymous reader quotes Bloomberg:
For some Californians, the state's punishing housing costs, high taxes, and constant threat of natural disaster have all become too much... In the second quarter, only 26 percent of homebuyers in the state could afford to purchase a median-price single-family house, which was almost $600,000, according to the California Association of Realtors... They're making their escape to areas such as Boise, Phoenix, and Reno, Nevada, fueling some of the biggest home-price gains in the country... Almost 143,000 more people left the state than arrived from elsewhere in the U.S. in 2016....
Boise is becoming an alternative to traditional havens for Californians such as Portland and Seattle that have also gotten too pricey, says Glenn Kelman, chief executive officer of Redfin Inc., a national real estate brokerage that recently opened a Boise outpost. About 29 percent of the Idaho capital's home-listing views are from Californians, according to Realtor.com... In Nevada, where Californians make up the largest share of arrivals, prices jumped 13 percent in August, the biggest increase for any state, according to CoreLogic Inc. data. It was followed closely by Idaho, with a 12 percent gain...
[Boise]'s been particularly attractive to Californians, who accounted for 85 percent of net domestic immigration to Idaho, according to Realtor.com's analysis of 2016 Census data... The median existing-home price in Boise's home of Ada County was $299,950 last month -- up almost 18 percent from a year earlier, but still about half California's. The influx is great news for people who already own homes in the area, says Danielle Hale, chief economist for Realtor.com. "But if you're a local aspiring to homeownership, it feels very much that Californians are bringing high prices with them."Read Replies (0)
By EditorDavid from Slashdot's health-foods department
An anonymous reader quotes USA Today:
People who regularly eat organic food are less likely to develop cancer than those who don't, according to a new study out of France. A team of researchers studied 68,946 adult volunteers from France who provided information on how often they ate organic food, drinks and even dietary supplements. Participants were given a score, based on how often they eat organic food ranging from "most of the time" to "never" or "I don't know." During two follow-up appointments, one in 2009 and another in 2016, the researchers then tracked cancer diagnoses, the most prevalent being breast cancer. Other cancers observed included prostate cancer, skin cancer, colorectal cancer, non-Hodgkin lymphomas and lymphomas.
People who reported higher organic food scores were less likely to be diagnosed with cancer than the rest of the group. For example, those who consumed the most organic food were 25 percent less likely to have cancer, according to the research. That number grew to more than half when looking at cases of non-Hodgkin lymphoma.Read Replies (0)
By EditorDavid from Slashdot's speaking-of-infringements department
Adam Lackman ran TVAddons, a site hosting unofficial addons for Kodi media center. Last year, a legal team representing some of Canada's most powerful telecom and media companies raided his home with a court order -- they searched his apartment, copying hard drives and devices, took his laptop, and shut down his website and Twitter account [which had 100,000 followers]. Now, he's being sued for piracy and sinking deep into debt as he fights to make it to trial.
Lackman did not have to let anybody into his home that morning. But it presented a legal catch-22: if he hadn't, he would be in breach of a court order and could have been subjected to fines or imprisonment. "In high school you learn that if someone doesn't have a warrant, you don't let them into your house," Lackman told me. "I didn't know there was this whole other law where big companies can spend money [on lawyers] and do whatever they want"....
Shortly after the search, a federal judge ruled the search unlawful in a procedural hearing. The questioning was an "interrogation," the judge said, without the safeguards normally afforded to defendants, and presenting Lackman with a list of names to snitch on was "egregious." The plaintiffs also did not make a strong enough case that TVAddons was solely intended to enable piracy, the judge decided... The plaintiffs appealed this decision, and in February a panel of three judges -- this time in the federal court of appeals -- overturned the previous decision in its entirety. The search was lawful and conducted within legal parameters, the judges agreed. The list of names was only presented to Lackman to "expedite the questioning process," and "despite a few objectionable questions" the nine-hour question period was not an interrogation, the panel ruled....
< article continued at Slashdot's speaking-of-infringements department
>Read Replies (0)
By EditorDavid from Slashdot's init-to-win-it department
The Register reports that a new security bug in systemd "can be exploited over the network to, at best, potentially crash a vulnerable Linux machine, or, at worst, execute malicious code on the box" by a malicious host on the same network segment as the victim. According to one Red Hat security engineer, "An attacker could exploit this via malicious DHCP server to corrupt heap memory on client machines, resulting in a denial of service or potential code execution." According to the bug description, systemd-networkd "contains a DHCPv6 client which is written from scratch and can be spawned automatically on managed interfaces when IPv6 router advertisements are received."
OneHundredAndTen shared this article from the Register:
In addition to Ubuntu and Red Hat Enterprise Linux, systemd has been adopted as a service manager for Debian, Fedora, CoreOS, Mint, and SUSE Linux Enterprise Server. We're told RHEL 7, at least, does not use the vulnerable component by default.
Systemd creator Leonard Poettering has already published a security fix for the vulnerable component -- this should be weaving its way into distros as we type. If you run a systemd-based Linux system, and rely on systemd-networkd, update your operating system as soon as you can to pick up the fix when available and as necessary.Read Replies (0)
By EditorDavid from Slashdot's perilous-packages department
An anonymous reader writes:
A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code. The 12 packages used typo-squatting in the hopes a user would install them by accident or carelessness when doing a "pip install" operation for a mistyped more popular package, like Django (ex: diango). Eleven libraries would attempt to either collect data about each infected environment, obtain boot persistence, or even open a reverse shell on remote workstations. A twelfth package, named "colourama," was financially-motivated and hijacked an infected users' operating system clipboard, where it would scan every 500ms for a Bitcoin address-like string, which it would replace with the attacker's own Bitcoin address in an attempt to hijack Bitcoin payments/transfers made by an infected user.
54 users downloaded that package -- although all 12 malicious packages have since been taken down.
Four of the packages were misspellings of django -- diango, djago, dajngo, and djanga.Read Replies (0)
By EditorDavid from Slashdot's phoning-home department
"NASA's Hubble Space Telescope returned to normal operations late Friday, Oct. 26, and completed its first science observations on Saturday, Oct. 27 at 2:10 AM EDT," NASA reports.
The observations were of the distant, star-forming galaxy DSF2237B-1-IR and were taken in infrared wavelengths with the Wide Field Camera 3 instrument. The return to conducting science comes after successfully recovering a backup gyroscope, or gyro, that had replaced a failed gyro three weeks earlier. A gyro is a device that measures the speed at which the spacecraft is turning, which is necessary to help Hubble turn and lock on to new targets. One of Hubble's gyros failed on Oct. 5, and the spacecraft's operations team activated a backup gyro the next day. However, the backup incorrectly returned rotation rates that were far in excess of the actual rates.
Last week the operations team commanded Hubble to perform numerous maneuvers, or turns, and switched the gyro between different operational modes, which successfully cleared what was believed to be blockage between components inside the gyro that produced the excessively high rate values. Next, the team monitored and tested the gyro with additional maneuvers to make sure that the gyro was stable. The team then installed additional safeguards on the spacecraft in case the excessive rate values return, although this is not anticipated...
Hubble is now back in its normal science operations mode with three fully functional gyros. Originally required to last 15 years, Hubble has now been at the forefront of scientific discovery for more than 28 years. The team expects the telescope will continue to yield amazing discoveries well into the next decade, enabling it to work alongside the James Webb Space Telescope.Read Replies (0)
By EditorDavid from Slashdot's game-over department
An anonymous reader quotes NBC News:
The California man behind a years-long string of hoax 911 calls -- including one that ended in a Kansas man's death -- wants to plead guilty to all charges, court documents revealed. Tyler Rai Barriss, 25, intends to waive his right to trial and admit guilt to a 46-count federal indictment, according to a document he signed on Oct. 18 and was filed in U.S. District Court on Wednesday. Barriss faces up to life behind bars for his dozens of acts of "swatting" -- calling police to falsely report a serious crime, in hopes of drawing a massive response to the home of an unsuspecting target.... According to the court records, Barriss will admit to dozens of "swatting" incidents all over America between 2015 and the end of 2017, The false alarms connected to Barriss happened in Ohio, Nevada, Illinois, Indiana, Virginia, Texas, Arizona, Massachusetts, MIssouri, Maine, Pennsylvania, New Mexico, Indiana, Michigan, Florida, Connecticut and New York.
Barriss performed SWATs if clients sent him $10 over PayPal -- occasionally demanding "upwards of $50," according to a new (possibly pay-walled) article on Wired. A Call of Duty player hired Barriss to SWAT a teammate who'd caused them to lose a $1.50 wager, but his intended target supplied a false address across town which resulted in the fatal police shooting. Both gamers are now "awaiting trial on lesser charges," reports NBC.Read Replies (0)
By EditorDavid from Slashdot's survey-says department
Seattle's increase in the minimum wage "brought benefits to many workers employed at the time, while leaving few employed workers worse off," reports the New York Times -- citing a new study by the same researchers who'd claimed last year that workers were hurt by the wage increase.
"The dire warnings about minimum-wage increases keep proving to be wrong," argues a Bloomberg columnist, in an article shared by gollum123:
The authors behind an earlier study predicting a negative impact have all-but recanted their initial conclusions. However, the authors still seem perplexed about why they went awry in the first place.... The increase was an "economic death wish" that was going to tank the expansion and kill jobs, according to the sages at conservative think tanks... Despite their dire forecasts, not only were new restaurants not closing, they were in fact opening; employment in food services and drinking establishments has soared...
< article continued at Slashdot's survey-says department
>Read Replies (0)
By EditorDavid from Slashdot's oh-snap department
Canonical is applauding what it calls "exceptional adoption" of snaps -- and has shared some new statistics about its whole "Snappy" software deployment and package management system. Long-time Slashdot reader AmiMoJo shared this article from Neowin:
snaps are seeing 100,000 installs every day on cloud, server, container, desktop and on IoT devices, which works out to around three million installs each month. Of course, these statistics don't only take into account snap installs on Ubuntu, but other distributions too. Canonical said that snaps are supported on 41 Linux distributions including Ubuntu, Debian, Linux Mint, Arch Linux, Fedora, and many more...
Snap packages first launched alongside Ubuntu 16.04 which was released in 2016. They have several benefits over typical Linux packages, for example, their dependencies are bundled into the package making them easy to install, they get automatic updates and can be rolled back by the maintainer if issues arise, and they're sandboxed, giving the user more security.Read Replies (0)
By EditorDavid from Slashdot's US-CS-in-HS department
"In 2012, most CS teacher professional development was paid for by the National Science Foundation or Google." And in the years that followed, 80,000 primary and secondary school teachers received opportunities to learn how to teach computer science without paying any fees -- thanks to tech-bankrolled Code.org. But is anyone taking the classes? Slashdot reader theodp quotes a Communications of the ACM post by University of Michigan professor Mark Guzdial:
In 2013, Code.org began, and they changed the face of CS education in the United States. It started out as just a video (linked here, seen over 14 million times), and grew into an organization that created and provided curriculum, offered teacher professional development, and worked with states and districts around public policy initiatives. A recent report from Code.org showed that 44 states have enacted public policies to promote computing education in the five years from 2013 to 2018, and much of that happened through Code.org's influence....
Now, Code.org has announced that they are starting to scale back their funding, which begins a multi-year transition to shift the burden of paying for teacher professional development to the local regions.... The only question is whether it's too soon. Will local regions step up and demonstrate that they value computer science by paying for it...? I'd guess that many states have between 40% and 70% of their high schools now offering computer science. However, even though many schools offer computer science, there are still few students taking computer science.
Indiana reported that only 0.4% of Indiana high school students had enrolled in their most popular course. Meanwhile in one region in Texas, 54 of 159 high schools offer computer science, yet only 2.3% of their students have ever taken a computer science class. But of course, there's another issue.
< article continued at Slashdot's US-CS-in-HS department
>Read Replies (0)
By BeauHD from Slashdot's anxiously-awaiting department
Bloomberg highlights all the big announcements expected to be made next week at Apple's October hardware event, such as an iPad Pro with a USB-C port instead of a Lightning port, a MacBook Air successor, and a new Mac Mini. From the report: The update to the iPad Pro will be the most significant in the product's history. The device was originally launched in 2015 in part as a counter-measure to Microsoft's Surface Pro, which gained a following with business users seeking large tablets with support for attachable keyboards and styluses. The iPad Pro models, which have larger screens, better cameras, and faster processors, are more expensive, which has sustained revenue growth. [Some of the new features, according to people familiar with the plans, include a nearly edge-to-edge display with slimmer bezels, a USB-C connector, Face ID, Animojis, a faster processor (variant of the A12 Bionic chip), a custom Apple graphics chip, and an updated Apple Pencil.]
For the Mac, Apple is planning its first wide-ranging upgrades since June 2017. The MacBook Air and Mac mini, a small desktop machine without a screen, have gone several years without notable changes. This, combined with interest in larger smartphones and competing PCs, led Apple to report the fewest Mac sales since 2010 in its fiscal third quarter. [Apple is reportedly planning a new entry-level laptop to replace the aging MacBook Air. It's expected to have a higher-resolution 13-inch screen, as well as slimmer bezels around the display. The Mac mini will have new processors and features for professional users. Apple's also working on refreshed iMacs, iMac Pros, and 12-inch MacBooks with faster processors, and at least some of these updates could be ready for the October launch.] The event's theme is "making," and it will take place in New York City on Tuesday at 10:00am EST.Read Replies (0)